Commit 96b574df authored by Hai Dang's avatar Hai Dang Committed by Robbert

Make authoritative part of auth fractional

parent 2beed394
...@@ -112,6 +112,13 @@ Changes in Coq: ...@@ -112,6 +112,13 @@ Changes in Coq:
`(λ: x, e)` no longer add a `locked`. Instead, we made the `wp_` tactics `(λ: x, e)` no longer add a `locked`. Instead, we made the `wp_` tactics
smarter to no longer unfold lambdas/recs that occur behind definitions. smarter to no longer unfold lambdas/recs that occur behind definitions.
* Export the fact that `iPreProp` is a COFE. * Export the fact that `iPreProp` is a COFE.
* The CMRA `auth` now can have fractional authoritative parts. So now `auth` has
3 types of elements: the fractional authoritative `●{q} a`, the full
authoritative `● a ≡ ●{1} a`, and the non-authoritative `◯ a`. Updates are
only possible with the full authoritative element `● a`, while fractional
authoritative elements have agreement: `✓ (●{p} a ⋅ ●{q} b) ⇒ a ≡ b`. As a
consequence, `auth` is no longer a COFE and does not preserve Leibniz
equality.
## Iris 3.1.0 (released 2017-12-19) ## Iris 3.1.0 (released 2017-12-19)
......
...@@ -28,7 +28,8 @@ Proof. ...@@ -28,7 +28,8 @@ Proof.
(** Note that the projection [agree_car] is not non-expansive, so it cannot be (** Note that the projection [agree_car] is not non-expansive, so it cannot be
used in the logic. If you need to get a witness out, you should use the used in the logic. If you need to get a witness out, you should use the
lemma [to_agree_uninjN] instead. *) lemma [to_agree_uninjN] instead. In general, [agree_car] should ONLY be used
internally in this file. *)
Record agree (A : Type) : Type := { Record agree (A : Type) : Type := {
agree_car : list A; agree_car : list A;
agree_not_nil : bool_decide (agree_car = []) = false agree_not_nil : bool_decide (agree_car = []) = false
......
This diff is collapsed.
...@@ -2,6 +2,13 @@ From iris.algebra Require Export frac auth. ...@@ -2,6 +2,13 @@ From iris.algebra Require Export frac auth.
From iris.algebra Require Export updates local_updates. From iris.algebra Require Export updates local_updates.
From iris.algebra Require Import proofmode_classes. From iris.algebra Require Import proofmode_classes.
(** Authoritative CMRA where the NON-authoritative parts can be fractional.
This CMRA allows the original non-authoritative element `◯ a` to be split into
fractional parts `◯!{q} a`. Using `◯! a ≡ ◯!{1} a` is in effect the same as
using the original `◯ a`. Currently, however, this CMRA hides the ability to
split the authoritative part into fractions.
*)
Definition frac_authR (A : cmraT) : cmraT := Definition frac_authR (A : cmraT) : cmraT :=
authR (optionUR (prodR fracR A)). authR (optionUR (prodR fracR A)).
Definition frac_authUR (A : cmraT) : ucmraT := Definition frac_authUR (A : cmraT) : ucmraT :=
...@@ -35,18 +42,18 @@ Section frac_auth. ...@@ -35,18 +42,18 @@ Section frac_auth.
Proof. solve_proper. Qed. Proof. solve_proper. Qed.
Global Instance frac_auth_auth_discrete a : Discrete a Discrete (! a). Global Instance frac_auth_auth_discrete a : Discrete a Discrete (! a).
Proof. intros; apply Auth_discrete; apply _. Qed. Proof. intros; apply auth_auth_discrete; [apply Some_discrete|]; apply _. Qed.
Global Instance frac_auth_frag_discrete a : Discrete a Discrete (! a). Global Instance frac_auth_frag_discrete a : Discrete a Discrete (! a).
Proof. intros; apply Auth_discrete, Some_discrete; apply _. Qed. Proof. intros; apply auth_frag_discrete, Some_discrete; apply _. Qed.
Lemma frac_auth_validN n a : {n} a {n} (! a ! a). Lemma frac_auth_validN n a : {n} a {n} (! a ! a).
Proof. done. Qed. Proof. by rewrite auth_both_validN. Qed.
Lemma frac_auth_valid a : a (! a ! a). Lemma frac_auth_valid a : a (! a ! a).
Proof. done. Qed. Proof. intros. by apply auth_both_valid. Qed.
Lemma frac_auth_agreeN n a b : {n} (! a ! b) a {n} b. Lemma frac_auth_agreeN n a b : {n} (! a ! b) a {n} b.
Proof. Proof.
rewrite auth_validN_eq /= => -[Hincl Hvalid]. rewrite auth_both_validN /= => -[Hincl Hvalid].
by move: Hincl=> /Some_includedN_exclusive /(_ Hvalid ) [??]. by move: Hincl=> /Some_includedN_exclusive /(_ Hvalid ) [??].
Qed. Qed.
Lemma frac_auth_agree a b : (! a ! b) a b. Lemma frac_auth_agree a b : (! a ! b) a b.
...@@ -57,10 +64,10 @@ Section frac_auth. ...@@ -57,10 +64,10 @@ Section frac_auth.
Proof. intros. by apply leibniz_equiv, frac_auth_agree. Qed. Proof. intros. by apply leibniz_equiv, frac_auth_agree. Qed.
Lemma frac_auth_includedN n q a b : {n} (! a !{q} b) Some b {n} Some a. Lemma frac_auth_includedN n q a b : {n} (! a !{q} b) Some b {n} Some a.
Proof. by rewrite auth_validN_eq /= => -[/Some_pair_includedN [_ ?] _]. Qed. Proof. by rewrite auth_both_validN /= => -[/Some_pair_includedN [_ ?] _]. Qed.
Lemma frac_auth_included `{CmraDiscrete A} q a b : Lemma frac_auth_included `{CmraDiscrete A} q a b :
(! a !{q} b) Some b Some a. (! a !{q} b) Some b Some a.
Proof. by rewrite auth_valid_discrete /= => -[/Some_pair_included [_ ?] _]. Qed. Proof. by rewrite auth_valid_discrete_2 /= => -[/Some_pair_included [_ ?] _]. Qed.
Lemma frac_auth_includedN_total `{CmraTotal A} n q a b : Lemma frac_auth_includedN_total `{CmraTotal A} n q a b :
{n} (! a !{q} b) b {n} a. {n} (! a !{q} b) b {n} a.
Proof. intros. by eapply Some_includedN_total, frac_auth_includedN. Qed. Proof. intros. by eapply Some_includedN_total, frac_auth_includedN. Qed.
...@@ -70,8 +77,8 @@ Section frac_auth. ...@@ -70,8 +77,8 @@ Section frac_auth.
Lemma frac_auth_auth_validN n a : {n} (! a) {n} a. Lemma frac_auth_auth_validN n a : {n} (! a) {n} a.
Proof. Proof.
split; [by intros [_ [??]]|]. rewrite auth_auth_frac_validN Some_validN. split.
by repeat split; simpl; auto using ucmra_unit_leastN. by intros [?[]]. intros. by split.
Qed. Qed.
Lemma frac_auth_auth_valid a : (! a) a. Lemma frac_auth_auth_valid a : (! a) a.
Proof. rewrite !cmra_valid_validN. by setoid_rewrite frac_auth_auth_validN. Qed. Proof. rewrite !cmra_valid_validN. by setoid_rewrite frac_auth_auth_validN. Qed.
......
...@@ -94,7 +94,7 @@ Section auth. ...@@ -94,7 +94,7 @@ Section auth.
Lemma auth_own_mono γ a b : a b auth_own γ b auth_own γ a. Lemma auth_own_mono γ a b : a b auth_own γ b auth_own γ a.
Proof. intros [? ->]. by rewrite auth_own_op sep_elim_l. Qed. Proof. intros [? ->]. by rewrite auth_own_op sep_elim_l. Qed.
Lemma auth_own_valid γ a : auth_own γ a a. Lemma auth_own_valid γ a : auth_own γ a a.
Proof. by rewrite /auth_own own_valid auth_validI. Qed. Proof. by rewrite /auth_own own_valid auth_frag_validI. Qed.
Global Instance auth_own_sep_homomorphism γ : Global Instance auth_own_sep_homomorphism γ :
WeakMonoidHomomorphism op uPred_sep () (auth_own γ). WeakMonoidHomomorphism op uPred_sep () (auth_own γ).
Proof. split; try apply _. apply auth_own_op. Qed. Proof. split; try apply _. apply auth_own_op. Qed.
...@@ -107,8 +107,8 @@ Section auth. ...@@ -107,8 +107,8 @@ Section auth.
(f t) φ t ={E}= γ, I γ⌝ auth_ctx γ N f φ auth_own γ (f t). (f t) φ t ={E}= γ, I γ⌝ auth_ctx γ N f φ auth_own γ (f t).
Proof. Proof.
iIntros (??) "Hφ". rewrite /auth_own /auth_ctx. iIntros (??) "Hφ". rewrite /auth_own /auth_ctx.
iMod (own_alloc_strong (Auth (Excl' (f t)) (f t)) I) as (γ) "[% Hγ]"; [done|done|]. iMod (own_alloc_strong ( f t f t) I) as (γ) "[% [Hγ Hγ']]";
iRevert "Hγ"; rewrite auth_both_op; iIntros "[Hγ Hγ']". [done|by apply auth_valid_discrete_2|].
iMod (inv_alloc N _ (auth_inv γ f φ) with "[-Hγ']") as "#?". iMod (inv_alloc N _ (auth_inv γ f φ) with "[-Hγ']") as "#?".
{ iNext. rewrite /auth_inv. iExists t. by iFrame. } { iNext. rewrite /auth_inv. iExists t. by iFrame. }
eauto. eauto.
......
From iris.base_logic.lib Require Export invariants. From iris.base_logic.lib Require Export invariants.
From iris.algebra Require Import auth gmap agree. From iris.algebra Require Import excl auth gmap agree.
From iris.proofmode Require Import tactics. From iris.proofmode Require Import tactics.
Set Default Proof Using "Type". Set Default Proof Using "Type".
Import uPred. Import uPred.
...@@ -78,7 +78,7 @@ Lemma box_own_auth_agree γ b1 b2 : ...@@ -78,7 +78,7 @@ Lemma box_own_auth_agree γ b1 b2 :
box_own_auth γ ( Excl' b1) box_own_auth γ ( Excl' b2) b1 = b2. box_own_auth γ ( Excl' b1) box_own_auth γ ( Excl' b2) b1 = b2.
Proof. Proof.
rewrite /box_own_prop -own_op own_valid prod_validI /= and_elim_l. rewrite /box_own_prop -own_op own_valid prod_validI /= and_elim_l.
by iDestruct 1 as % [[[] [=]%leibniz_equiv] ?]%auth_valid_discrete. by iDestruct 1 as % [[[] [=]%leibniz_equiv] ?]%auth_valid_discrete_2.
Qed. Qed.
Lemma box_own_auth_update γ b1 b2 b3 : Lemma box_own_auth_update γ b1 b2 b3 :
...@@ -110,7 +110,7 @@ Proof. ...@@ -110,7 +110,7 @@ Proof.
iDestruct 1 as (Φ) "[#HeqP Hf]". iDestruct 1 as (Φ) "[#HeqP Hf]".
iMod (own_alloc_cofinite ( Excl' false Excl' false, iMod (own_alloc_cofinite ( Excl' false Excl' false,
Some (to_agree (Next (iProp_unfold Q)))) (dom _ f)) Some (to_agree (Next (iProp_unfold Q)))) (dom _ f))
as (γ) "[Hdom Hγ]"; first done. as (γ) "[Hdom Hγ]"; first by (split; [apply auth_valid_discrete_2|]).
rewrite pair_split. iDestruct "Hγ" as "[[Hγ Hγ'] #HγQ]". rewrite pair_split. iDestruct "Hγ" as "[[Hγ Hγ'] #HγQ]".
iDestruct "Hdom" as % ?%not_elem_of_dom. iDestruct "Hdom" as % ?%not_elem_of_dom.
iMod (inv_alloc N _ (slice_inv γ Q) with "[Hγ]") as "#Hinv". iMod (inv_alloc N _ (slice_inv γ Q) with "[Hγ]") as "#Hinv".
......
...@@ -76,7 +76,7 @@ Lemma gen_heap_init `{Countable L, !gen_heapPreG L V Σ} σ : ...@@ -76,7 +76,7 @@ Lemma gen_heap_init `{Countable L, !gen_heapPreG L V Σ} σ :
(|==> _ : gen_heapG L V Σ, gen_heap_ctx σ)%I. (|==> _ : gen_heapG L V Σ, gen_heap_ctx σ)%I.
Proof. Proof.
iMod (own_alloc ( to_gen_heap σ)) as (γ) "Hh". iMod (own_alloc ( to_gen_heap σ)) as (γ) "Hh".
{ apply: auth_auth_valid. exact: to_gen_heap_valid. } { rewrite -auth_auth_valid. exact: to_gen_heap_valid. }
iModIntro. by iExists (GenHeapG L V Σ _ _ _ γ). iModIntro. by iExists (GenHeapG L V Σ _ _ _ γ).
Qed. Qed.
...@@ -105,7 +105,7 @@ Section gen_heap. ...@@ -105,7 +105,7 @@ Section gen_heap.
Proof. Proof.
apply wand_intro_r. apply wand_intro_r.
rewrite mapsto_eq /mapsto_def -own_op -auth_frag_op own_valid discrete_valid. rewrite mapsto_eq /mapsto_def -own_op -auth_frag_op own_valid discrete_valid.
f_equiv=> /auth_own_valid /=. rewrite op_singleton singleton_valid pair_op. f_equiv. rewrite -auth_frag_valid op_singleton singleton_valid pair_op.
by intros [_ ?%agree_op_invL']. by intros [_ ?%agree_op_invL'].
Qed. Qed.
...@@ -122,8 +122,8 @@ Section gen_heap. ...@@ -122,8 +122,8 @@ Section gen_heap.
Lemma mapsto_valid l q v : l {q} v - q. Lemma mapsto_valid l q v : l {q} v - q.
Proof. Proof.
rewrite mapsto_eq /mapsto_def own_valid !discrete_valid. rewrite mapsto_eq /mapsto_def own_valid !discrete_valid -auth_frag_valid.
by apply pure_mono=> /auth_own_valid /singleton_valid [??]. by apply pure_mono=> /singleton_valid [??].
Qed. Qed.
Lemma mapsto_valid_2 l q1 q2 v1 v2 : l {q1} v1 - l {q2} v2 - (q1 + q2)%Qp. Lemma mapsto_valid_2 l q1 q2 v1 v2 : l {q1} v1 - l {q2} v2 - (q1 + q2)%Qp.
Proof. Proof.
......
From iris.algebra Require Import auth list gmap. From iris.algebra Require Import auth excl list gmap.
From iris.base_logic.lib Require Export own. From iris.base_logic.lib Require Export own.
From iris.proofmode Require Import tactics. From iris.proofmode Require Import tactics.
Set Default Proof Using "Type". Set Default Proof Using "Type".
...@@ -111,7 +111,7 @@ Lemma proph_map_init `{Countable P, !proph_mapPreG P V PVS} pvs ps : ...@@ -111,7 +111,7 @@ Lemma proph_map_init `{Countable P, !proph_mapPreG P V PVS} pvs ps :
(|==> _ : proph_mapG P V PVS, proph_map_ctx pvs ps)%I. (|==> _ : proph_mapG P V PVS, proph_map_ctx pvs ps)%I.
Proof. Proof.
iMod (own_alloc ( to_proph_map )) as (γ) "Hh". iMod (own_alloc ( to_proph_map )) as (γ) "Hh".
{ apply: auth_auth_valid. exact: to_proph_map_valid. } { rewrite -auth_auth_valid. exact: to_proph_map_valid. }
iModIntro. iExists (ProphMapG P V PVS _ _ _ γ), . iSplit; last by iFrame. iModIntro. iExists (ProphMapG P V PVS _ _ _ γ), . iSplit; last by iFrame.
iPureIntro. split =>//. iPureIntro. split =>//.
Qed. Qed.
......
...@@ -110,10 +110,10 @@ Lemma invariant_lookup (I : gmap positive (iProp Σ)) i P : ...@@ -110,10 +110,10 @@ Lemma invariant_lookup (I : gmap positive (iProp Σ)) i P :
own invariant_name ( {[i := invariant_unfold P]}) own invariant_name ( {[i := invariant_unfold P]})
Q, I !! i = Some Q (Q P). Q, I !! i = Some Q (Q P).
Proof. Proof.
rewrite -own_op own_valid auth_validI /=. iIntros "[#HI #HvI]". rewrite -own_op own_valid auth_both_validI /=. iIntros "[_ [#HI #HvI]]".
iDestruct "HI" as (I') "HI". rewrite gmap_equivI gmap_validI. iDestruct "HI" as (I') "HI". rewrite gmap_equivI gmap_validI.
iSpecialize ("HI" $! i). iSpecialize ("HvI" $! i). iSpecialize ("HI" $! i). iSpecialize ("HvI" $! i).
rewrite left_id_L lookup_fmap lookup_op lookup_singleton bi.option_equivI. rewrite lookup_fmap lookup_op lookup_singleton bi.option_equivI.
case: (I !! i)=> [Q|] /=; [|case: (I' !! i)=> [Q'|] /=; by iExFalso]. case: (I !! i)=> [Q|] /=; [|case: (I' !! i)=> [Q'|] /=; by iExFalso].
iExists Q; iSplit; first done. iExists Q; iSplit; first done.
iAssert (invariant_unfold Q invariant_unfold P)%I as "?". iAssert (invariant_unfold Q invariant_unfold P)%I as "?".
...@@ -197,7 +197,8 @@ End wsat. ...@@ -197,7 +197,8 @@ End wsat.
Lemma wsat_alloc `{!invPreG Σ} : (|==> _ : invG Σ, wsat ownE )%I. Lemma wsat_alloc `{!invPreG Σ} : (|==> _ : invG Σ, wsat ownE )%I.
Proof. Proof.
iIntros. iIntros.
iMod (own_alloc ( ( : gmap _ _))) as (γI) "HI"; first done. iMod (own_alloc ( ( : gmap positive _))) as (γI) "HI";
first by rewrite -auth_auth_valid.
iMod (own_alloc (CoPset )) as (γE) "HE"; first done. iMod (own_alloc (CoPset )) as (γE) "HE"; first done.
iMod (own_alloc (GSet )) as (γD) "HD"; first done. iMod (own_alloc (GSet )) as (γD) "HD"; first done.
iModIntro; iExists (WsatG _ _ _ _ γI γE γD). iModIntro; iExists (WsatG _ _ _ _ γI γE γD).
......
...@@ -36,7 +36,8 @@ Section mono_proof. ...@@ -36,7 +36,8 @@ Section mono_proof.
{{{ True }}} newcounter #() {{{ l, RET #l; mcounter l 0 }}}. {{{ True }}} newcounter #() {{{ l, RET #l; mcounter l 0 }}}.
Proof. Proof.
iIntros (Φ) "_ HΦ". rewrite -wp_fupd /newcounter /=. wp_lam. wp_alloc l as "Hl". iIntros (Φ) "_ HΦ". rewrite -wp_fupd /newcounter /=. wp_lam. wp_alloc l as "Hl".
iMod (own_alloc ( (O:mnat) (O:mnat))) as (γ) "[Hγ Hγ']"; first done. iMod (own_alloc ( (O:mnat) (O:mnat))) as (γ) "[Hγ Hγ']";
first by apply auth_valid_discrete_2.
iMod (inv_alloc N _ (mcounter_inv γ l) with "[Hl Hγ]"). iMod (inv_alloc N _ (mcounter_inv γ l) with "[Hl Hγ]").
{ iNext. iExists 0%nat. by iFrame. } { iNext. iExists 0%nat. by iFrame. }
iModIntro. iApply "HΦ". rewrite /mcounter; eauto 10. iModIntro. iApply "HΦ". rewrite /mcounter; eauto 10.
...@@ -113,7 +114,8 @@ Section contrib_spec. ...@@ -113,7 +114,8 @@ Section contrib_spec.
{{{ γ l, RET #l; ccounter_ctx γ l ccounter γ 1 0 }}}. {{{ γ l, RET #l; ccounter_ctx γ l ccounter γ 1 0 }}}.
Proof. Proof.
iIntros (Φ) "_ HΦ". rewrite -wp_fupd /newcounter /=. wp_lam. wp_alloc l as "Hl". iIntros (Φ) "_ HΦ". rewrite -wp_fupd /newcounter /=. wp_lam. wp_alloc l as "Hl".
iMod (own_alloc (! O%nat ! 0%nat)) as (γ) "[Hγ Hγ']"; first done. iMod (own_alloc (! O%nat ! 0%nat)) as (γ) "[Hγ Hγ']";
first by apply auth_valid_discrete_2.
iMod (inv_alloc N _ (ccounter_inv γ l) with "[Hl Hγ]"). iMod (inv_alloc N _ (ccounter_inv γ l) with "[Hl Hγ]").
{ iNext. iExists 0%nat. by iFrame. } { iNext. iExists 0%nat. by iFrame. }
iModIntro. iApply "HΦ". rewrite /ccounter_ctx /ccounter; eauto 10. iModIntro. iApply "HΦ". rewrite /ccounter_ctx /ccounter; eauto 10.
......
...@@ -2,7 +2,7 @@ From iris.program_logic Require Export weakestpre. ...@@ -2,7 +2,7 @@ From iris.program_logic Require Export weakestpre.
From iris.heap_lang Require Export lang. From iris.heap_lang Require Export lang.
From iris.proofmode Require Import tactics. From iris.proofmode Require Import tactics.
From iris.heap_lang Require Import proofmode notation. From iris.heap_lang Require Import proofmode notation.
From iris.algebra Require Import auth gset. From iris.algebra Require Import excl auth gset.
From iris.heap_lang.lib Require Export lock. From iris.heap_lang.lib Require Export lock.
Set Default Proof Using "Type". Set Default Proof Using "Type".
Import uPred. Import uPred.
...@@ -76,7 +76,7 @@ Section proof. ...@@ -76,7 +76,7 @@ Section proof.
iIntros (Φ) "HR HΦ". rewrite -wp_fupd. wp_lam. iIntros (Φ) "HR HΦ". rewrite -wp_fupd. wp_lam.
wp_alloc ln as "Hln". wp_alloc lo as "Hlo". wp_alloc ln as "Hln". wp_alloc lo as "Hlo".
iMod (own_alloc ( (Excl' 0%nat, GSet ) (Excl' 0%nat, GSet ))) as (γ) "[Hγ Hγ']". iMod (own_alloc ( (Excl' 0%nat, GSet ) (Excl' 0%nat, GSet ))) as (γ) "[Hγ Hγ']".
{ by rewrite -auth_both_op. } { by apply auth_valid_discrete_2. }
iMod (inv_alloc _ _ (lock_inv γ lo ln R) with "[-HΦ]"). iMod (inv_alloc _ _ (lock_inv γ lo ln R) with "[-HΦ]").
{ iNext. rewrite /lock_inv. { iNext. rewrite /lock_inv.
iExists 0%nat, 0%nat. iFrame. iLeft. by iFrame. } iExists 0%nat, 0%nat. iFrame. iLeft. by iFrame. }
......
From iris.program_logic Require Export weakestpre. From iris.program_logic Require Export weakestpre.
From iris.program_logic Require Import lifting adequacy. From iris.program_logic Require Import lifting adequacy.
From iris.program_logic Require ectx_language. From iris.program_logic Require ectx_language.
From iris.algebra Require Import auth. From iris.algebra Require Import excl auth.
From iris.proofmode Require Import tactics classes. From iris.proofmode Require Import tactics classes.
Set Default Proof Using "Type". Set Default Proof Using "Type".
...@@ -53,7 +53,8 @@ Theorem ownP_adequacy Σ `{!ownPPreG Λ Σ} s e σ φ : ...@@ -53,7 +53,8 @@ Theorem ownP_adequacy Σ `{!ownPPreG Λ Σ} s e σ φ :
Proof. Proof.
intros Hwp. apply (wp_adequacy Σ _). intros Hwp. apply (wp_adequacy Σ _).
iIntros (? κs). iIntros (? κs).
iMod (own_alloc ( (Excl' σ) (Excl' σ))) as (γσ) "[Hσ Hσf]"; first done. iMod (own_alloc ( (Excl' σ) (Excl' σ))) as (γσ) "[Hσ Hσf]";
first by apply auth_valid_discrete_2.
iModIntro. iExists (λ σ κs, own γσ ( (Excl' σ)))%I. iModIntro. iExists (λ σ κs, own γσ ( (Excl' σ)))%I.
iFrame "Hσ". iFrame "Hσ".
iApply (Hwp (OwnPG _ _ _ _ γσ)). rewrite /ownP. iFrame. iApply (Hwp (OwnPG _ _ _ _ γσ)). rewrite /ownP. iFrame.
...@@ -68,7 +69,8 @@ Theorem ownP_invariance Σ `{!ownPPreG Λ Σ} s e σ1 t2 σ2 φ : ...@@ -68,7 +69,8 @@ Theorem ownP_invariance Σ `{!ownPPreG Λ Σ} s e σ1 t2 σ2 φ :
Proof. Proof.
intros Hwp Hsteps. eapply (wp_invariance Σ Λ s e σ1 t2 σ2 _)=> //. intros Hwp Hsteps. eapply (wp_invariance Σ Λ s e σ1 t2 σ2 _)=> //.
iIntros (? κs κs'). iIntros (? κs κs').
iMod (own_alloc ( (Excl' σ1) (Excl' σ1))) as (γσ) "[Hσ Hσf]"; first done. iMod (own_alloc ( (Excl' σ1) (Excl' σ1))) as (γσ) "[Hσ Hσf]";
first by apply auth_valid_discrete_2.
iExists (λ σ κs' _, own γσ ( (Excl' σ)))%I, (λ _, True%I). iExists (λ σ κs' _, own γσ ( (Excl' σ)))%I, (λ _, True%I).
iFrame "Hσ". iFrame "Hσ".
iMod (Hwp (OwnPG _ _ _ _ γσ) with "[Hσf]") as "[$ H]"; iMod (Hwp (OwnPG _ _ _ _ γσ) with "[Hσf]") as "[$ H]";
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment