Robbert Krebbers committed Jun 16, 2016 1 2 3 ``````From iris.algebra Require Export cmra. (** * Local updates *) `````` Robbert Krebbers committed Jun 16, 2016 4 5 6 7 ``````Record local_update {A : cmraT} (mz : option A) (x y : A) := { local_update_valid n : ✓{n} (x ⋅? mz) → ✓{n} (y ⋅? mz); local_update_go n mz' : ✓{n} (x ⋅? mz) → x ⋅? mz ≡{n}≡ x ⋅? mz' → y ⋅? mz ≡{n}≡ y ⋅? mz' `````` Robbert Krebbers committed Jun 16, 2016 8 ``````}. `````` Robbert Krebbers committed Jun 16, 2016 9 10 ``````Notation "x ~l~> y @ mz" := (local_update mz x y) (at level 70). Instance: Params (@local_update) 1. `````` Robbert Krebbers committed Jun 16, 2016 11 12 `````` (** * Frame preserving updates *) `````` Ralf Jung committed Jun 23, 2016 13 14 15 16 ``````(* This quantifies over [option A] for the frame. That is necessary to make the following hold: x ~~> P → Some c ~~> Some P *) `````` Robbert Krebbers committed Jun 16, 2016 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 ``````Definition cmra_updateP {A : cmraT} (x : A) (P : A → Prop) := ∀ n mz, ✓{n} (x ⋅? mz) → ∃ y, P y ∧ ✓{n} (y ⋅? mz). Instance: Params (@cmra_updateP) 1. Infix "~~>:" := cmra_updateP (at level 70). Definition cmra_update {A : cmraT} (x y : A) := ∀ n mz, ✓{n} (x ⋅? mz) → ✓{n} (y ⋅? mz). Infix "~~>" := cmra_update (at level 70). Instance: Params (@cmra_update) 1. (** ** CMRAs *) Section cmra. Context {A : cmraT}. Implicit Types x y : A. `````` Robbert Krebbers committed Jun 16, 2016 32 33 34 35 36 37 38 ``````Global Instance local_update_proper : Proper ((≡) ==> (≡) ==> (≡) ==> iff) (@local_update A). Proof. cut (Proper ((≡) ==> (≡) ==> (≡) ==> impl) (@local_update A)). { intros Hproper; split; by apply Hproper. } intros mz mz' Hmz x x' Hx y y' Hy [Hv Hup]; constructor; setoid_subst; auto. Qed. `````` Robbert Krebbers committed Jun 16, 2016 39 40 41 42 43 44 45 46 47 48 49 50 51 ``````Global Instance cmra_updateP_proper : Proper ((≡) ==> pointwise_relation _ iff ==> iff) (@cmra_updateP A). Proof. rewrite /pointwise_relation /cmra_updateP=> x x' Hx P P' HP; split=> ? n mz; setoid_subst; naive_solver. Qed. Global Instance cmra_update_proper : Proper ((≡) ==> (≡) ==> iff) (@cmra_update A). Proof. rewrite /cmra_update=> x x' Hx y y' Hy; split=> ? n mz ?; setoid_subst; auto. Qed. (** ** Local updates *) `````` Robbert Krebbers committed Jun 16, 2016 52 ``````Global Instance local_update_preorder mz : PreOrder (@local_update A mz). `````` Robbert Krebbers committed Jun 16, 2016 53 ``````Proof. `````` Robbert Krebbers committed Jun 16, 2016 54 55 56 `````` split. - intros x; by split. - intros x1 x2 x3 [??] [??]; split; eauto. `````` Robbert Krebbers committed Jun 16, 2016 57 58 ``````Qed. `````` Robbert Krebbers committed Jun 16, 2016 59 60 61 62 63 64 65 ``````Lemma exclusive_local_update `{!Exclusive x} y mz : ✓ y → x ~l~> y @ mz. Proof. split; intros n. - move=> /exclusiveN_opM ->. by apply cmra_valid_validN. - intros mz' ? Hmz. by rewrite (exclusiveN_opM n x mz) // (exclusiveN_opM n x mz') -?Hmz. Qed. `````` Robbert Krebbers committed Jun 16, 2016 66 `````` `````` Robbert Krebbers committed Jun 16, 2016 67 68 69 70 71 72 73 ``````Lemma op_local_update x1 x2 y mz : x1 ~l~> x2 @ Some (y ⋅? mz) → x1 ⋅ y ~l~> x2 ⋅ y @ mz. Proof. intros [Hv1 H1]; split. - intros n. rewrite !cmra_opM_assoc. move=> /Hv1 /=; auto. - intros n mz'. rewrite !cmra_opM_assoc. move=> Hv /(H1 _ (Some _) Hv) /=; auto. Qed. `````` Robbert Krebbers committed Jun 16, 2016 74 `````` `````` Robbert Krebbers committed Jun 17, 2016 75 76 ``````Lemma alloc_local_update x y mz : (∀ n, ✓{n} (x ⋅? mz) → ✓{n} (x ⋅ y ⋅? mz)) → x ~l~> x ⋅ y @ mz. `````` Robbert Krebbers committed Jun 16, 2016 77 ``````Proof. `````` Robbert Krebbers committed Jun 17, 2016 78 79 `````` split; first done. intros n mz' _. by rewrite !(comm _ x) !cmra_opM_assoc=> ->. `````` Robbert Krebbers committed Jun 16, 2016 80 ``````Qed. `````` Robbert Krebbers committed Jun 16, 2016 81 `````` `````` Robbert Krebbers committed Jul 23, 2016 82 83 84 85 86 87 88 89 90 91 92 93 94 ``````(** ** Local updates for discrete CMRAs *) Lemma local_update_total `{CMRADiscrete A} x y mz : x ~l~> y @ mz ↔ (✓ (x ⋅? mz) → ✓ (y ⋅? mz)) ∧ (∀ mz', ✓ (x ⋅? mz) → x ⋅? mz ≡ x ⋅? mz' → y ⋅? mz ≡ y ⋅? mz'). Proof. split. - destruct 1. split; intros until 0; rewrite !(cmra_discrete_valid_iff 0) ?(timeless_iff 0); auto. - intros [??]; split; intros until 0; rewrite -!cmra_discrete_valid_iff -?timeless_iff; auto. Qed. `````` Robbert Krebbers committed Jun 16, 2016 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 ``````(** ** Frame preserving updates *) Lemma cmra_update_updateP x y : x ~~> y ↔ x ~~>: (y =). Proof. split=> Hup n z ?; eauto. destruct (Hup n z) as (?&<-&?); auto. Qed. Lemma cmra_updateP_id (P : A → Prop) x : P x → x ~~>: P. Proof. intros ? n mz ?; eauto. Qed. Lemma cmra_updateP_compose (P Q : A → Prop) x : x ~~>: P → (∀ y, P y → y ~~>: Q) → x ~~>: Q. Proof. intros Hx Hy n mz ?. destruct (Hx n mz) as (y&?&?); naive_solver. Qed. Lemma cmra_updateP_compose_l (Q : A → Prop) x y : x ~~> y → y ~~>: Q → x ~~>: Q. Proof. rewrite cmra_update_updateP. intros; apply cmra_updateP_compose with (y =); naive_solver. Qed. Lemma cmra_updateP_weaken (P Q : A → Prop) x : x ~~>: P → (∀ y, P y → Q y) → x ~~>: Q. Proof. eauto using cmra_updateP_compose, cmra_updateP_id. Qed. Global Instance cmra_update_preorder : PreOrder (@cmra_update A). Proof. split. - intros x. by apply cmra_update_updateP, cmra_updateP_id. - intros x y z. rewrite !cmra_update_updateP. eauto using cmra_updateP_compose with subst. Qed. Lemma cmra_update_exclusive `{!Exclusive x} y: ✓ y → x ~~> y. `````` Robbert Krebbers committed Jun 16, 2016 120 ``````Proof. move=>??[z|]=>[/exclusiveN_l[]|_]. by apply cmra_valid_validN. Qed. `````` Robbert Krebbers committed Jun 16, 2016 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 `````` Lemma cmra_updateP_op (P1 P2 Q : A → Prop) x1 x2 : x1 ~~>: P1 → x2 ~~>: P2 → (∀ y1 y2, P1 y1 → P2 y2 → Q (y1 ⋅ y2)) → x1 ⋅ x2 ~~>: Q. Proof. intros Hx1 Hx2 Hy n mz ?. destruct (Hx1 n (Some (x2 ⋅? mz))) as (y1&?&?). { by rewrite /= -cmra_opM_assoc. } destruct (Hx2 n (Some (y1 ⋅? mz))) as (y2&?&?). { by rewrite /= -cmra_opM_assoc (comm _ x2) cmra_opM_assoc. } exists (y1 ⋅ y2); split; last rewrite (comm _ y1) cmra_opM_assoc; auto. Qed. Lemma cmra_updateP_op' (P1 P2 : A → Prop) x1 x2 : x1 ~~>: P1 → x2 ~~>: P2 → x1 ⋅ x2 ~~>: λ y, ∃ y1 y2, y = y1 ⋅ y2 ∧ P1 y1 ∧ P2 y2. Proof. eauto 10 using cmra_updateP_op. Qed. Lemma cmra_update_op x1 x2 y1 y2 : x1 ~~> y1 → x2 ~~> y2 → x1 ⋅ x2 ~~> y1 ⋅ y2. Proof. rewrite !cmra_update_updateP; eauto using cmra_updateP_op with congruence. Qed. `````` 141 142 143 144 145 146 147 ``````Lemma cmra_update_valid0 x y : (✓{0} x → x ~~> y) → x ~~> y. Proof. intros H n mz Hmz. apply H, Hmz. apply (cmra_validN_le n); last lia. destruct mz. eapply cmra_validN_op_l, Hmz. apply Hmz. Qed. `````` Robbert Krebbers committed Jun 16, 2016 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 `````` (** ** Frame preserving updates for total CMRAs *) Section total_updates. Context `{CMRATotal A}. Lemma cmra_total_updateP x (P : A → Prop) : x ~~>: P ↔ ∀ n z, ✓{n} (x ⋅ z) → ∃ y, P y ∧ ✓{n} (y ⋅ z). Proof. split=> Hup; [intros n z; apply (Hup n (Some z))|]. intros n [z|] ?; simpl; [by apply Hup|]. destruct (Hup n (core x)) as (y&?&?); first by rewrite cmra_core_r. eauto using cmra_validN_op_l. Qed. Lemma cmra_total_update x y : x ~~> y ↔ ∀ n z, ✓{n} (x ⋅ z) → ✓{n} (y ⋅ z). Proof. rewrite cmra_update_updateP cmra_total_updateP. naive_solver. Qed. Context `{CMRADiscrete A}. Lemma cmra_discrete_updateP (x : A) (P : A → Prop) : x ~~>: P ↔ ∀ z, ✓ (x ⋅ z) → ∃ y, P y ∧ ✓ (y ⋅ z). Proof. rewrite cmra_total_updateP; setoid_rewrite <-cmra_discrete_valid_iff. naive_solver eauto using 0. Qed. Lemma cmra_discrete_update `{CMRADiscrete A} (x y : A) : x ~~> y ↔ ∀ z, ✓ (x ⋅ z) → ✓ (y ⋅ z). Proof. rewrite cmra_total_update; setoid_rewrite <-cmra_discrete_valid_iff. naive_solver eauto using 0. Qed. End total_updates. End cmra. `````` Robbert Krebbers committed Jun 16, 2016 181 ``````(** * Transport *) `````` Robbert Krebbers committed Jun 16, 2016 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 ``````Section cmra_transport. Context {A B : cmraT} (H : A = B). Notation T := (cmra_transport H). Lemma cmra_transport_updateP (P : A → Prop) (Q : B → Prop) x : x ~~>: P → (∀ y, P y → Q (T y)) → T x ~~>: Q. Proof. destruct H; eauto using cmra_updateP_weaken. Qed. Lemma cmra_transport_updateP' (P : A → Prop) x : x ~~>: P → T x ~~>: λ y, ∃ y', y = cmra_transport H y' ∧ P y'. Proof. eauto using cmra_transport_updateP. Qed. End cmra_transport. (** * Product *) Section prod. Context {A B : cmraT}. Implicit Types x : A * B. `````` Robbert Krebbers committed Jun 16, 2016 198 199 200 201 202 203 204 205 206 207 208 `````` Lemma prod_local_update x y mz : x.1 ~l~> y.1 @ fst <\$> mz → x.2 ~l~> y.2 @ snd <\$> mz → x ~l~> y @ mz. Proof. intros [Hv1 H1] [Hv2 H2]; split. - intros n [??]; destruct mz; split; auto. - intros n mz' [??] [??]. specialize (H1 n (fst <\$> mz')); specialize (H2 n (snd <\$> mz')). destruct mz, mz'; split; naive_solver. Qed. `````` Robbert Krebbers committed Jun 16, 2016 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 `````` Lemma prod_updateP P1 P2 (Q : A * B → Prop) x : x.1 ~~>: P1 → x.2 ~~>: P2 → (∀ a b, P1 a → P2 b → Q (a,b)) → x ~~>: Q. Proof. intros Hx1 Hx2 HP n mz [??]; simpl in *. destruct (Hx1 n (fst <\$> mz)) as (a&?&?); first by destruct mz. destruct (Hx2 n (snd <\$> mz)) as (b&?&?); first by destruct mz. exists (a,b); repeat split; destruct mz; auto. Qed. Lemma prod_updateP' P1 P2 x : x.1 ~~>: P1 → x.2 ~~>: P2 → x ~~>: λ y, P1 (y.1) ∧ P2 (y.2). Proof. eauto using prod_updateP. Qed. Lemma prod_update x y : x.1 ~~> y.1 → x.2 ~~> y.2 → x ~~> y. Proof. rewrite !cmra_update_updateP. destruct x, y; eauto using prod_updateP with subst. Qed. End prod. (** * Option *) Section option. Context {A : cmraT}. Implicit Types x y : A. `````` Robbert Krebbers committed Jun 16, 2016 232 233 234 `````` Lemma option_local_update x y mmz : x ~l~> y @ mjoin mmz → Some x ~l~> Some y @ mmz. `````` Robbert Krebbers committed Jun 16, 2016 235 `````` Proof. `````` Robbert Krebbers committed Jun 16, 2016 236 237 238 `````` intros [Hv H]; split; first destruct mmz as [[?|]|]; auto. intros n mmz'. specialize (H n (mjoin mmz')). destruct mmz as [[]|], mmz' as [[]|]; inversion_clear 2; constructor; auto. `````` Robbert Krebbers committed Jun 16, 2016 239 240 241 242 243 244 245 246 247 248 249 250 251 252 `````` Qed. Lemma option_updateP (P : A → Prop) (Q : option A → Prop) x : x ~~>: P → (∀ y, P y → Q (Some y)) → Some x ~~>: Q. Proof. intros Hx Hy; apply cmra_total_updateP=> n [y|] ?. { destruct (Hx n (Some y)) as (y'&?&?); auto. exists (Some y'); auto. } destruct (Hx n None) as (y'&?&?); rewrite ?cmra_core_r; auto. by exists (Some y'); auto. Qed. Lemma option_updateP' (P : A → Prop) x : x ~~>: P → Some x ~~>: from_option P False. Proof. eauto using option_updateP. Qed. Lemma option_update x y : x ~~> y → Some x ~~> Some y. `````` Robbert Krebbers committed Jun 16, 2016 253 `````` Proof. rewrite !cmra_update_updateP; eauto using option_updateP with subst. Qed. `````` Robbert Krebbers committed Jun 16, 2016 254 ``````End option. `````` Jacques-Henri Jourdan committed Jul 01, 2016 255 256 `````` (** * Natural numbers *) `````` Robbert Krebbers committed Jul 03, 2016 257 ``````Lemma nat_local_update (x y : nat) mz : x ~l~> y @ mz. `````` Jacques-Henri Jourdan committed Jul 01, 2016 258 ``````Proof. `````` Robbert Krebbers committed Jul 03, 2016 259 260 261 262 263 264 265 266 `````` split; first done. compute -[plus]; destruct mz as [z|]; intros n [z'|]; lia. Qed. Lemma mnat_local_update (x y : mnat) mz : x ≤ y → x ~l~> y @ mz. Proof. split; first done. compute -[max]; destruct mz as [z|]; intros n [z'|]; lia. `````` Jacques-Henri Jourdan committed Jul 01, 2016 267 ``Qed.``