Commit 9997d0ef authored by Robbert Krebbers's avatar Robbert Krebbers

Many STS tweaks:

* Clearly separate the file algebra/sts in three parts:
  1.) The definition of an STS, step relations, and closure stuff
  2.) The construction as a disjoint RA (this module should never be used)
  3.) The construction as a CMRA with many derived properties
* Turn stsT into a canonical structure so that we can make more of its arguments
  implicit.
* Rename the underlying step relation of STSs to prim_step (similar naming as
  for languages, but here in a module to avoid ambiguity)
* Refactor program_logic/sts by moving general properties of the STS CMRA to
  algebra/sts.v
* Make naming and use of modules in program_logic/sts more consistent with
  program_logic/auth and program_logic/saved_prop
* Prove setoid properties of all definitions in program_logic/sts
parent 4e8725f3
......@@ -23,6 +23,7 @@ Class DRA A `{Equiv A, Valid A, Unit A, Disjoint A, Op A, Minus A} := {
dra_equivalence :> Equivalence (() : relation A);
dra_op_proper :> Proper (() ==> () ==> ()) ();
dra_unit_proper :> Proper (() ==> ()) unit;
dra_valid_proper :> Proper (() ==> impl) valid;
dra_disjoint_proper :> x, Proper (() ==> impl) (disjoint x);
dra_minus_proper :> Proper (() ==> () ==> ()) minus;
(* validity *)
......@@ -61,7 +62,10 @@ Proof.
* intros [x px ?] [y py ?] [z pz ?] [? Hxy] [? Hyz]; simpl in *.
split; [|intros; transitivity y]; tauto.
Qed.
Instance dra_valid_proper' : Proper (() ==> iff) (valid : A Prop).
Proof. by split; apply dra_valid_proper. Qed.
Instance to_validity_proper : Proper (() ==> ()) to_validity.
Proof. by intros x1 x2 Hx; split; rewrite /= Hx. Qed.
Instance: Proper (() ==> () ==> iff) ().
Proof.
intros x1 x2 Hx y1 y2 Hy; split.
......
This diff is collapsed.
......@@ -27,14 +27,14 @@ Module barrier_proto.
change_tokens (state_I s)
match state_phase s with Low => | High => {[ Send ]} end.
Definition sts := sts.STS trans tok.
Canonical Structure sts := sts.STS trans tok.
(* The set of states containing some particular i *)
Definition i_states (i : gname) : set stateT :=
mkSet (λ s, i state_I s).
Lemma i_states_closed i :
sts.closed sts (i_states i) {[ Change i ]}.
sts.closed (i_states i) {[ Change i ]}.
Proof.
split.
- apply (non_empty_inhabited(State Low {[ i ]})). rewrite !mkSet_elem_of /=.
......@@ -68,7 +68,7 @@ Module barrier_proto.
mkSet (λ s, if state_phase s is Low then True else False).
Lemma low_states_closed :
sts.closed sts low_states {[ Send ]}.
sts.closed low_states {[ Send ]}.
Proof.
split.
- apply (non_empty_inhabited(State Low )). by rewrite !mkSet_elem_of /=.
......@@ -96,7 +96,7 @@ Section proof.
(* TODO: Bundle HeapI and HeapG and have notation so that we can just write
"l ↦ '0". *)
Context (HeapI : gid) `{!HeapInG Σ HeapI} (HeapG : gname).
Context (StsI : gid) `{!sts.InG heap_lang Σ StsI sts}.
Context (StsI : gid) `{!STSInG heap_lang Σ StsI sts}.
Context (SpI : gid) `{!SavedPropInG heap_lang Σ SpI}.
Notation iProp := (iPropG heap_lang Σ).
......@@ -114,13 +114,13 @@ Section proof.
end.
Definition barrier_ctx (γ : gname) (l : loc) (P : iProp) : iProp :=
(heap_ctx HeapI HeapG N sts.ctx StsI sts γ N (barrier_inv l P))%I.
(heap_ctx HeapI HeapG N sts_ctx StsI sts γ N (barrier_inv l P))%I.
Definition send (l : loc) (P : iProp) : iProp :=
( γ, barrier_ctx γ l P sts.in_states StsI sts γ low_states {[ Send ]})%I.
( γ, barrier_ctx γ l P sts_ownS StsI sts γ low_states {[ Send ]})%I.
Definition recv (l : loc) (R : iProp) : iProp :=
( γ (P Q : iProp) i, barrier_ctx γ l P sts.in_states StsI sts γ (i_states i) {[ Change i ]}
( γ (P Q : iProp) i, barrier_ctx γ l P sts_ownS StsI sts γ (i_states i) {[ Change i ]}
saved_prop_own SpI i Q (Q - R))%I.
Lemma newchan_spec (P : iProp) (Q : val iProp) :
......
This diff is collapsed.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment