Library zoo_std.ivar_2
From zoo Require Import
prelude.
From zoo.common Require Import
countable.
From zoo.iris.base_logic Require Import
lib.oneshot
lib.subpreds.
From zoo.language Require Import
notations.
From zoo.diaframe Require Import
diaframe.
From zoo_std Require Export
base
ivar_2__code.
From zoo_std Require Import
ivar_2__types
option
condition.
From zoo Require Import
options.
Implicit Types b : bool.
Implicit Types v : val.
Implicit Types o state : option val.
Class Ivar2G Σ `{zoo_G : !ZooG Σ} :=
{ #[local] ivar_2_G_mutex_G :: MutexG Σ
; #[local] ivar_2_G_lstate_G :: OneshotG Σ unit val
; #[local] ivar_2_G_consumer_G :: SubpredsG Σ val
}.
Definition ivar_2_Σ :=
#[mutex_Σ
; oneshot_Σ unit val
; subpreds_Σ val
].
#[global] Instance subG_ivar_2_Σ Σ `{zoo_G : !ZooG Σ} :
subG ivar_2_Σ Σ →
Ivar2G Σ .
Module base.
Section ivar_2_G.
Context `{ivar_2_G : Ivar2G Σ}.
Implicit Types t : location.
Implicit Types Ψ Χ Ξ : val → iProp Σ.
Record ivar_2_name :=
{ ivar_2_name_mutex : val
; ivar_2_name_condition : val
; ivar_2_name_lstate : gname
; ivar_2_name_consumer : gname
}.
Implicit Types γ : ivar_2_name.
#[global] Instance ivar_2_name_eq_dec : EqDecision ivar_2_name :=
ltac:(solve_decision).
#[global] Instance ivar_2_name_countable :
Countable ivar_2_name.
#[local] Definition lstate_unset₁' γ_lstate :=
oneshot_pending γ_lstate (DfracOwn (1/3)) ().
#[local] Definition lstate_unset₁ γ :=
lstate_unset₁' γ.(ivar_2_name_lstate).
#[local] Definition lstate_unset₂' γ_lstate :=
oneshot_pending γ_lstate (DfracOwn (2/3)) ().
#[local] Definition lstate_unset₂ γ :=
lstate_unset₂' γ.(ivar_2_name_lstate).
#[local] Definition lstate_set γ :=
oneshot_shot γ.(ivar_2_name_lstate).
#[local] Definition consumer_auth' :=
subpreds_auth.
#[local] Definition consumer_auth γ :=
consumer_auth' γ.(ivar_2_name_consumer).
#[local] Definition consumer_frag' :=
subpreds_frag.
#[local] Definition consumer_frag γ :=
consumer_frag' γ.(ivar_2_name_consumer).
#[local] Definition inv_state_unset γ :=
lstate_unset₁ γ.
#[local] Instance : CustomIpat "inv_state_unset" :=
" {>;}Hlstate_unset₁ ".
#[local] Definition inv_state_set γ Ξ v : iProp Σ :=
lstate_set γ v ∗
□ Ξ v.
#[local] Instance : CustomIpat "inv_state_set" :=
" ( {>;}#Hlstate_set{_{}} & #HΞ{_{}} ) ".
#[local] Definition inv_state γ Ξ state :=
match state with
| None ⇒
inv_state_unset γ
| Some v ⇒
inv_state_set γ Ξ v
end.
#[local] Definition inv_inner t γ Ψ Ξ : iProp Σ :=
∃ state,
t.[result] ↦ state ∗
consumer_auth γ Ψ state ∗
inv_state γ Ξ state.
#[local] Instance : CustomIpat "inv_inner" :=
" ( %state & H𝑡_result & Hconsumer_auth & Hstate ) ".
Definition ivar_2_inv t γ Ψ Ξ : iProp Σ :=
t.[mutex] ↦□ γ.(ivar_2_name_mutex) ∗
mutex_inv γ.(ivar_2_name_mutex) True ∗
t.[condition] ↦□ γ.(ivar_2_name_condition) ∗
condition_inv γ.(ivar_2_name_condition) ∗
inv nroot (inv_inner t γ Ψ Ξ).
#[local] Instance : CustomIpat "inv" :=
" ( #Ht_mutex & #Hmutex_inv & #Ht_condition & #Hcondition_inv & #Hinv ) ".
Definition ivar_2_producer :=
lstate_unset₂.
#[local] Instance : CustomIpat "producer" :=
" Hlstate_unset₂{_{}} ".
Definition ivar_2_consumer :=
consumer_frag.
#[local] Instance : CustomIpat "consumer" :=
" Hconsumer{}_frag ".
Definition ivar_2_result :=
lstate_set.
#[local] Instance : CustomIpat "result" :=
" #Hlstate_set{_{}} ".
Definition ivar_2_resolved γ : iProp Σ :=
∃ v,
ivar_2_result γ v.
Definition ivar_2_synchronized γ : iProp Σ :=
True.
#[global] Instance ivar_2_inv_contractive t γ n :
Proper (
(pointwise_relation _ (dist_later n)) ==>
(pointwise_relation _ (dist_later n)) ==>
(≡{n}≡)
) (ivar_2_inv t γ).
#[global] Instance ivar_2_inv_proper t γ :
Proper (
(pointwise_relation _ (≡)) ==>
(pointwise_relation _ (≡)) ==>
(≡)
) (ivar_2_inv t γ).
#[global] Instance ivar_2_consumer_contractive γ n :
Proper (
(pointwise_relation _ (dist_later n)) ==>
(≡{n}≡)
) (ivar_2_consumer γ).
#[global] Instance ivar_2_consumer_proper γ :
Proper (
(pointwise_relation _ (≡)) ==>
(≡)
) (ivar_2_consumer γ).
#[global] Instance ivar_2_producer_timeless γ :
Timeless (ivar_2_producer γ).
#[global] Instance ivar_2_result_timeless γ v :
Timeless (ivar_2_result γ v).
#[global] Instance ivar_2_synchronized_timeless γ :
Timeless (ivar_2_synchronized γ).
#[global] Instance ivar_2_inv_persistent t γ Ψ Ξ :
Persistent (ivar_2_inv t γ Ψ Ξ).
#[global] Instance ivar_2_result_persistent γ v :
Persistent (ivar_2_result γ v).
#[global] Instance ivar_2_synchronized_persistent γ :
Persistent (ivar_2_synchronized γ).
#[local] Lemma lstate_alloc :
⊢ |==>
∃ γ_lstate,
lstate_unset₁' γ_lstate ∗
lstate_unset₂' γ_lstate.
#[local] Lemma lstate_unset₂_exclusive γ :
lstate_unset₂ γ -∗
lstate_unset₂ γ -∗
False.
#[local] Lemma lstate_set_agree γ v1 v2 :
lstate_set γ v1 -∗
lstate_set γ v2 -∗
⌜v1 = v2⌝.
#[local] Lemma lstate_unset₁_set γ v :
lstate_unset₁ γ -∗
lstate_set γ v -∗
False.
#[local] Lemma lstate_unset₂_set γ v :
lstate_unset₂ γ -∗
lstate_set γ v -∗
False.
#[local] Lemma lstate_update {γ} v :
lstate_unset₁ γ -∗
lstate_unset₂ γ ==∗
lstate_set γ v.
#[local] Lemma consumer_alloc Ψ :
⊢ |==>
∃ γ_consumer,
consumer_auth' γ_consumer Ψ None ∗
consumer_frag' γ_consumer Ψ.
#[local] Lemma consumer_wand {γ Ψ state Χ1} Χ2 E :
▷ consumer_auth γ Ψ state -∗
consumer_frag γ Χ1 -∗
(∀ v, Χ1 v -∗ Χ2 v) ={E}=∗
▷ consumer_auth γ Ψ state ∗
consumer_frag γ Χ2.
#[local] Lemma consumer_divide {γ Ψ state} Χs E :
▷ consumer_auth γ Ψ state -∗
consumer_frag γ (λ v, [∗ list] Χ ∈ Χs, Χ v) ={E}=∗
▷ consumer_auth γ Ψ state ∗
[∗ list] Χ ∈ Χs, consumer_frag γ Χ.
#[local] Lemma consumer_produce {γ Ψ} v :
consumer_auth γ Ψ None -∗
Ψ v -∗
consumer_auth γ Ψ (Some v).
#[local] Lemma consumer_consume γ Ψ v Χ E :
▷ consumer_auth γ Ψ (Some v) -∗
consumer_frag γ Χ ={E}=∗
▷ consumer_auth γ Ψ (Some v) ∗
▷^2 Χ v.
Lemma ivar_2_producer_exclusive γ :
ivar_2_producer γ -∗
ivar_2_producer γ -∗
False.
Lemma ivar_2_consumer_wand {t γ Ψ Ξ Χ1} Χ2 :
ivar_2_inv t γ Ψ Ξ -∗
ivar_2_consumer γ Χ1 -∗
(∀ v, Χ1 v -∗ Χ2 v) ={⊤}=∗
ivar_2_consumer γ Χ2.
Lemma ivar_2_consumer_divide {t γ Ψ Ξ} Χs :
ivar_2_inv t γ Ψ Ξ -∗
ivar_2_consumer γ (λ v, [∗ list] Χ ∈ Χs, Χ v) ={⊤}=∗
[∗ list] Χ ∈ Χs, ivar_2_consumer γ Χ.
Lemma ivar_2_result_agree γ v1 v2 :
ivar_2_result γ v1 -∗
ivar_2_result γ v2 -∗
⌜v1 = v2⌝.
Lemma ivar_2_producer_result γ v :
ivar_2_producer γ -∗
ivar_2_result γ v -∗
False.
Lemma ivar_2_inv_result t γ Ψ Ξ v :
ivar_2_inv t γ Ψ Ξ -∗
ivar_2_result γ v -∗
ivar_2_synchronized γ ={⊤}=∗
▷ □ Ξ v.
Lemma ivar_2_inv_result_consumer t γ Ψ Ξ v Χ :
ivar_2_inv t γ Ψ Ξ -∗
ivar_2_result γ v -∗
ivar_2_synchronized γ -∗
ivar_2_consumer γ Χ ={⊤}=∗
▷^2 Χ v ∗
▷ □ Ξ v.
Lemma ivar_2٠create𑁒spec Ψ Ξ :
{{{
True
}}}
ivar_2٠create ()
{{{
t γ
, RET #t;
meta_token t ⊤ ∗
ivar_2_inv t γ Ψ Ξ ∗
ivar_2_producer γ ∗
ivar_2_consumer γ Ψ
}}}.
Lemma ivar_2٠make𑁒spec Ψ Ξ v :
{{{
▷ Ψ v ∗
▷ □ Ξ v
}}}
ivar_2٠make v
{{{
t γ
, RET #t;
meta_token t ⊤ ∗
ivar_2_inv t γ Ψ Ξ ∗
ivar_2_result γ v ∗
ivar_2_synchronized γ ∗
ivar_2_consumer γ Ψ
}}}.
Lemma ivar_2٠try_get𑁒spec t γ Ψ Ξ :
{{{
ivar_2_inv t γ Ψ Ξ
}}}
ivar_2٠try_get #t
{{{
o
, RET o;
if o is Some v then
£ 2 ∗
ivar_2_result γ v ∗
ivar_2_synchronized γ
else
True
}}}.
Lemma ivar_2٠try_get𑁒spec_result t γ Ψ Ξ v :
{{{
ivar_2_inv t γ Ψ Ξ ∗
ivar_2_result γ v
}}}
ivar_2٠try_get #t
{{{
RET Some v;
£ 2 ∗
ivar_2_synchronized γ
}}}.
Lemma ivar_2٠is_unset𑁒spec t γ Ψ Ξ :
{{{
ivar_2_inv t γ Ψ Ξ
}}}
ivar_2٠is_unset #t
{{{
b
, RET #b;
if b then
True
else
£ 2 ∗
ivar_2_resolved γ
}}}.
Lemma ivar_2٠is_unset𑁒spec_result t γ Ψ Ξ v :
{{{
ivar_2_inv t γ Ψ Ξ ∗
ivar_2_result γ v
}}}
ivar_2٠is_unset #t
{{{
RET false;
£ 2
}}}.
Lemma ivar_2٠is_set𑁒spec t γ Ψ Ξ :
{{{
ivar_2_inv t γ Ψ Ξ
}}}
ivar_2٠is_set #t
{{{
b
, RET #b;
if b then
£ 2 ∗
ivar_2_resolved γ
else
True
}}}.
Lemma ivar_2٠is_set𑁒spec_result t γ Ψ Ξ v :
{{{
ivar_2_inv t γ Ψ Ξ ∗
ivar_2_result γ v
}}}
ivar_2٠is_set #t
{{{
RET true;
£ 2
}}}.
Lemma ivar_2٠get𑁒spec t γ Ψ Ξ :
{{{
ivar_2_inv t γ Ψ Ξ
}}}
ivar_2٠get #t
{{{
v
, RET v;
£ 2 ∗
ivar_2_result γ v ∗
ivar_2_synchronized γ
}}}.
Lemma ivar_2٠get𑁒spec_result t γ Ψ Ξ v :
{{{
ivar_2_inv t γ Ψ Ξ ∗
ivar_2_result γ v
}}}
ivar_2٠get #t
{{{
RET v;
£ 2 ∗
ivar_2_synchronized γ
}}}.
Lemma ivar_2٠set𑁒spec t γ Ψ Ξ v :
{{{
ivar_2_inv t γ Ψ Ξ ∗
ivar_2_producer γ ∗
▷ Ψ v ∗
▷ □ Ξ v
}}}
ivar_2٠set #t v
{{{
RET ();
ivar_2_result γ v
}}}.
End ivar_2_G.
#[global] Opaque ivar_2_inv.
#[global] Opaque ivar_2_producer.
#[global] Opaque ivar_2_consumer.
#[global] Opaque ivar_2_result.
#[global] Opaque ivar_2_synchronized.
End base.
From zoo_std Require
ivar_2__opaque.
Section ivar_2_G.
Context `{ivar_2_G : Ivar2G Σ}.
Implicit Types 𝑡 : location.
Implicit Types t : val.
Implicit Types γ : base.ivar_2_name.
Implicit Types Ψ Χ Ξ : val → iProp Σ.
Definition ivar_2_inv t Ψ Ξ : iProp Σ :=
∃ 𝑡 γ,
⌜t = #𝑡⌝ ∗
meta 𝑡 nroot γ ∗
base.ivar_2_inv 𝑡 γ Ψ Ξ.
#[local] Instance : CustomIpat "inv" :=
" ( %l{} & %γ{} & {%Heq{};->} & #Hmeta{_{}} & Hinv{_{}} ) ".
Definition ivar_2_producer t : iProp Σ :=
∃ 𝑡 γ,
⌜t = #𝑡⌝ ∗
meta 𝑡 nroot γ ∗
base.ivar_2_producer γ.
#[local] Instance : CustomIpat "producer" :=
" ( %l{;_} & %γ{;_} & {%Heq{};->} & #Hmeta{_{}} & Hproducer{_{}} ) ".
Definition ivar_2_consumer t Χ : iProp Σ :=
∃ 𝑡 γ,
⌜t = #𝑡⌝ ∗
meta 𝑡 nroot γ ∗
base.ivar_2_consumer γ Χ.
#[local] Instance : CustomIpat "consumer" :=
" ( %l{;_} & %γ{;_} & {%Heq{};->} & #Hmeta{_{}} & Hconsumer{_{}} ) ".
Definition ivar_2_result t v : iProp Σ :=
∃ 𝑡 γ,
⌜t = #𝑡⌝ ∗
meta 𝑡 nroot γ ∗
base.ivar_2_result γ v.
#[local] Instance : CustomIpat "result" :=
" ( %l{;_} & %γ{;_} & {%Heq{};->} & #Hmeta{_{}} & Hresult{_{}} ) ".
Definition ivar_2_resolved t : iProp Σ :=
∃ v,
ivar_2_result t v.
Definition ivar_2_synchronized t : iProp Σ :=
∃ 𝑡 γ,
⌜t = #𝑡⌝ ∗
meta 𝑡 nroot γ ∗
base.ivar_2_synchronized γ.
#[local] Instance : CustomIpat "synchronized" :=
" ( %l{;_} & %γ{;_} & {%Heq{};->} & #Hmeta{_{}} & Hsynchronized{_{}} ) ".
#[global] Instance ivar_2_inv_contractive t n :
Proper (
(pointwise_relation _ (dist_later n)) ==>
(pointwise_relation _ (dist_later n)) ==>
(≡{n}≡)
) (ivar_2_inv t).
#[global] Instance ivar_2_inv_proper t :
Proper (
(pointwise_relation _ (≡)) ==>
(pointwise_relation _ (≡)) ==>
(≡)
) (ivar_2_inv t).
#[global] Instance ivar_2_consumer_contractive t n :
Proper (
(pointwise_relation _ (dist_later n)) ==>
(≡{n}≡)
) (ivar_2_consumer t).
#[global] Instance ivar_2_consumer_proper t :
Proper (
(pointwise_relation _ (≡)) ==>
(≡)
) (ivar_2_consumer t).
#[global] Instance ivar_2_producer_timeless t :
Timeless (ivar_2_producer t).
#[global] Instance ivar_2_result_timeless t v :
Timeless (ivar_2_result t v).
#[global] Instance ivar_2_synchronized_timeless t :
Timeless (ivar_2_synchronized t).
#[global] Instance ivar_2_inv_persistent t Ψ Ξ :
Persistent (ivar_2_inv t Ψ Ξ).
#[global] Instance ivar_2_result_persistent t v :
Persistent (ivar_2_result t v).
#[global] Instance ivar_2_synchronized_persistent t :
Persistent (ivar_2_synchronized t).
Lemma ivar_2_producer_exclusive t :
ivar_2_producer t -∗
ivar_2_producer t -∗
False.
Lemma ivar_2_consumer_wand {t Ψ Ξ Χ1} Χ2 :
ivar_2_inv t Ψ Ξ -∗
ivar_2_consumer t Χ1 -∗
(∀ v, Χ1 v -∗ Χ2 v) ={⊤}=∗
ivar_2_consumer t Χ2.
Lemma ivar_2_consumer_divide {t Ψ Ξ} Χs :
ivar_2_inv t Ψ Ξ -∗
ivar_2_consumer t (λ v, [∗ list] Χ ∈ Χs, Χ v) ={⊤}=∗
[∗ list] Χ ∈ Χs, ivar_2_consumer t Χ.
Lemma ivar_2_consumer_split {t Ψ Ξ} Χ1 Χ2 :
ivar_2_inv t Ψ Ξ -∗
ivar_2_consumer t (λ v, Χ1 v ∗ Χ2 v) ={⊤}=∗
ivar_2_consumer t Χ1 ∗
ivar_2_consumer t Χ2.
Lemma ivar_2_result_agree t v1 v2 :
ivar_2_result t v1 -∗
ivar_2_result t v2 -∗
⌜v1 = v2⌝.
Lemma ivar_2_producer_result t v :
ivar_2_producer t -∗
ivar_2_result t v -∗
False.
Lemma ivar_2_inv_result t Ψ Ξ v :
ivar_2_inv t Ψ Ξ -∗
ivar_2_result t v -∗
ivar_2_synchronized t ={⊤}=∗
▷ □ Ξ v.
Lemma ivar_2_inv_result' t Ψ Ξ v :
£ 1 -∗
ivar_2_inv t Ψ Ξ -∗
ivar_2_result t v -∗
ivar_2_synchronized t ={⊤}=∗
□ Ξ v.
Lemma ivar_2_inv_result_consumer t Ψ Ξ v Χ :
ivar_2_inv t Ψ Ξ -∗
ivar_2_result t v -∗
ivar_2_synchronized t -∗
ivar_2_consumer t Χ ={⊤}=∗
▷^2 Χ v ∗
▷ □ Ξ v.
Lemma ivar_2_inv_result_consumer' t Ψ Ξ v Χ :
£ 2 -∗
ivar_2_inv t Ψ Ξ -∗
ivar_2_result t v -∗
ivar_2_synchronized t -∗
ivar_2_consumer t Χ ={⊤}=∗
Χ v ∗
□ Ξ v.
Lemma ivar_2٠create𑁒spec Ψ Ξ :
{{{
True
}}}
ivar_2٠create ()
{{{
t
, RET t;
ivar_2_inv t Ψ Ξ ∗
ivar_2_producer t ∗
ivar_2_consumer t Ψ
}}}.
Lemma ivar_2٠make𑁒spec Ψ Ξ v :
{{{
▷ Ψ v ∗
▷ □ Ξ v
}}}
ivar_2٠make v
{{{
t
, RET t;
ivar_2_inv t Ψ Ξ ∗
ivar_2_result t v ∗
ivar_2_consumer t Ψ
}}}.
Lemma ivar_2٠try_get𑁒spec t Ψ Ξ :
{{{
ivar_2_inv t Ψ Ξ
}}}
ivar_2٠try_get t
{{{
o
, RET o;
if o is Some v then
£ 2 ∗
ivar_2_result t v ∗
ivar_2_synchronized t
else
True
}}}.
Lemma ivar_2٠try_get𑁒spec_result t Ψ Ξ v :
{{{
ivar_2_inv t Ψ Ξ ∗
ivar_2_result t v
}}}
ivar_2٠try_get t
{{{
RET Some v;
£ 2 ∗
ivar_2_synchronized t
}}}.
Lemma ivar_2٠is_unset𑁒spec t Ψ Ξ :
{{{
ivar_2_inv t Ψ Ξ
}}}
ivar_2٠is_unset t
{{{
b
, RET #b;
if b then
True
else
£ 2 ∗
ivar_2_resolved t
}}}.
Lemma ivar_2٠is_unset𑁒spec_result t Ψ Ξ v :
{{{
ivar_2_inv t Ψ Ξ ∗
ivar_2_result t v
}}}
ivar_2٠is_unset t
{{{
RET false;
£ 2
}}}.
Lemma ivar_2٠is_set𑁒spec t Ψ Ξ :
{{{
ivar_2_inv t Ψ Ξ
}}}
ivar_2٠is_set t
{{{
b
, RET #b;
if b then
£ 2 ∗
ivar_2_resolved t
else
True
}}}.
Lemma ivar_2٠is_set𑁒spec_result t Ψ Ξ v :
{{{
ivar_2_inv t Ψ Ξ ∗
ivar_2_result t v
}}}
ivar_2٠is_set t
{{{
RET true;
£ 2
}}}.
Lemma ivar_2٠get𑁒spec t Ψ Ξ :
{{{
ivar_2_inv t Ψ Ξ
}}}
ivar_2٠get t
{{{
v
, RET v;
£ 2 ∗
ivar_2_result t v ∗
ivar_2_synchronized t
}}}.
Lemma ivar_2٠set𑁒spec t Ψ Ξ v :
{{{
ivar_2_inv t Ψ Ξ ∗
ivar_2_producer t ∗
▷ Ψ v ∗
▷ □ Ξ v
}}}
ivar_2٠set t v
{{{
RET ();
ivar_2_result t v
}}}.
End ivar_2_G.
#[global] Opaque ivar_2_inv.
#[global] Opaque ivar_2_producer.
#[global] Opaque ivar_2_consumer.
#[global] Opaque ivar_2_result.
#[global] Opaque ivar_2_synchronized.
prelude.
From zoo.common Require Import
countable.
From zoo.iris.base_logic Require Import
lib.oneshot
lib.subpreds.
From zoo.language Require Import
notations.
From zoo.diaframe Require Import
diaframe.
From zoo_std Require Export
base
ivar_2__code.
From zoo_std Require Import
ivar_2__types
option
condition.
From zoo Require Import
options.
Implicit Types b : bool.
Implicit Types v : val.
Implicit Types o state : option val.
Class Ivar2G Σ `{zoo_G : !ZooG Σ} :=
{ #[local] ivar_2_G_mutex_G :: MutexG Σ
; #[local] ivar_2_G_lstate_G :: OneshotG Σ unit val
; #[local] ivar_2_G_consumer_G :: SubpredsG Σ val
}.
Definition ivar_2_Σ :=
#[mutex_Σ
; oneshot_Σ unit val
; subpreds_Σ val
].
#[global] Instance subG_ivar_2_Σ Σ `{zoo_G : !ZooG Σ} :
subG ivar_2_Σ Σ →
Ivar2G Σ .
Module base.
Section ivar_2_G.
Context `{ivar_2_G : Ivar2G Σ}.
Implicit Types t : location.
Implicit Types Ψ Χ Ξ : val → iProp Σ.
Record ivar_2_name :=
{ ivar_2_name_mutex : val
; ivar_2_name_condition : val
; ivar_2_name_lstate : gname
; ivar_2_name_consumer : gname
}.
Implicit Types γ : ivar_2_name.
#[global] Instance ivar_2_name_eq_dec : EqDecision ivar_2_name :=
ltac:(solve_decision).
#[global] Instance ivar_2_name_countable :
Countable ivar_2_name.
#[local] Definition lstate_unset₁' γ_lstate :=
oneshot_pending γ_lstate (DfracOwn (1/3)) ().
#[local] Definition lstate_unset₁ γ :=
lstate_unset₁' γ.(ivar_2_name_lstate).
#[local] Definition lstate_unset₂' γ_lstate :=
oneshot_pending γ_lstate (DfracOwn (2/3)) ().
#[local] Definition lstate_unset₂ γ :=
lstate_unset₂' γ.(ivar_2_name_lstate).
#[local] Definition lstate_set γ :=
oneshot_shot γ.(ivar_2_name_lstate).
#[local] Definition consumer_auth' :=
subpreds_auth.
#[local] Definition consumer_auth γ :=
consumer_auth' γ.(ivar_2_name_consumer).
#[local] Definition consumer_frag' :=
subpreds_frag.
#[local] Definition consumer_frag γ :=
consumer_frag' γ.(ivar_2_name_consumer).
#[local] Definition inv_state_unset γ :=
lstate_unset₁ γ.
#[local] Instance : CustomIpat "inv_state_unset" :=
" {>;}Hlstate_unset₁ ".
#[local] Definition inv_state_set γ Ξ v : iProp Σ :=
lstate_set γ v ∗
□ Ξ v.
#[local] Instance : CustomIpat "inv_state_set" :=
" ( {>;}#Hlstate_set{_{}} & #HΞ{_{}} ) ".
#[local] Definition inv_state γ Ξ state :=
match state with
| None ⇒
inv_state_unset γ
| Some v ⇒
inv_state_set γ Ξ v
end.
#[local] Definition inv_inner t γ Ψ Ξ : iProp Σ :=
∃ state,
t.[result] ↦ state ∗
consumer_auth γ Ψ state ∗
inv_state γ Ξ state.
#[local] Instance : CustomIpat "inv_inner" :=
" ( %state & H𝑡_result & Hconsumer_auth & Hstate ) ".
Definition ivar_2_inv t γ Ψ Ξ : iProp Σ :=
t.[mutex] ↦□ γ.(ivar_2_name_mutex) ∗
mutex_inv γ.(ivar_2_name_mutex) True ∗
t.[condition] ↦□ γ.(ivar_2_name_condition) ∗
condition_inv γ.(ivar_2_name_condition) ∗
inv nroot (inv_inner t γ Ψ Ξ).
#[local] Instance : CustomIpat "inv" :=
" ( #Ht_mutex & #Hmutex_inv & #Ht_condition & #Hcondition_inv & #Hinv ) ".
Definition ivar_2_producer :=
lstate_unset₂.
#[local] Instance : CustomIpat "producer" :=
" Hlstate_unset₂{_{}} ".
Definition ivar_2_consumer :=
consumer_frag.
#[local] Instance : CustomIpat "consumer" :=
" Hconsumer{}_frag ".
Definition ivar_2_result :=
lstate_set.
#[local] Instance : CustomIpat "result" :=
" #Hlstate_set{_{}} ".
Definition ivar_2_resolved γ : iProp Σ :=
∃ v,
ivar_2_result γ v.
Definition ivar_2_synchronized γ : iProp Σ :=
True.
#[global] Instance ivar_2_inv_contractive t γ n :
Proper (
(pointwise_relation _ (dist_later n)) ==>
(pointwise_relation _ (dist_later n)) ==>
(≡{n}≡)
) (ivar_2_inv t γ).
#[global] Instance ivar_2_inv_proper t γ :
Proper (
(pointwise_relation _ (≡)) ==>
(pointwise_relation _ (≡)) ==>
(≡)
) (ivar_2_inv t γ).
#[global] Instance ivar_2_consumer_contractive γ n :
Proper (
(pointwise_relation _ (dist_later n)) ==>
(≡{n}≡)
) (ivar_2_consumer γ).
#[global] Instance ivar_2_consumer_proper γ :
Proper (
(pointwise_relation _ (≡)) ==>
(≡)
) (ivar_2_consumer γ).
#[global] Instance ivar_2_producer_timeless γ :
Timeless (ivar_2_producer γ).
#[global] Instance ivar_2_result_timeless γ v :
Timeless (ivar_2_result γ v).
#[global] Instance ivar_2_synchronized_timeless γ :
Timeless (ivar_2_synchronized γ).
#[global] Instance ivar_2_inv_persistent t γ Ψ Ξ :
Persistent (ivar_2_inv t γ Ψ Ξ).
#[global] Instance ivar_2_result_persistent γ v :
Persistent (ivar_2_result γ v).
#[global] Instance ivar_2_synchronized_persistent γ :
Persistent (ivar_2_synchronized γ).
#[local] Lemma lstate_alloc :
⊢ |==>
∃ γ_lstate,
lstate_unset₁' γ_lstate ∗
lstate_unset₂' γ_lstate.
#[local] Lemma lstate_unset₂_exclusive γ :
lstate_unset₂ γ -∗
lstate_unset₂ γ -∗
False.
#[local] Lemma lstate_set_agree γ v1 v2 :
lstate_set γ v1 -∗
lstate_set γ v2 -∗
⌜v1 = v2⌝.
#[local] Lemma lstate_unset₁_set γ v :
lstate_unset₁ γ -∗
lstate_set γ v -∗
False.
#[local] Lemma lstate_unset₂_set γ v :
lstate_unset₂ γ -∗
lstate_set γ v -∗
False.
#[local] Lemma lstate_update {γ} v :
lstate_unset₁ γ -∗
lstate_unset₂ γ ==∗
lstate_set γ v.
#[local] Lemma consumer_alloc Ψ :
⊢ |==>
∃ γ_consumer,
consumer_auth' γ_consumer Ψ None ∗
consumer_frag' γ_consumer Ψ.
#[local] Lemma consumer_wand {γ Ψ state Χ1} Χ2 E :
▷ consumer_auth γ Ψ state -∗
consumer_frag γ Χ1 -∗
(∀ v, Χ1 v -∗ Χ2 v) ={E}=∗
▷ consumer_auth γ Ψ state ∗
consumer_frag γ Χ2.
#[local] Lemma consumer_divide {γ Ψ state} Χs E :
▷ consumer_auth γ Ψ state -∗
consumer_frag γ (λ v, [∗ list] Χ ∈ Χs, Χ v) ={E}=∗
▷ consumer_auth γ Ψ state ∗
[∗ list] Χ ∈ Χs, consumer_frag γ Χ.
#[local] Lemma consumer_produce {γ Ψ} v :
consumer_auth γ Ψ None -∗
Ψ v -∗
consumer_auth γ Ψ (Some v).
#[local] Lemma consumer_consume γ Ψ v Χ E :
▷ consumer_auth γ Ψ (Some v) -∗
consumer_frag γ Χ ={E}=∗
▷ consumer_auth γ Ψ (Some v) ∗
▷^2 Χ v.
Lemma ivar_2_producer_exclusive γ :
ivar_2_producer γ -∗
ivar_2_producer γ -∗
False.
Lemma ivar_2_consumer_wand {t γ Ψ Ξ Χ1} Χ2 :
ivar_2_inv t γ Ψ Ξ -∗
ivar_2_consumer γ Χ1 -∗
(∀ v, Χ1 v -∗ Χ2 v) ={⊤}=∗
ivar_2_consumer γ Χ2.
Lemma ivar_2_consumer_divide {t γ Ψ Ξ} Χs :
ivar_2_inv t γ Ψ Ξ -∗
ivar_2_consumer γ (λ v, [∗ list] Χ ∈ Χs, Χ v) ={⊤}=∗
[∗ list] Χ ∈ Χs, ivar_2_consumer γ Χ.
Lemma ivar_2_result_agree γ v1 v2 :
ivar_2_result γ v1 -∗
ivar_2_result γ v2 -∗
⌜v1 = v2⌝.
Lemma ivar_2_producer_result γ v :
ivar_2_producer γ -∗
ivar_2_result γ v -∗
False.
Lemma ivar_2_inv_result t γ Ψ Ξ v :
ivar_2_inv t γ Ψ Ξ -∗
ivar_2_result γ v -∗
ivar_2_synchronized γ ={⊤}=∗
▷ □ Ξ v.
Lemma ivar_2_inv_result_consumer t γ Ψ Ξ v Χ :
ivar_2_inv t γ Ψ Ξ -∗
ivar_2_result γ v -∗
ivar_2_synchronized γ -∗
ivar_2_consumer γ Χ ={⊤}=∗
▷^2 Χ v ∗
▷ □ Ξ v.
Lemma ivar_2٠create𑁒spec Ψ Ξ :
{{{
True
}}}
ivar_2٠create ()
{{{
t γ
, RET #t;
meta_token t ⊤ ∗
ivar_2_inv t γ Ψ Ξ ∗
ivar_2_producer γ ∗
ivar_2_consumer γ Ψ
}}}.
Lemma ivar_2٠make𑁒spec Ψ Ξ v :
{{{
▷ Ψ v ∗
▷ □ Ξ v
}}}
ivar_2٠make v
{{{
t γ
, RET #t;
meta_token t ⊤ ∗
ivar_2_inv t γ Ψ Ξ ∗
ivar_2_result γ v ∗
ivar_2_synchronized γ ∗
ivar_2_consumer γ Ψ
}}}.
Lemma ivar_2٠try_get𑁒spec t γ Ψ Ξ :
{{{
ivar_2_inv t γ Ψ Ξ
}}}
ivar_2٠try_get #t
{{{
o
, RET o;
if o is Some v then
£ 2 ∗
ivar_2_result γ v ∗
ivar_2_synchronized γ
else
True
}}}.
Lemma ivar_2٠try_get𑁒spec_result t γ Ψ Ξ v :
{{{
ivar_2_inv t γ Ψ Ξ ∗
ivar_2_result γ v
}}}
ivar_2٠try_get #t
{{{
RET Some v;
£ 2 ∗
ivar_2_synchronized γ
}}}.
Lemma ivar_2٠is_unset𑁒spec t γ Ψ Ξ :
{{{
ivar_2_inv t γ Ψ Ξ
}}}
ivar_2٠is_unset #t
{{{
b
, RET #b;
if b then
True
else
£ 2 ∗
ivar_2_resolved γ
}}}.
Lemma ivar_2٠is_unset𑁒spec_result t γ Ψ Ξ v :
{{{
ivar_2_inv t γ Ψ Ξ ∗
ivar_2_result γ v
}}}
ivar_2٠is_unset #t
{{{
RET false;
£ 2
}}}.
Lemma ivar_2٠is_set𑁒spec t γ Ψ Ξ :
{{{
ivar_2_inv t γ Ψ Ξ
}}}
ivar_2٠is_set #t
{{{
b
, RET #b;
if b then
£ 2 ∗
ivar_2_resolved γ
else
True
}}}.
Lemma ivar_2٠is_set𑁒spec_result t γ Ψ Ξ v :
{{{
ivar_2_inv t γ Ψ Ξ ∗
ivar_2_result γ v
}}}
ivar_2٠is_set #t
{{{
RET true;
£ 2
}}}.
Lemma ivar_2٠get𑁒spec t γ Ψ Ξ :
{{{
ivar_2_inv t γ Ψ Ξ
}}}
ivar_2٠get #t
{{{
v
, RET v;
£ 2 ∗
ivar_2_result γ v ∗
ivar_2_synchronized γ
}}}.
Lemma ivar_2٠get𑁒spec_result t γ Ψ Ξ v :
{{{
ivar_2_inv t γ Ψ Ξ ∗
ivar_2_result γ v
}}}
ivar_2٠get #t
{{{
RET v;
£ 2 ∗
ivar_2_synchronized γ
}}}.
Lemma ivar_2٠set𑁒spec t γ Ψ Ξ v :
{{{
ivar_2_inv t γ Ψ Ξ ∗
ivar_2_producer γ ∗
▷ Ψ v ∗
▷ □ Ξ v
}}}
ivar_2٠set #t v
{{{
RET ();
ivar_2_result γ v
}}}.
End ivar_2_G.
#[global] Opaque ivar_2_inv.
#[global] Opaque ivar_2_producer.
#[global] Opaque ivar_2_consumer.
#[global] Opaque ivar_2_result.
#[global] Opaque ivar_2_synchronized.
End base.
From zoo_std Require
ivar_2__opaque.
Section ivar_2_G.
Context `{ivar_2_G : Ivar2G Σ}.
Implicit Types 𝑡 : location.
Implicit Types t : val.
Implicit Types γ : base.ivar_2_name.
Implicit Types Ψ Χ Ξ : val → iProp Σ.
Definition ivar_2_inv t Ψ Ξ : iProp Σ :=
∃ 𝑡 γ,
⌜t = #𝑡⌝ ∗
meta 𝑡 nroot γ ∗
base.ivar_2_inv 𝑡 γ Ψ Ξ.
#[local] Instance : CustomIpat "inv" :=
" ( %l{} & %γ{} & {%Heq{};->} & #Hmeta{_{}} & Hinv{_{}} ) ".
Definition ivar_2_producer t : iProp Σ :=
∃ 𝑡 γ,
⌜t = #𝑡⌝ ∗
meta 𝑡 nroot γ ∗
base.ivar_2_producer γ.
#[local] Instance : CustomIpat "producer" :=
" ( %l{;_} & %γ{;_} & {%Heq{};->} & #Hmeta{_{}} & Hproducer{_{}} ) ".
Definition ivar_2_consumer t Χ : iProp Σ :=
∃ 𝑡 γ,
⌜t = #𝑡⌝ ∗
meta 𝑡 nroot γ ∗
base.ivar_2_consumer γ Χ.
#[local] Instance : CustomIpat "consumer" :=
" ( %l{;_} & %γ{;_} & {%Heq{};->} & #Hmeta{_{}} & Hconsumer{_{}} ) ".
Definition ivar_2_result t v : iProp Σ :=
∃ 𝑡 γ,
⌜t = #𝑡⌝ ∗
meta 𝑡 nroot γ ∗
base.ivar_2_result γ v.
#[local] Instance : CustomIpat "result" :=
" ( %l{;_} & %γ{;_} & {%Heq{};->} & #Hmeta{_{}} & Hresult{_{}} ) ".
Definition ivar_2_resolved t : iProp Σ :=
∃ v,
ivar_2_result t v.
Definition ivar_2_synchronized t : iProp Σ :=
∃ 𝑡 γ,
⌜t = #𝑡⌝ ∗
meta 𝑡 nroot γ ∗
base.ivar_2_synchronized γ.
#[local] Instance : CustomIpat "synchronized" :=
" ( %l{;_} & %γ{;_} & {%Heq{};->} & #Hmeta{_{}} & Hsynchronized{_{}} ) ".
#[global] Instance ivar_2_inv_contractive t n :
Proper (
(pointwise_relation _ (dist_later n)) ==>
(pointwise_relation _ (dist_later n)) ==>
(≡{n}≡)
) (ivar_2_inv t).
#[global] Instance ivar_2_inv_proper t :
Proper (
(pointwise_relation _ (≡)) ==>
(pointwise_relation _ (≡)) ==>
(≡)
) (ivar_2_inv t).
#[global] Instance ivar_2_consumer_contractive t n :
Proper (
(pointwise_relation _ (dist_later n)) ==>
(≡{n}≡)
) (ivar_2_consumer t).
#[global] Instance ivar_2_consumer_proper t :
Proper (
(pointwise_relation _ (≡)) ==>
(≡)
) (ivar_2_consumer t).
#[global] Instance ivar_2_producer_timeless t :
Timeless (ivar_2_producer t).
#[global] Instance ivar_2_result_timeless t v :
Timeless (ivar_2_result t v).
#[global] Instance ivar_2_synchronized_timeless t :
Timeless (ivar_2_synchronized t).
#[global] Instance ivar_2_inv_persistent t Ψ Ξ :
Persistent (ivar_2_inv t Ψ Ξ).
#[global] Instance ivar_2_result_persistent t v :
Persistent (ivar_2_result t v).
#[global] Instance ivar_2_synchronized_persistent t :
Persistent (ivar_2_synchronized t).
Lemma ivar_2_producer_exclusive t :
ivar_2_producer t -∗
ivar_2_producer t -∗
False.
Lemma ivar_2_consumer_wand {t Ψ Ξ Χ1} Χ2 :
ivar_2_inv t Ψ Ξ -∗
ivar_2_consumer t Χ1 -∗
(∀ v, Χ1 v -∗ Χ2 v) ={⊤}=∗
ivar_2_consumer t Χ2.
Lemma ivar_2_consumer_divide {t Ψ Ξ} Χs :
ivar_2_inv t Ψ Ξ -∗
ivar_2_consumer t (λ v, [∗ list] Χ ∈ Χs, Χ v) ={⊤}=∗
[∗ list] Χ ∈ Χs, ivar_2_consumer t Χ.
Lemma ivar_2_consumer_split {t Ψ Ξ} Χ1 Χ2 :
ivar_2_inv t Ψ Ξ -∗
ivar_2_consumer t (λ v, Χ1 v ∗ Χ2 v) ={⊤}=∗
ivar_2_consumer t Χ1 ∗
ivar_2_consumer t Χ2.
Lemma ivar_2_result_agree t v1 v2 :
ivar_2_result t v1 -∗
ivar_2_result t v2 -∗
⌜v1 = v2⌝.
Lemma ivar_2_producer_result t v :
ivar_2_producer t -∗
ivar_2_result t v -∗
False.
Lemma ivar_2_inv_result t Ψ Ξ v :
ivar_2_inv t Ψ Ξ -∗
ivar_2_result t v -∗
ivar_2_synchronized t ={⊤}=∗
▷ □ Ξ v.
Lemma ivar_2_inv_result' t Ψ Ξ v :
£ 1 -∗
ivar_2_inv t Ψ Ξ -∗
ivar_2_result t v -∗
ivar_2_synchronized t ={⊤}=∗
□ Ξ v.
Lemma ivar_2_inv_result_consumer t Ψ Ξ v Χ :
ivar_2_inv t Ψ Ξ -∗
ivar_2_result t v -∗
ivar_2_synchronized t -∗
ivar_2_consumer t Χ ={⊤}=∗
▷^2 Χ v ∗
▷ □ Ξ v.
Lemma ivar_2_inv_result_consumer' t Ψ Ξ v Χ :
£ 2 -∗
ivar_2_inv t Ψ Ξ -∗
ivar_2_result t v -∗
ivar_2_synchronized t -∗
ivar_2_consumer t Χ ={⊤}=∗
Χ v ∗
□ Ξ v.
Lemma ivar_2٠create𑁒spec Ψ Ξ :
{{{
True
}}}
ivar_2٠create ()
{{{
t
, RET t;
ivar_2_inv t Ψ Ξ ∗
ivar_2_producer t ∗
ivar_2_consumer t Ψ
}}}.
Lemma ivar_2٠make𑁒spec Ψ Ξ v :
{{{
▷ Ψ v ∗
▷ □ Ξ v
}}}
ivar_2٠make v
{{{
t
, RET t;
ivar_2_inv t Ψ Ξ ∗
ivar_2_result t v ∗
ivar_2_consumer t Ψ
}}}.
Lemma ivar_2٠try_get𑁒spec t Ψ Ξ :
{{{
ivar_2_inv t Ψ Ξ
}}}
ivar_2٠try_get t
{{{
o
, RET o;
if o is Some v then
£ 2 ∗
ivar_2_result t v ∗
ivar_2_synchronized t
else
True
}}}.
Lemma ivar_2٠try_get𑁒spec_result t Ψ Ξ v :
{{{
ivar_2_inv t Ψ Ξ ∗
ivar_2_result t v
}}}
ivar_2٠try_get t
{{{
RET Some v;
£ 2 ∗
ivar_2_synchronized t
}}}.
Lemma ivar_2٠is_unset𑁒spec t Ψ Ξ :
{{{
ivar_2_inv t Ψ Ξ
}}}
ivar_2٠is_unset t
{{{
b
, RET #b;
if b then
True
else
£ 2 ∗
ivar_2_resolved t
}}}.
Lemma ivar_2٠is_unset𑁒spec_result t Ψ Ξ v :
{{{
ivar_2_inv t Ψ Ξ ∗
ivar_2_result t v
}}}
ivar_2٠is_unset t
{{{
RET false;
£ 2
}}}.
Lemma ivar_2٠is_set𑁒spec t Ψ Ξ :
{{{
ivar_2_inv t Ψ Ξ
}}}
ivar_2٠is_set t
{{{
b
, RET #b;
if b then
£ 2 ∗
ivar_2_resolved t
else
True
}}}.
Lemma ivar_2٠is_set𑁒spec_result t Ψ Ξ v :
{{{
ivar_2_inv t Ψ Ξ ∗
ivar_2_result t v
}}}
ivar_2٠is_set t
{{{
RET true;
£ 2
}}}.
Lemma ivar_2٠get𑁒spec t Ψ Ξ :
{{{
ivar_2_inv t Ψ Ξ
}}}
ivar_2٠get t
{{{
v
, RET v;
£ 2 ∗
ivar_2_result t v ∗
ivar_2_synchronized t
}}}.
Lemma ivar_2٠set𑁒spec t Ψ Ξ v :
{{{
ivar_2_inv t Ψ Ξ ∗
ivar_2_producer t ∗
▷ Ψ v ∗
▷ □ Ξ v
}}}
ivar_2٠set t v
{{{
RET ();
ivar_2_result t v
}}}.
End ivar_2_G.
#[global] Opaque ivar_2_inv.
#[global] Opaque ivar_2_producer.
#[global] Opaque ivar_2_consumer.
#[global] Opaque ivar_2_result.
#[global] Opaque ivar_2_synchronized.