updates.v 7.69 KB
Newer Older
1
From iris.algebra Require Export cmra.
2
From iris Require Import options.
3
4

(** * Frame preserving updates *)
5
6
7
8
(* This quantifies over [option A] for the frame.  That is necessary to
   make the following hold:
     x ~~> P → Some c ~~> Some P
*)
9
10
Definition cmra_updateP {A : cmraT} (x : A) (P : A  Prop) :=  n mz,
  {n} (x ? mz)   y, P y  {n} (y ? mz).
11
Instance: Params (@cmra_updateP) 1 := {}.
12
13
14
15
16
Infix "~~>:" := cmra_updateP (at level 70).

Definition cmra_update {A : cmraT} (x y : A) :=  n mz,
  {n} (x ? mz)  {n} (y ? mz).
Infix "~~>" := cmra_update (at level 70).
17
Instance: Params (@cmra_update) 1 := {}.
18

19
Section updates.
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
Context {A : cmraT}.
Implicit Types x y : A.

Global Instance cmra_updateP_proper :
  Proper (() ==> pointwise_relation _ iff ==> iff) (@cmra_updateP A).
Proof.
  rewrite /pointwise_relation /cmra_updateP=> x x' Hx P P' HP;
    split=> ? n mz; setoid_subst; naive_solver.
Qed.
Global Instance cmra_update_proper :
  Proper (() ==> () ==> iff) (@cmra_update A).
Proof.
  rewrite /cmra_update=> x x' Hx y y' Hy; split=> ? n mz ?; setoid_subst; auto.
Qed.

Robbert Krebbers's avatar
Robbert Krebbers committed
35
Lemma cmra_update_updateP x y : x ~~> y  x ~~>: (y =.).
36
37
38
39
40
41
42
43
44
Proof. split=> Hup n z ?; eauto. destruct (Hup n z) as (?&<-&?); auto. Qed.
Lemma cmra_updateP_id (P : A  Prop) x : P x  x ~~>: P.
Proof. intros ? n mz ?; eauto. Qed.
Lemma cmra_updateP_compose (P Q : A  Prop) x :
  x ~~>: P  ( y, P y  y ~~>: Q)  x ~~>: Q.
Proof. intros Hx Hy n mz ?. destruct (Hx n mz) as (y&?&?); naive_solver. Qed.
Lemma cmra_updateP_compose_l (Q : A  Prop) x y : x ~~> y  y ~~>: Q  x ~~>: Q.
Proof.
  rewrite cmra_update_updateP.
Robbert Krebbers's avatar
Robbert Krebbers committed
45
  intros; apply cmra_updateP_compose with (y =.); naive_solver.
46
47
48
49
Qed.
Lemma cmra_updateP_weaken (P Q : A  Prop) x :
  x ~~>: P  ( y, P y  Q y)  x ~~>: Q.
Proof. eauto using cmra_updateP_compose, cmra_updateP_id. Qed.
50
51
52
53
54
Lemma cmra_update_exclusive `{!Exclusive x} y:
   y  x ~~> y.
Proof. move=>??[z|]=>[/exclusiveN_l[]|_]. by apply cmra_valid_validN. Qed.

(** Updates form a preorder. *)
55
56
57
58
59
60
61
62
63
64
65
66
67
68
Global Instance cmra_update_preorder : PreOrder (@cmra_update A).
Proof.
  split.
  - intros x. by apply cmra_update_updateP, cmra_updateP_id.
  - intros x y z. rewrite !cmra_update_updateP.
    eauto using cmra_updateP_compose with subst.
Qed.

Lemma cmra_updateP_op (P1 P2 Q : A  Prop) x1 x2 :
  x1 ~~>: P1  x2 ~~>: P2  ( y1 y2, P1 y1  P2 y2  Q (y1  y2)) 
  x1  x2 ~~>: Q.
Proof.
  intros Hx1 Hx2 Hy n mz ?.
  destruct (Hx1 n (Some (x2 ? mz))) as (y1&?&?).
69
  { by rewrite /= -cmra_op_opM_assoc. }
70
  destruct (Hx2 n (Some (y1 ? mz))) as (y2&?&?).
71
72
  { by rewrite /= -cmra_op_opM_assoc (comm _ x2) cmra_op_opM_assoc. }
  exists (y1  y2); split; last rewrite (comm _ y1) cmra_op_opM_assoc; auto.
73
74
75
76
77
78
79
80
81
Qed.
Lemma cmra_updateP_op' (P1 P2 : A  Prop) x1 x2 :
  x1 ~~>: P1  x2 ~~>: P2 
  x1  x2 ~~>: λ y,  y1 y2, y = y1  y2  P1 y1  P2 y2.
Proof. eauto 10 using cmra_updateP_op. Qed.
Lemma cmra_update_op x1 x2 y1 y2 : x1 ~~> y1  x2 ~~> y2  x1  x2 ~~> y1  y2.
Proof.
  rewrite !cmra_update_updateP; eauto using cmra_updateP_op with congruence.
Qed.
Robbert Krebbers's avatar
Robbert Krebbers committed
82
83

Lemma cmra_update_op_l x y : x  y ~~> x.
84
Proof. intros n mz. rewrite comm cmra_op_opM_assoc. apply cmra_validN_op_r. Qed.
Robbert Krebbers's avatar
Robbert Krebbers committed
85
86
87
Lemma cmra_update_op_r x y : x  y ~~> y.
Proof. rewrite comm. apply cmra_update_op_l. Qed.

88
Lemma cmra_update_valid0 x y : ({0} x  x ~~> y)  x ~~> y.
89
90
91
Proof.
  intros H n mz Hmz. apply H, Hmz.
  apply (cmra_validN_le n); last lia.
92
93
94
  destruct mz.
  - eapply cmra_validN_op_l, Hmz.
  - apply Hmz.
95
Qed.
96
97
98

(** ** Frame preserving updates for total CMRAs *)
Section total_updates.
99
  Local Set Default Proof Using "Type*".
100
  Context `{CmraTotal A}.
101
102
103
104
105
106
107
108
109
110
111
112

  Lemma cmra_total_updateP x (P : A  Prop) :
    x ~~>: P   n z, {n} (x  z)   y, P y  {n} (y  z).
  Proof.
    split=> Hup; [intros n z; apply (Hup n (Some z))|].
    intros n [z|] ?; simpl; [by apply Hup|].
    destruct (Hup n (core x)) as (y&?&?); first by rewrite cmra_core_r.
    eauto using cmra_validN_op_l.
  Qed.
  Lemma cmra_total_update x y : x ~~> y   n z, {n} (x  z)  {n} (y  z).
  Proof. rewrite cmra_update_updateP cmra_total_updateP. naive_solver. Qed.

113
  Context `{CmraDiscrete A}.
114
115
116
117
118

  Lemma cmra_discrete_updateP (x : A) (P : A  Prop) :
    x ~~>: P   z,  (x  z)   y, P y   (y  z).
  Proof.
    rewrite cmra_total_updateP; setoid_rewrite <-cmra_discrete_valid_iff.
Robbert Krebbers's avatar
Robbert Krebbers committed
119
    naive_solver eauto using O.
120
  Qed.
121
  Lemma cmra_discrete_update (x y : A) :
122
123
124
    x ~~> y   z,  (x  z)   (y  z).
  Proof.
    rewrite cmra_total_update; setoid_rewrite <-cmra_discrete_valid_iff.
Robbert Krebbers's avatar
Robbert Krebbers committed
125
    naive_solver eauto using O.
126
127
  Qed.
End total_updates.
128
End updates.
129

130
(** * Transport *)
131
132
133
134
135
136
137
138
139
140
141
Section cmra_transport.
  Context {A B : cmraT} (H : A = B).
  Notation T := (cmra_transport H).
  Lemma cmra_transport_updateP (P : A  Prop) (Q : B  Prop) x :
    x ~~>: P  ( y, P y  Q (T y))  T x ~~>: Q.
  Proof. destruct H; eauto using cmra_updateP_weaken. Qed.
  Lemma cmra_transport_updateP' (P : A  Prop) x :
    x ~~>: P  T x ~~>: λ y,  y', y = cmra_transport H y'  P y'.
  Proof. eauto using cmra_transport_updateP. Qed.
End cmra_transport.

142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
(** * Isomorphism *)
Section iso_cmra.
  Context {A B : cmraT} (f : A  B) (g : B  A).

  Lemma iso_cmra_updateP (P : B  Prop) (Q : A  Prop) y
      (gf :  x, g (f x)  x)
      (g_op :  y1 y2, g (y1  y2)  g y1  g y2)
      (g_validN :  n y, {n} (g y)  {n} y) :
    y ~~>: P 
    ( y', P y'  Q (g y')) 
    g y ~~>: Q.
  Proof.
    intros Hup Hx n mz Hmz.
    destruct (Hup n (f <$> mz)) as (y'&HPy'&Hy'%g_validN).
    { apply g_validN. destruct mz as [z|]; simpl in *; [|done].
      by rewrite g_op gf. }
    exists (g y'); split; [by eauto|].
    destruct mz as [z|]; simpl in *; [|done].
    revert Hy'. by rewrite g_op gf.
  Qed.

  Lemma iso_cmra_updateP' (P : B  Prop) y
      (gf :  x, g (f x)  x)
      (g_op :  y1 y2, g (y1  y2)  g y1  g y2)
      (g_validN :  n y, {n} (g y)  {n} y) :
    y ~~>: P 
    g y ~~>: λ x,  y, x = g y  P y.
  Proof. eauto using iso_cmra_updateP. Qed.
End iso_cmra.

172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
(** * Product *)
Section prod.
  Context {A B : cmraT}.
  Implicit Types x : A * B.

  Lemma prod_updateP P1 P2 (Q : A * B  Prop) x :
    x.1 ~~>: P1  x.2 ~~>: P2  ( a b, P1 a  P2 b  Q (a,b))  x ~~>: Q.
  Proof.
    intros Hx1 Hx2 HP n mz [??]; simpl in *.
    destruct (Hx1 n (fst <$> mz)) as (a&?&?); first by destruct mz.
    destruct (Hx2 n (snd <$> mz)) as (b&?&?); first by destruct mz.
    exists (a,b); repeat split; destruct mz; auto.
  Qed.
  Lemma prod_updateP' P1 P2 x :
    x.1 ~~>: P1  x.2 ~~>: P2  x ~~>: λ y, P1 (y.1)  P2 (y.2).
  Proof. eauto using prod_updateP. Qed.
  Lemma prod_update x y : x.1 ~~> y.1  x.2 ~~> y.2  x ~~> y.
  Proof.
    rewrite !cmra_update_updateP.
    destruct x, y; eauto using prod_updateP with subst.
  Qed.
End prod.

(** * Option *)
Section option.
  Context {A : cmraT}.
  Implicit Types x y : A.

  Lemma option_updateP (P : A  Prop) (Q : option A  Prop) x :
    x ~~>: P  ( y, P y  Q (Some y))  Some x ~~>: Q.
  Proof.
    intros Hx Hy; apply cmra_total_updateP=> n [y|] ?.
    { destruct (Hx n (Some y)) as (y'&?&?); auto. exists (Some y'); auto. }
    destruct (Hx n None) as (y'&?&?); rewrite ?cmra_core_r; auto.
    by exists (Some y'); auto.
  Qed.
  Lemma option_updateP' (P : A  Prop) x :
    x ~~>: P  Some x ~~>: from_option P False.
  Proof. eauto using option_updateP. Qed.
  Lemma option_update x y : x ~~> y  Some x ~~> Some y.
212
  Proof. rewrite !cmra_update_updateP; eauto using option_updateP with subst. Qed.
213
End option.