Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Transactional consistency #44

Merged
merged 30 commits into from
Dec 29, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
30 commits
Select commit Hold shift + click to select a range
fe1b52e
WIP SI trace proof init client
aalnor Nov 25, 2024
13dc4b8
SI trace proof init client operation done
aalnor Nov 25, 2024
3b7a09a
WIP SI trace proof start operation
aalnor Nov 26, 2024
bb3856f
SI trace proof start operation done
aalnor Nov 27, 2024
fc8f5f2
renaming
aalnor Dec 1, 2024
e20c9c0
SI trace proof write operation done
aalnor Dec 4, 2024
273b851
renaming
aalnor Dec 10, 2024
346a5e9
refactoring
aalnor Dec 10, 2024
be37791
refactoring
aalnor Dec 10, 2024
c98d847
added usual adequacy to the trace adequacy theorem
aalnor Dec 11, 2024
81c462a
WIP SI trace read
aalnor Dec 12, 2024
ef2ae0f
WIP SI trace read
aalnor Dec 12, 2024
eab9d6e
WIP SI trace read
aalnor Dec 13, 2024
cce1a0f
SI trace read done
aalnor Dec 13, 2024
6a1e81d
WIP SI trace commit
aalnor Dec 16, 2024
a278886
WIP SI trace commit
aalnor Dec 17, 2024
bea3c35
WIP SI trace commit
aalnor Dec 17, 2024
730899c
WIP SI trace commit
aalnor Dec 18, 2024
bb2aee0
WIP SI trace commit
aalnor Dec 18, 2024
2bdb8b1
WIP SI trace commit
aalnor Dec 18, 2024
2f11112
WIP SI trace commit
aalnor Dec 19, 2024
04dfa43
WIP SI trace commit
aalnor Dec 20, 2024
8ead53a
refactoring
aalnor Dec 21, 2024
658b064
WIP SI trace commit
aalnor Dec 22, 2024
22e0fcc
WIP SI trace commit
aalnor Dec 23, 2024
197b921
WIP SI trace commit
aalnor Dec 23, 2024
7b812ab
WIP SI trace commit
aalnor Dec 24, 2024
e406ccc
WIP SI trace commit
aalnor Dec 24, 2024
c378afb
SI trace commit done (all trace proofs done)
aalnor Dec 25, 2024
b725dd8
Merge remote-tracking branch 'origin/master' into transactional_consi…
aalnor Dec 29, 2024
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
78 changes: 52 additions & 26 deletions aneris/aneris_lang/adequacy_trace.v
Original file line number Diff line number Diff line change
@@ -1,11 +1,12 @@
From trillium.prelude Require Import classical_instances.
From trillium.program_logic Require Import language.
From trillium Require Import finitary.
From aneris.aneris_lang.program_logic Require Import aneris_adequacy.
From aneris.aneris_lang Require Import adequacy aneris_lang proofmode adequacy_no_model.
From iris.base_logic.lib Require Import invariants.
From aneris.examples.transactional_consistency Require Import code_api wrapped_library.

Definition aneris_invariance `{anerisPreG Σ unit_model} (N : namespace) (I : list val → Prop)
Definition aneris_invariance `{anerisPreG Σ unit_model} (N : namespace) (I : list val → Prop) (φ : val → Prop)
ip e σ A IPs lbls obs_send_sas obs_rec_sas :
state_heaps σ = {[ip:=∅]} →
state_sockets σ = {[ip:=∅]} →
Expand All @@ -27,18 +28,20 @@ Definition aneris_invariance `{anerisPreG Σ unit_model} (N : namespace) (I : li
observed_send obs_send_sas ∗
observed_receive obs_rec_sas }}}
e @[ip]
{{{ v, RET v; True }}}) →
∀ σ' t,
{{{ v, RET v; ⌜φ v⌝ }}}) →
(∀ σ' t,
rtc step ([(mkExpr ip e)], σ) (t, σ') →
I (state_trace σ').
I (state_trace σ')) ∧
aneris_adequate e ip σ φ.
Proof.
intros Hheaps Hsock Hms Htrace Hip_nin Hobs_send Hobs_rec HI Hwp σ' t Hsteps.
assert (@continued_simulation aneris_lang (aneris_to_trace_model unit_model)
intros Hheaps Hsock Hms Htrace Hip_nin Hobs_send Hobs_rec HI Hwp.
assert ((@continued_simulation aneris_lang (aneris_to_trace_model unit_model)
(λ ex _, ∀ conf, trace_ends_in ex conf → I (state_trace conf.2))
(trace_singleton ([(mkExpr ip e)], σ))
(trace_singleton ())) as Hsim.
(trace_singleton ())) ∧
aneris_adequate e ip σ φ) as (Hsim & Haneris_adequate).
{
eapply (simulation_adequacy1 Σ (aneris_to_trace_model unit_model)
eapply (simulation_adequacy Σ (aneris_to_trace_model unit_model)
NotStuck IPs lbls A obs_send_sas obs_rec_sas); try done.
- intros ?.
intros.
Expand All @@ -53,7 +56,7 @@ Proof.
apply make_proof_irrel.
- iIntros.
iModIntro.
iExists (λ v, (∃ w : val, ⌜v = {| val_n := ip; val_e := w |}⌝ ∗ True)%I).
iExists (λ v, (∃ w : val, ⌜v = {| val_n := ip; val_e := w |}⌝ ∗ ⌜φ w⌝)%I).
iIntros "Hunalloc Hobs Hfree_ip His_node Hlbs Hsend_evs Hrec_evs
Hobs_send Hobs_rec ? Hfrag_trace Htrace_is".
iMod (inv_alloc N _ (∃ t, trace_half_frag t ∗ ⌜I t⌝)%I with "[Hfrag_trace]") as "#Hinv".
Expand All @@ -65,22 +68,18 @@ Proof.
by rewrite -Htrace.
}
iModIntro.
iSplitR; first set_solver.
iSplitL.
+ unfold aneris_wp_def in Hwp.
iAssert (WP e @[ip] {{ _, True}}%I) with "[Hunalloc Hobs Hfree_ip
+
unfold aneris_wp_def in Hwp.
iAssert (WP e @[ip] {{ v, ⌜φ v⌝}}%I) with "[Hunalloc Hobs Hfree_ip
Hlbs Hsend_evs Hrec_evs Hobs_send Hobs_rec Htrace_is]" as "Hwp".
{
iApply (Hwp anerisG0 with "[$Hinv Htrace_is $Hunalloc Hobs $Hfree_ip
$Hlbs $Hsend_evs $Hrec_evs $Hobs_send $Hobs_rec][]"); try done.
rewrite Htrace.
iFrame.
unfold message_history_singleton.
simpl.
iApply (big_sepS_wand with "[$Hobs][]").
iApply big_sepS_intro.
iModIntro.
iIntros.
by iFrame.
set_solver.
}
rewrite !aneris_wp_unfold /aneris_wp_def.
iApply ("Hwp" with "[$His_node]").
Expand All @@ -98,6 +97,8 @@ Proof.
apply last_eq_trace_ends_in in H6.
by rewrite H6 in Hinv_res2.
}
split; last done.
intros σ' t Hsteps.
eapply (@trace_steps_rtc_bin _ unit) in Hsteps; last done.
destruct Hsteps as [ex (Htrace_steps & Htrace_start & Htrace_end)].
assert (∃ ex', trace_steps language.locale_step ex' ∧
Expand All @@ -116,7 +117,7 @@ Proof.
- intros.
apply trace_extend_starts_in_inv in Htrace_start.
destruct x.
eapply IHHtrace_steps in Htrace_start; last apply H0.
eapply IHHtrace_steps in Htrace_start; last apply H0; last done.
destruct Htrace_start as
[ex' (Htrace_steps' & Htrace_start' & Htrace_end')].
inversion H1.
Expand Down Expand Up @@ -151,8 +152,8 @@ Proof.
by apply Hsim_ex' in Htrace_end'.
Qed.

Theorem adequacy_trace Σ `{anerisPreG Σ unit_model} {L : Type} (N : namespace) ip
(Φ : ∀ `{anerisG Σ}, L → iProp Σ)
Theorem adequacy_trace_with_aneris_adequacy Σ `{anerisPreG Σ unit_model} {L : Type} (N : namespace) ip
(Φ : ∀ `{anerisG Σ}, L → iProp Σ) (φ : val → Prop)
(e : expr) (lib : L) (valid_trace: list val → Prop)
(σ: state) (A : gset socket_address) (IPs : gset ip_address) :
state_heaps σ = {[ip:=∅]} →
Expand All @@ -165,20 +166,45 @@ Theorem adequacy_trace Σ `{anerisPreG Σ unit_model} {L : Type} (N : namespace)
(∀ `{anerisG Σ}, ⊢
{{{ Φ lib ∗ unallocated A ∗ ([∗ set] a ∈ A, a ⤳ (∅, ∅)) ∗ ([∗ set] ip ∈ IPs, free_ip ip) }}}
e @[ip]
{{{ v, RET v; True }}}) →
∀ σ' e',
{{{ v, RET v; ⌜φ v⌝ }}}) →
(∀ σ' e',
rtc step ([(mkExpr ip e)], σ) (e', σ') →
valid_trace (state_trace σ').
valid_trace (state_trace σ')) ∧
aneris_adequate e ip σ φ.
Proof.
intros Hstate_heap Hstate_sock Hstate_ms Hstate_trace Hips_nin.
intros Htr Hinit Hclient σ' e' Hsteps.
intros Htr Hinit Hclient.
rewrite -Hstate_trace in Htr.
eapply (aneris_invariance _ _ _ _ _ A _ ∅ ∅ ∅); try done.
eapply (aneris_invariance _ _ _ _ _ _ A _ ∅ ∅ ∅); try done.
iIntros (? ?) "!# (#HI & Htr & Hunalloc & Hobs & Hfree_ip & Hlbs
& Hsend_evs & Hrec_evs & Hobs_send & Hobs_rec) HΦ".
iApply fupd_aneris_wp.
rewrite Hstate_trace.
iMod (Hinit with "[$Htr $HI]") as "Hinit'".
iModIntro.
iApply (Hclient with "[$Hunalloc $Hfree_ip $Hobs $Hinit'][HΦ]"); last done.
Qed.

Theorem adequacy_trace Σ `{anerisPreG Σ unit_model} {L : Type} (N : namespace) ip
(Φ : ∀ `{anerisG Σ}, L → iProp Σ)
(e : expr) (lib : L) (valid_trace: list val → Prop)
(σ: state) (A : gset socket_address) (IPs : gset ip_address) :
state_heaps σ = {[ip:=∅]} →
state_sockets σ = {[ip:=∅]} →
state_ms σ = ∅ →
state_trace σ = [] →
ip ∉ IPs →
valid_trace [] →
(∀ `{anerisG Σ}, ⊢ (trace_is [] ∗ trace_inv N valid_trace) ={⊤}=∗ Φ lib) →
(∀ `{anerisG Σ}, ⊢
{{{ Φ lib ∗ unallocated A ∗ ([∗ set] a ∈ A, a ⤳ (∅, ∅)) ∗ ([∗ set] ip ∈ IPs, free_ip ip) }}}
e @[ip]
{{{ v, RET v; True }}}) →
∀ σ' e',
rtc step ([(mkExpr ip e)], σ) (e', σ') →
valid_trace (state_trace σ').
Proof.
intros Hstate_heap Hstate_sock Hstate_ms Hstate_trace Hips_nin.
intros Htr Hinit Hclient.
eapply (adequacy_trace_with_aneris_adequacy _ _ ip _ (λ _, True)); try done.
Qed.
15 changes: 15 additions & 0 deletions aneris/examples/transactional_consistency/implication_trace_util.v
Original file line number Diff line number Diff line change
Expand Up @@ -373,6 +373,21 @@ Section trace_proof_util.
by do 2 rewrite -app_assoc.
Qed.

Lemma open_trans_eq t t' c T :
valid_transactions T →
open_trans t c T →
open_trans t' c T →
t = t'.
Proof.
intros (_ & Hvalid & _) (op1 & Hin1 & Hlast1 & Hconn1 & Hcm1) (op2 & Hin2 & Hlast2 & Hconn2 & Hcm2).
rewrite elem_of_list_lookup in Hin1.
rewrite elem_of_list_lookup in Hin2.
destruct Hin1 as (i & Hin1).
destruct Hin2 as (j & Hin2).
assert (i = j) as <-; last set_solver.
set_solver.
Qed.

Lemma open_trans_neq1 (extract : val → option val) sa sa' c c' t T op :
sa ≠ sa' →
extract c = Some #sa →
Expand Down
Loading
Loading