Skip to content

Commit 54a2e17

Browse files
yunshengtwyunshengtw
committed
Prove insertion sort
1 parent 82cfff0 commit 54a2e17

File tree

4 files changed

+394
-8
lines changed

4 files changed

+394
-8
lines changed

src/program_proof/tulip/paxos/program/paxos_ascend.v

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -32,8 +32,8 @@ Section ascend.
3232
iIntros "[%Hsz Hrespp]".
3333
iNamed "Hpx".
3434
wp_apply (wp_Paxos__cquorum with "Hsc").
35-
iIntros (ok) "[Hsc %Hquorum]".
36-
wp_if_destruct.
35+
iIntros "Hsc".
36+
case_bool_decide as Hquorum; wp_pures; last first.
3737
{ iApply "HΦ".
3838
iFrame "HtermcP HtermlP HiscandP HlogP HentspP".
3939
by iFrame "∗ # %".

src/program_proof/tulip/paxos/program/paxos_cquorum.v

Lines changed: 18 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,6 @@
11
From Perennial.program_proof.tulip.paxos Require Import prelude.
22
From Perennial.program_proof.tulip.paxos.program Require Import repr.
3+
From Perennial.program_proof.tulip.program Require Import quorum.
34
From Goose.github_com.mit_pdos.tulip Require Import paxos quorum.
45

56
Section cquorum.
@@ -8,11 +9,26 @@ Section cquorum.
89
Theorem wp_Paxos__cquorum (px : loc) (n : u64) nids :
910
{{{ own_paxos_sc px nids }}}
1011
Paxos__cquorum #px #n
11-
{{{ (ok : bool), RET #ok; own_paxos_sc px nids ∗ ⌜size nids / 2 < uint.Z n }}}.
12+
{{{ RET #(bool_decide (size nids / 2 < uint.Z n)); own_paxos_sc px nids }}}.
1213
Proof.
14+
iIntros (Φ) "Hpx HΦ".
15+
wp_rec.
16+
1317
(*@ func (px *Paxos) cquorum(n uint64) bool { @*)
1418
(*@ return quorum.ClassicQuorum(px.sc) <= n @*)
1519
(*@ } @*)
16-
Admitted.
20+
iNamed "Hpx".
21+
wp_loadField.
22+
wp_apply wp_ClassicQuorum.
23+
iIntros (x Hx).
24+
wp_pures.
25+
case_bool_decide as Hc1.
26+
{ case_bool_decide as Hc2; last word.
27+
iApply "HΦ". by iFrame "∗ %".
28+
}
29+
{ case_bool_decide as Hc2; first word.
30+
iApply "HΦ". by iFrame "∗ %".
31+
}
32+
Qed.
1733

1834
End cquorum.

src/program_proof/tulip/paxos/program/paxos_push.v

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -34,9 +34,9 @@ Section push.
3434
wp_apply (wp_MapLen with "Hlsnpeers").
3535
iIntros "[%Hszlsnpeers Hlsnpeers]".
3636
wp_apply (wp_Paxos__cquorum with "Hsc").
37-
iIntros (ok) "[Hsc %Hqsize]".
37+
iIntros "Hsc".
3838
(* Not using [wp_if_destruct] to prevent it eating equality about [nids]. *)
39-
destruct ok eqn:Hok; last first.
39+
case_bool_decide as Hqsize; wp_pures; last first.
4040
{ wp_pures.
4141
iApply "HΦ".
4242
iFrame "Hcand".

0 commit comments

Comments
 (0)