1 files changed, 49 insertions, 0 deletions
diff --git a/theories/lmpmc_queue_spec.v b/theories/lmpmc_queue_spec.v
new file mode 100644
index 0000000..0ea3a4a
--- /dev/null
+++ b/theories/lmpmc_queue_spec.v
@@ -0,0 +1,49 @@
+From iris.program_logic Require Import atomic.
+From iris.heap_lang Require Import notation proofmode.
+From lmpmc Require Import util.
+Record lmpmc_queue_hl :=
+  LmpmcQueueHl
+    { new : val;
+      enqueue : val;
+      try_dequeue : val;
+      link : val;
+    }.
+Record lmpmc_queue_iris {Σ} `{!heapGS Σ} (hl : lmpmc_queue_hl) :=
+  LmpmcQueueIris
+    { queue_repr : loc → loc → list val → iProp Σ;
+      #[global] queue_repr_timeless ℓ_deq ℓ_enq vs :: Timeless (queue_repr ℓ_deq ℓ_enq vs);
+      new_spec :
+        {{{ True }}}
+          hl.(new) #()
+        {{{ (ℓ_deq ℓ_enq : loc), RET (#ℓ_deq, #ℓ_enq); queue_repr ℓ_deq ℓ_enq [] }}};
+      enqueue_spec (ℓ_enq : loc) (data : val) :
+        ⊢ <<{ ∀∀ ℓ_deq cvs, queue_repr ℓ_deq ℓ_enq cvs }>>
+            hl.(enqueue) #ℓ_enq data @ ∅
+          <<{ queue_repr ℓ_deq ℓ_enq (cvs ++ [data]) | RET #() }>>;
+      try_dequeue_spec (ℓ_deq : loc) :
+        ⊢ <<{ ∀∀ ℓ_enq cvs, queue_repr ℓ_deq ℓ_enq cvs }>>
+            hl.(try_dequeue) #ℓ_deq @ ∅
+          <<{ queue_repr ℓ_deq ℓ_enq (tail cvs) | RET (val_opt_hl (head cvs)) }>>;
+      (** Linking two queues:
+       *     _______________      _______________
+       *    /      Q1       \    /       Q2      \
+       *    ℓ_deq1 ... ℓ_enq1 <> ℓ_deq2 ... ℓ_enq2
+       *    \          \ link op args /          /
+       *     \          \____________/          /
+       *      \            Q1 <> Q2            /
+       *       \______________________________/
+       *)
+      link_spec (ℓ_enq1 ℓ_deq2 : loc) :
+        ⊢ <<{ ∀∀ (b : bool) ℓ_deq1 ℓ_enq2 cvs1 cvs2, queue_repr ℓ_deq1 ℓ_enq1 cvs1 ∗
+                            if b then queue_repr ℓ_deq2 ℓ_enq2 cvs2 else ⌜ℓ_deq1 = ℓ_deq2 ∧ ℓ_enq1 = ℓ_enq2⌝ }>>
+            hl.(link) #ℓ_enq1 #ℓ_deq2 @ ∅
+          <<{ if b then queue_repr ℓ_deq1 ℓ_enq2 (cvs1 ++ cvs2) else True | RET #() }>>;
+    }.
+#[global] Arguments lmpmc_queue_iris _ {_} _ : assert.

diff --git a/theories/lmpmc_queue_spec.v b/theories/lmpmc_queue_spec.v new file mode 100644 index 0000000..0ea3a4a --- /dev/null +++ b/theories/lmpmc_queue_spec.v
@@ -0,0 +1,49 @@
	1	From iris.program_logic Require Import atomic.
	2	From iris.heap_lang Require Import notation proofmode.
	3
	4	From lmpmc Require Import util.
	5
	6	Record lmpmc_queue_hl :=
	7	LmpmcQueueHl
	8	{ new : val;
	9	enqueue : val;
	10	try_dequeue : val;
	11	link : val;
	12	}.
	13
	14	Record lmpmc_queue_iris {Σ} `{!heapGS Σ} (hl : lmpmc_queue_hl) :=
	15	LmpmcQueueIris
	16	{ queue_repr : loc → loc → list val → iProp Σ;
	17	#[global] queue_repr_timeless ℓ_deq ℓ_enq vs :: Timeless (queue_repr ℓ_deq ℓ_enq vs);
	18
	19	new_spec :
	20	{{{ True }}}
	21	hl.(new) #()
	22	{{{ (ℓ_deq ℓ_enq : loc), RET (#ℓ_deq, #ℓ_enq); queue_repr ℓ_deq ℓ_enq [] }}};
	23
	24	enqueue_spec (ℓ_enq : loc) (data : val) :
	25	⊢ <<{ ∀∀ ℓ_deq cvs, queue_repr ℓ_deq ℓ_enq cvs }>>
	26	hl.(enqueue) #ℓ_enq data @ ∅
	27	<<{ queue_repr ℓ_deq ℓ_enq (cvs ++ [data]) \| RET #() }>>;
	28
	29	try_dequeue_spec (ℓ_deq : loc) :
	30	⊢ <<{ ∀∀ ℓ_enq cvs, queue_repr ℓ_deq ℓ_enq cvs }>>
	31	hl.(try_dequeue) #ℓ_deq @ ∅
	32	<<{ queue_repr ℓ_deq ℓ_enq (tail cvs) \| RET (val_opt_hl (head cvs)) }>>;
	33
	34	(** Linking two queues:
	35	* _______________ _______________
	36	* / Q1 \ / Q2 \
	37	* ℓ_deq1 ... ℓ_enq1 <> ℓ_deq2 ... ℓ_enq2
	38	* \ \ link op args / /
	39	* \ \____________/ /
	40	* \ Q1 <> Q2 /
	41	* \______________________________/
	42	*)
	43	link_spec (ℓ_enq1 ℓ_deq2 : loc) :
	44	⊢ <<{ ∀∀ (b : bool) ℓ_deq1 ℓ_enq2 cvs1 cvs2, queue_repr ℓ_deq1 ℓ_enq1 cvs1 ∗
	45	if b then queue_repr ℓ_deq2 ℓ_enq2 cvs2 else ⌜ℓ_deq1 = ℓ_deq2 ∧ ℓ_enq1 = ℓ_enq2⌝ }>>
	46	hl.(link) #ℓ_enq1 #ℓ_deq2 @ ∅
	47	<<{ if b then queue_repr ℓ_deq1 ℓ_enq2 (cvs1 ++ cvs2) else True \| RET #() }>>;
	48	}.
	49	#[global] Arguments lmpmc_queue_iris _ {_} _ : assert.