Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
I
iris-time-proofs
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Repository Analytics
Value Stream Analytics
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
MEVEL Glen
iris-time-proofs
Commits
3c5b1c17
Commit
3c5b1c17
authored
Jul 11, 2018
by
MEVEL Glen
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
pointers from the paper to the Coq proofs
parent
3db8a635
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
45 additions
and
0 deletions
+45
-0
README.md
README.md
+45
-0
No files found.
README.md
View file @
3c5b1c17
...
...
@@ -83,3 +83,48 @@ Important modules are highlighted.
*
`Examples`
: a very simple example illustrating the use of time credits to
specify a program with lists
*
__
`Thunks`
: implementation of timed thunks using time credits__
### From the paper to the Coq code
#### Generic translation and “tick”
The basic properties of the translation are proven in
`Translation.v`
(for
example,
`translation_subst`
and
`translation_of_val`
).
In
`Simulation.v`
:
*
The operational semantics of “tick” in the nonzero case is given by lemma
`exec_tick_success`
.
*
The “Forward Simulation” lemma is
`simulation_exec_success`
.
*
The “Forward Simulation of Unsafe Behaviors” lemma corresponds roughly to
`safe_translation__safe_here`
.
*
The “Safety Transfer” lemma is
`adequate_translation__adequate`
(in the Coq
development, by contrast with the paper, not only do we prove safety of
programs, but also their _adequacy_ with respect to some formula φ; this is
not a difficult property to transfer anyway).
#### Time credits
In
`TimeCredits.v`
:
*
The “Credit Exhaustion” lemma is
`simulation_exec_failure_now`
.
*
The “Soundness of the Time Credit Translation” lemma is
`simulation_exec_failure`
.
*
The “Time Credit Initialization” lemma does not have an exact counterpart in
the Coq development, but corresponds roughly to a portion of the proof of
`spec_tctranslation__adequate`
. The fact that our implementation matches the
interface is stated by
`TC_implementation`
.
*
The “Soundness of Iris^$ ” lemma is
`abstract_spec_tctranslation__adequate_and_bounded`
.
#### Time receipts
In
`TimeReceipts.v`
:
*
The “Time Receipt Initialization” lemma does not have an exact counterpart
in the Coq development, but corresponds roughly to a portion of the proof of
`spec_trtranslation__adequate_translation`
. The fact that our implementation
matches the interface is stated by
`TR_implementation`
.
*
The “Credit Exhaustion” lemma is
`simulation_exec_failure_now`
.
*
The “Soundness of Iris^⧗ ” lemma is
`abstract_spec_trtranslation__adequate`
.
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment