Skip to content
Snippets Groups Projects
Commit 7de018e3 authored by Ralf Jung's avatar Ralf Jung
Browse files

logically atomic increment on physical heap

parent da045e6b
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
theories/heap_lang/lib/increment.v
+ 33
1
View file @ 7de018e3
...@@ -8,12 +8,41 @@ Set Default Proof Using "Type". ...@@ -8,12 +8,41 @@ Set Default Proof Using "Type".
(** Show that implementing fetch-and-add on top of CAS preserves logical (** Show that implementing fetch-and-add on top of CAS preserves logical
atomicity. *) atomicity. *)
(** First: logically atomic increment directly on top of the physical heap. *)
Section increment_physical.
Context `{!heapG Σ}.
Definition incr_phy : val :=
rec: "incr" "l" :=
let: "oldv" := !"l" in
if: CAS "l" "oldv" ("oldv" + #1)
then "oldv" (* return old value if success *)
else "incr" "l".
Lemma incr_phy_spec (l: loc) :
<<< (v : Z), l #v >>> incr_phy #l @ <<< l #(v + 1), RET #v >>>.
Proof.
iApply wp_atomic_intro. iIntros (Φ) "AU". iLöb as "IH". wp_lam.
wp_bind (!_)%E. iMod "AU" as (v) "[Hl [Hclose _]]".
wp_load. iMod ("Hclose" with "Hl") as "AU". iModIntro.
wp_pures. wp_bind (CAS _ _ _)%E. iMod "AU" as (w) "[Hl Hclose]".
destruct (decide (#v = #w)) as [[= ->]|Hx].
- wp_cas_suc. iDestruct "Hclose" as "[_ Hclose]". iMod ("Hclose" with "Hl") as "HΦ".
iModIntro. wp_if. done.
- wp_cas_fail. iDestruct "Hclose" as "[Hclose _]". iMod ("Hclose" with "Hl") as "AU".
iModIntro. wp_if. iApply "IH". done.
Qed.
End increment_physical.
(** Next: logically atomic increment on top of an arbitrary logically atomic heap *)
Section increment. Section increment.
Context `{!heapG Σ} {aheap: atomic_heap Σ}. Context `{!heapG Σ} {aheap: atomic_heap Σ}.
Import atomic_heap.notation. Import atomic_heap.notation.
Definition incr: val := Definition incr : val :=
rec: "incr" "l" := rec: "incr" "l" :=
let: "oldv" := !"l" in let: "oldv" := !"l" in
if: CAS "l" "oldv" ("oldv" + #1) if: CAS "l" "oldv" ("oldv" + #1)
...@@ -42,12 +71,15 @@ Section increment. ...@@ -42,12 +71,15 @@ Section increment.
wp_if. iApply "IH". done. wp_if. iApply "IH". done.
Qed. Qed.
(** A "weak increment": assumes that there is no race *)
Definition weak_incr: val := Definition weak_incr: val :=
rec: "weak_incr" "l" := rec: "weak_incr" "l" :=
let: "oldv" := !"l" in let: "oldv" := !"l" in
"l" <- ("oldv" + #1);; "l" <- ("oldv" + #1);;
"oldv" (* return old value *). "oldv" (* return old value *).
(** Logically atomic spec for weak increment. Also an example for what TaDA
calls "private precondition". *)
(* TODO: Generalize to q and 1-q, based on some theory for a "maybe-mapsto" (* TODO: Generalize to q and 1-q, based on some theory for a "maybe-mapsto"
connective that works on [option Qp] (the type of 1-q). *) connective that works on [option Qp] (the type of 1-q). *)
Lemma weak_incr_spec (l: loc) (v : Z) : Lemma weak_incr_spec (l: loc) (v : Z) :
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment