Skip to content

resource: add ResourceAlgebra trait#2141

Open
bsdinis wants to merge 1 commit intobsdinis/wnrfrom
bsdinis/kmu
Open

resource: add ResourceAlgebra trait#2141
bsdinis wants to merge 1 commit intobsdinis/wnrfrom
bsdinis/kmu

Conversation

@bsdinis
Copy link
Collaborator

@bsdinis bsdinis commented Feb 6, 2026

This is done by partitioning the previous PCM trait (while keeping that axiomatization of the pcm::Resource API intact and unchanged).

Then the algebra::Resouce API is verified against the pcm::Resource API, using an Option combinator (which lifts any RA into a PCM).

The interfaces are morally equivalent, with some minor details.
One of the more annoying details is that the axiomatized interface can "create" tracked shared refs to a resource, whereas we are forced to add a algebra::ResourceRef to hold the shared ref.

By submitting this pull request, I confirm that my contribution is made under the terms of the MIT license.

@bsdinis bsdinis requested a review from tjhance February 6, 2026 00:36
@bsdinis bsdinis mentioned this pull request Feb 6, 2026
Closed
@bsdinis bsdinis force-pushed the bsdinis/kmu branch 2 times, most recently from 663be15 to f781891 Compare February 6, 2026 00:47
@bsdinis
Copy link
Collaborator Author

bsdinis commented Feb 6, 2026

Importantly, the only changes to PCM relate to excising out the ResourceAlgebra part. Functionally, the PCM interface remains the same because now PCM extends ResourceAlgebra

@bsdinis bsdinis force-pushed the bsdinis/kmu branch 2 times, most recently from d8fa647 to 655f5af Compare February 6, 2026 05:20
@bsdinis
resource: add ResourceAlgebra trait
72808ca 
This is done by partitioning the previous PCM trait (while keeping that
axiomatization of the pcm::Resource API intact and unchanged).

Then the algebra::Resouce API is verified agains the pcm::Resource API,
using an Option combinator (which lifts any RA into a PCM).
tjhance
tjhance approved these changes Feb 6, 2026
View reviewed changes
Copy link
Collaborator

@tjhance tjhance left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks good!

I assume you added ResourceRef because there otherwise wasn't a way to go from &'a pcm::Resource<Option<RA>> to &'a Resource<RA>? If you want, you can axiomatize a &'a pcm::Resource<Option<RA>> --> &'a Resource<RA> law, it's kind of a missing piece in our theory of shared ghost state, I just don't think it's come up before.

@bsdinis
Copy link
Collaborator Author

bsdinis commented Feb 6, 2026

I assume you added ResourceRef because there otherwise wasn't a way to go from &'a pcm::Resource<Option> to 'a Resource? If you want, you can axiomatize a &'a pcm::Resource<Option> --> &'a Resource law, it's kind of missing piece in our theory of shared ghost state, I just don't think it's come up before.

Yes exactly, it's quite annoying because even converting is not trivial (i.e., it is not really doable via impl AsRef<Resource> since we'd need both a tracked alternative and a way to get the write postconditions in)

@bsdinis
Copy link
Collaborator Author

bsdinis commented Feb 6, 2026

I'll take a look into adding the axiom

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tjhance tjhance tjhance approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@bsdinis @tjhance