Skip to main content

DualCommitStore

ic_memory::physical

Struct DualCommitStore 

Source 
pub struct DualCommitStore { /* private fields */ }
Expand description

DualCommitStore

Dual-slot protected commit protocol for encoded ledger generations.

This is an advanced low-level API for framework or stable-IO owners. Most applications should recover, validate, and commit through the allocation ledger flow rather than manipulating encoded physical commit slots directly.

Writers stage a complete generation record into the inactive slot. Readers recover by selecting the highest-generation valid slot. A torn or partial write cannot become authoritative unless its marker and checksum validate.

The checksum is for torn-write and accidental-corruption detection only. It is not a cryptographic hash and does not provide adversarial tamper resistance.

Implementations§

Source§

impl DualCommitStore

Source

pub const fn is_uninitialized(&self) -> bool

Return true when no commit slot has ever been written.

Source

pub const fn slot0(&self) -> Option<&CommittedGenerationBytes>

Borrow the first physical commit slot.

Slot records are untrusted recovered state until recovery selects an authoritative generation.

Source

pub const fn slot1(&self) -> Option<&CommittedGenerationBytes>

Borrow the second physical commit slot.

Slot records are untrusted recovered state until recovery selects an authoritative generation.

Source

pub fn authoritative( &self, ) -> Result<&CommittedGenerationBytes, CommitRecoveryError>

Return the highest-generation valid committed record.

Source

pub fn diagnostic(&self) -> CommitStoreDiagnostic

Build a read-only recovery diagnostic for the protected commit slots.

Source

pub fn commit_payload( &mut self, payload: Vec<u8>, ) -> Result<&CommittedGenerationBytes, CommitRecoveryError>

Commit a new payload to the inactive slot.

The returned store models the post-write physical state. If a real substrate traps before the inactive slot is fully written, the prior valid slot remains authoritative under authoritative.

Source

pub fn commit_payload_at_generation( &mut self, generation: u64, payload: Vec<u8>, ) -> Result<&CommittedGenerationBytes, CommitRecoveryError>

Commit payload as an explicitly numbered physical generation.

This is the low-level physical-slot primitive used by crate::LedgerCommitStore. Normal ledger commits should use crate::LedgerCommitStore::commit or crate::AllocationBootstrap so payloads are decoded, compatibility-checked, and integrity-validated before they can become authoritative.

The physical slot generation is checked against the recovered physical predecessor. This method does not inspect payload.

Trait Implementations§

Source§

impl Clone for DualCommitStore

Source§

fn clone(&self) -> DualCommitStore

Returns a duplicate of the value. Read more
1.0.0 (const: unstable) · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for DualCommitStore

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Default for DualCommitStore

Source§

fn default() -> DualCommitStore

Returns the “default value” for a type. Read more
Source§

impl<'de> Deserialize<'de> for DualCommitStore

Source§

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>
where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more
Source§

impl DualProtectedCommitStore for DualCommitStore

Source§

type Slot = CommittedGenerationBytes

Protected slot record type.
Source§

fn slot0(&self) -> Option<&Self::Slot>

Borrow the first physical slot.
Source§

fn slot1(&self) -> Option<&Self::Slot>

Borrow the second physical slot.
Source§

fn is_uninitialized(&self) -> bool

Return true when no commit slot has ever been written.
Source§

fn authoritative_slot( &self, ) -> Result<AuthoritativeSlot<'_, Self::Slot>, CommitRecoveryError>

Return the highest-generation valid physical slot.
Source§

fn inactive_slot_index(&self) -> CommitSlotIndex

Return the slot that should receive the next staged generation write. Read more
Source§

impl PartialEq for DualCommitStore

Source§

fn eq(&self, other: &DualCommitStore) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 (const: unstable) · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl Serialize for DualCommitStore

Source§

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>
where __S: Serializer,

Serialize this value into the given Serde serializer. Read more
Source§

impl Eq for DualCommitStore

Source§

impl StructuralPartialEq for DualCommitStore

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> DeserializeOwned for T
where T: for<'de> Deserialize<'de>,