Skip to main content

MetaState

lion_core::state

Struct MetaState 

Source 
pub struct MetaState { /* private fields */ }
Expand description

Ghost state for verification (not runtime)

Corresponds to Lean: structure MetaState

This tracks resource lifecycle for proofs about temporal safety. At runtime, only the freed_set is used for double-free prevention.

Implementations§

Source§

impl MetaState

Source

pub fn empty() -> Self

Create empty meta state

Corresponds to Lean: def MetaState.empty : MetaState

Source

pub fn is_live(&self, addr: MemAddr) -> bool

Check if resource is live (allocated and not freed)

Corresponds to Lean: def MetaState.is_live (ms : MetaState) (addr : MemAddr) : Prop

Source

pub fn alloc(&self, addr: MemAddr, owner: PluginId) -> Self

Mark resource as allocated

Corresponds to Lean: def MetaState.alloc

Returns the new MetaState with the resource marked as allocated.

Source

pub fn free(&self, addr: MemAddr) -> Self

Mark resource as freed

Corresponds to Lean: def MetaState.free

Data Refinement Note (from Lean): The resources field is NOT updated. Only freed_set is used for double-free prevention.

Source

pub fn alloc_mut(&mut self, addr: MemAddr, owner: PluginId)

Mark resource as allocated (mutating version)

Source

pub fn free_mut(&mut self, addr: MemAddr) -> Result<(), MemoryError>

Mark resource as freed (mutating version)

Requires the resource to be currently allocated. Updates the resource status to Freed and adds the address to the freed set.

§Errors

Returns MemoryError::DoubleFree if the address has already been freed. Returns MemoryError::NotAllocated if the address was never allocated.

Source

pub fn allocated_count(&self) -> usize

Get the number of allocated resources

Source

pub fn freed_count(&self) -> usize

Get the number of freed resources

Source

pub fn resource_count(&self) -> usize

Get the number of resources in the map

Source

pub fn is_freed(&self, addr: MemAddr) -> bool

Check if an address has been freed

Source

pub fn get_status(&self, addr: MemAddr) -> Option<&ResourceStatus>

Get the status of a resource

Trait Implementations§

Source§

impl Clone for MetaState

Source§

fn clone(&self) -> MetaState

Returns a duplicate of the value. Read more
1.0.0 (const: unstable) · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for MetaState

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Default for MetaState

Source§

fn default() -> Self

Returns the “default value” for a type. Read more
Source§

impl PartialEq for MetaState

Source§

fn eq(&self, other: &MetaState) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 (const: unstable) · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl Eq for MetaState

Source§

impl StructuralPartialEq for MetaState

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.