Skip to main content

from_unique_embedded

Function from_unique_embedded 

Source
pub proof fn from_unique_embedded(tracked regions: &mut MetaRegionOwners, paddr: Paddr)
Expand description
requires
old(regions).inv(),
old(regions).slots.contains_key(frame_to_index(paddr)),
old(regions).slot_owners[frame_to_index(paddr)].inner_perms.ref_count.value()
    == REF_COUNT_UNIQUE,
ensures
final(regions).inv(),
final(regions).slots =~= old(regions).slots,
{
    let idx = frame_to_index(paddr);
    let so_old = old(regions).slot_owners[idx];
    let so_new = final(regions).slot_owners[idx];
    &&& so_new.inner_perms.ref_count.value() == 1
    &&& so_new.usage == so_old.usage
    &&& so_new.paths_in_pt == so_old.paths_in_pt
    &&& so_new.inner_perms.in_list == so_old.inner_perms.in_list
    &&& so_new.inner_perms.storage == so_old.inner_perms.storage
    &&& so_new.slot_vaddr == so_old.slot_vaddr

},
forall |i: usize| {
    i != frame_to_index(paddr)
        ==> final(regions).slot_owners[i] == old(regions).slot_owners[i]
},
forall |c: CursorOwner<'_, UserPtConfig>| {
    c.metaregion_sound(*old(regions)) ==> c.metaregion_sound(*final(regions))
},

Mirror of crate::mm::frame::Frame::from_unique. Converts the exclusive handle at paddr into a shared one: rc drops from the REF_COUNT_UNIQUE sentinel to 1, with usage (Frame), paths_in_pt (empty), in_list (0), storage, vtable_ptr, and slot_vaddr preserved (only the count store runs). metaregion_sound is preserved: a UNIQUE slot has no live PTE (a mapping is a reference), so no cursor’s OwnerSubtree maps it, and dropping the count to 1 keeps it referenced.