Fragment

creusot_std::ghost::resource

Struct Fragment 

Source 
pub struct Fragment<R: UnitRA>(pub Resource<Auth<R>>);
Expand description

Wrapper around a Resource, that contains a fragment.

See Authority.

Tuple Fields§

§0: Resource<Auth<R>>

Implementations§

Source§

impl<R: UnitRA> Fragment<R>

Source

pub fn id(self) -> Id

Id of the underlying Resource.

Source

pub fn id_ghost(&self) -> Id

Get the id for this resource.

This is the same as Self::id, but for ghost code.

terminates

ghost

ensures 

result == self.id()

Source

pub fn new_unit(id: Id) -> Fragment<R>

Create a fragment containing a unit resource

terminates

ghost

ensures 

result@ == R::unit() && result.id() == id

Source

pub fn core(&self) -> Self

Duplicate the duplicable core of a fragment

terminates

ghost

requires 

self@.core() != None

ensures 

result.id() == self.id()

ensures 

Some(result@) == self@.core()

Source

pub fn split(self, a: Snapshot<R>, b: Snapshot<R>) -> (Self, Self)

Split a fragment into two parts, described by a and b.

See also [Self::split_mut] and Self::split_off.

terminates

ghost

requires 

R::incl_eq_op(*a, *b, self@)

ensures 

result.0.id() == self.id() && result.1.id() == self.id()

ensures 

result.0@ == *a

ensures 

result.1@ == *b

Source

pub fn split_off(&mut self, r: Snapshot<R>, s: Snapshot<R>) -> Self

Remove r from self and return it, leaving s in self.

terminates

ghost

requires 

R::incl_eq_op(*r, *s, self@)

ensures 

(^self).id() == self.id() && result.id() == self.id()

ensures 

(^self)@ == *s

ensures 

result@ == *r

Source

pub fn join(self, other: Self) -> Self

Join two owned framents together.

See also Self::join_in and [Self::join_shared].

terminates

ghost

requires 

self.id() == other.id()

ensures 

result.id() == self.id()

ensures 

Some(result@) == self@.op(other@)

Source

pub fn join_in(&mut self, other: Self)

Same as Self::join, but put the result into self.

terminates

ghost

requires 

self.id() == other.id()

ensures 

(^self).id() == self.id()

ensures 

Some((^self)@) == self@.op(other@)

Source

pub fn weaken(&mut self, target: Snapshot<R>)

Transforms self into target, given that target is included in self.

terminates

ghost

requires 

target.incl(self@)

ensures 

(^self).id() == self.id()

ensures 

(^self)@ == *target

Source

pub fn valid_op_lemma(&mut self, other: &Self)

Validate the composition of self and other.

terminates

ghost

requires 

self.id() == other.id()

ensures 

^self == *self

ensures 

self@.op(other@) != None

Trait Implementations§

Source§

impl<R: UnitRA> From<Resource<View<AuthViewRel<R>>>> for Fragment<R>

Source§

fn from(value: Resource<Auth<R>>) -> Self

terminates

ghost

ensures 

result@ == value@.frag()

Source§

impl<R: UnitRA> View for Fragment<R>

Source§

fn view(self) -> R

Get the fragment value.

(open) 

pearlite! { self.0@.frag() }

Source§

type ViewTy = R

Auto Trait Implementations§

§

impl<R> Freeze for Fragment<R>

§

impl<R> RefUnwindSafe for Fragment<R>
where R: RefUnwindSafe,

§

impl<R> Send for Fragment<R>
where R: Send,

§

impl<R> Sync for Fragment<R>
where R: Sync,

§

impl<R> Unpin for Fragment<R>
where R: Unpin,

§

impl<R> UnwindSafe for Fragment<R>
where R: UnwindSafe,

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.