Migrate to the vstd::std_spec version of ManuallyDrop spec

aster_common/src/mm/frame/frame_ref.rs

@@ -4,8 +4,6 @@ use std::ops::Deref;
 
 use core::mem::ManuallyDrop;
 
-use vstd_extra::external::manually_drop::*;
-
 use super::*;
 
 verus! {
@@ -20,7 +18,7 @@ pub struct FrameRef<'a, M: AnyFrameMeta> {
 impl<M: AnyFrameMeta> Deref for FrameRef<'_, M> {
     type Target = Frame<M>;
 
-    #[verus_spec(ensures returns manually_drop_deref_spec(&self.inner))]
+    #[verus_spec(returns &self.inner@)]
     fn deref(&self) -> &Self::Target {
         &self.inner
     }

aster_common/src/mm/page_table/node/entry_owners.rs

@@ -17,8 +17,8 @@ pub tracked struct NodeEntryOwner<'rcu, C: PageTableConfig> {
 impl<'rcu, C: PageTableConfig> Inv for NodeEntryOwner<'rcu, C> {
     open spec fn inv(self) -> bool {
         &&& self.guard_perm.is_init()
-        &&& self.guard_perm.value().inner.inner.ptr.addr() == self.as_node.meta_perm.addr()
-        &&& self.guard_perm.value().inner.inner.wf(self.as_node)
+        &&& self.guard_perm.value().inner.inner@.ptr.addr() == self.as_node.meta_perm.addr()
+        &&& self.guard_perm.value().inner.inner@.wf(self.as_node)
         &&& self.as_node.inv()
         &&& meta_to_frame(self.as_node.meta_perm.addr()) < VMALLOC_BASE_VADDR()
             - LINEAR_MAPPING_BASE_VADDR()
@@ -76,7 +76,7 @@ impl<'rcu, C: PageTableConfig> EntryOwner<'rcu, C> {
     pub open spec fn relate_parent_guard_perm(self, guard_perm: PointsTo<PageTableGuard<'rcu, C>>) -> bool {
         &&& guard_perm.addr() == self.guard_addr
         &&& guard_perm.is_init()
-        &&& guard_perm.value().inner.inner.ptr.addr() == self.base_addr
+        &&& guard_perm.value().inner.inner@.ptr.addr() == self.base_addr
     }
 }
 

ostd/src/mm/frame/frame_ref.rs

@@ -3,7 +3,6 @@ use core::{marker::PhantomData, mem::ManuallyDrop, ops::Deref, ptr::NonNull};
 
 use vstd::prelude::*;
 
-use vstd_extra::external::manually_drop::*;
 use vstd_extra::ownership::*;
 
 use aster_common::prelude::frame::*;

ostd/src/mm/page_table/cursor/mod.rs

@@ -366,9 +366,9 @@ impl<'rcu, C: PageTableConfig, A: InAtomicMode> Cursor<'rcu, C, A> {
                     #[verus_spec(with Tracked(&mut child_node_owner.guard_perm))]
                     let pt_guard = pt.make_guard_unchecked(rcu_guard);
 
-                    assert(parent_node_owner.guard_perm.value().inner.inner.wf(parent_node_owner.as_node));
+                    assert(parent_node_owner.guard_perm.value().inner.inner@.wf(parent_node_owner.as_node));
 //                    assert(parent_node_owner.guard_perm.value().inner.inner.ptr.addr() == parent_node_owner.as_node.meta_perm.addr()) by { admit() };
-                    assert(child_node_owner.guard_perm.value().inner.inner.ptr.addr() == child_node_owner.as_node.meta_perm.points_to.addr()) by { admit() };
+                    assert(child_node_owner.guard_perm.value().inner.inner@.ptr.addr() == child_node_owner.as_node.meta_perm.points_to.addr()) by { admit() };
                     assert(parent_node_owner.as_node.inv()) by { admit() };
 
                     #[verus_spec(with Tracked(&mut child_node_owner.as_node))]

ostd/src/mm/page_table/node/entry.rs

@@ -48,8 +48,8 @@ impl<'a, 'rcu, C: PageTableConfig> Entry<'rcu, C> {
             self.node == guard_perm.pptr(),
             guard_perm.is_init(),
             owner.is_node(), // The owner is the owner of the parent node, so should always be a node
-            inner_perm.addr() == guard_perm.value().inner.inner.ptr.addr(),
-            inner_perm.points_to.addr() == guard_perm.value().inner.inner.ptr.addr(),
+            inner_perm.addr() == guard_perm.value().inner.inner@.ptr.addr(),
+            inner_perm.points_to.addr() == guard_perm.value().inner.inner@.ptr.addr(),
             inner_perm.is_init(),
             inner_perm.wf(),
     {
@@ -172,8 +172,8 @@ impl<'a, 'rcu, C: PageTableConfig> Entry<'rcu, C> {
             new_child is PageTable,
             FRAME_METADATA_RANGE().start <= frame_to_index(new_child.get_node().unwrap().ptr.addr())
                 < FRAME_METADATA_RANGE().end,
-            inner_perm.addr() == old(guard_perm).value().inner.inner.ptr.addr(),
-            inner_perm.points_to.addr() == old(guard_perm).value().inner.inner.ptr.addr(),
+            inner_perm.addr() == old(guard_perm).value().inner.inner@.ptr.addr(),
+            inner_perm.points_to.addr() == old(guard_perm).value().inner.inner@.ptr.addr(),
             inner_perm.is_init(),
             inner_perm.wf(),
     {

ostd/src/mm/page_table/node/mod.rs

@@ -221,8 +221,8 @@ impl<'rcu, C: PageTableConfig> PageTableGuard<'rcu, C> {
     )]
     pub fn nr_children(&self) -> (nr: u16)
         requires
-            self.inner.inner.ptr.addr() == old(owner).meta_perm.addr(),
-            self.inner.inner.ptr.addr() == old(owner).meta_perm.points_to.addr(),
+            self.inner.inner@.ptr.addr() == old(owner).meta_perm.addr(),
+            self.inner.inner@.ptr.addr() == old(owner).meta_perm.points_to.addr(),
             old(owner).inv(),
         ensures
             owner == old(owner)
@@ -242,8 +242,8 @@ impl<'rcu, C: PageTableConfig> PageTableGuard<'rcu, C> {
     pub fn stray_mut(&mut self) -> PCell<bool>
         requires
             owner.is_node(),
-            old(self).inner.inner.ptr.addr() == owner.node.unwrap().as_node.meta_perm.addr(),
-            old(self).inner.inner.ptr.addr() == owner.node.unwrap().as_node.meta_perm.points_to.addr(),
+            old(self).inner.inner@.ptr.addr() == owner.node.unwrap().as_node.meta_perm.addr(),
+            old(self).inner.inner@.ptr.addr() == owner.node.unwrap().as_node.meta_perm.points_to.addr(),
             owner.inv(),
     {
         let tracked node_owner = owner.node.tracked_borrow();
@@ -270,8 +270,8 @@ impl<'rcu, C: PageTableConfig> PageTableGuard<'rcu, C> {
     )]
     pub fn read_pte(&self, idx: usize) -> C::E
         requires
-            self.inner.inner.ptr.addr() == owner.meta_perm.addr,
-            self.inner.inner.ptr.addr() == owner.meta_perm.points_to.addr(),
+            self.inner.inner@.ptr.addr() == owner.meta_perm.addr(),
+            self.inner.inner@.ptr.addr() == owner.meta_perm.points_to.addr(),
             owner.inv(),
             meta_to_frame(owner.meta_perm.addr) < VMALLOC_BASE_VADDR() - LINEAR_MAPPING_BASE_VADDR(),
             FRAME_METADATA_RANGE().start <= owner.meta_perm.addr < FRAME_METADATA_RANGE().end,
@@ -337,8 +337,8 @@ impl<'rcu, C: PageTableConfig> PageTableGuard<'rcu, C> {
     )]
     fn nr_children_mut<'a>(&'a mut self) -> &'a PCell<u16>
         requires
-            old(self).inner.inner.ptr.addr() == meta_perm.addr(),
-            old(self).inner.inner.ptr.addr() == meta_perm.points_to.addr(),
+            old(self).inner.inner@.ptr.addr() == meta_perm.addr(),
+            old(self).inner.inner@.ptr.addr() == meta_perm.points_to.addr(),
             meta_perm.is_init(),
             meta_perm.wf(),
     {

ostd/src/sync/rcu/non_null/mod.rs

@@ -274,7 +274,7 @@ impl<'a, T> ArcRef<'a, T> {
     }
 
     pub closed spec fn deref_as_arc_spec(&self) -> &Arc<T> {
-        manually_drop_deref_spec(&self.inner)
+        &self.inner@
     }
 
     /// A workaround that Verus does not support implementing spec for Deref trait yet.

vstd_extra/src/external/deref.rs

@@ -1,4 +1,3 @@
-use super::manually_drop::manually_drop_deref_spec;
 use core::hint::spin_loop;
 use core::mem::ManuallyDrop;
 use core::ops::Deref;
@@ -47,11 +46,6 @@ pub broadcast axiom fn arc_deref_spec<T>(a: std::sync::Arc<T>)
         #[trigger] *(a.deref_spec()) == *a,
 ;
 
-pub broadcast axiom fn manually_drop_deref_spec_eq<T: ?Sized>(v: &ManuallyDrop<T>)
-    ensures
-        #[trigger] &**v == manually_drop_deref_spec(v),
-;
-
 pub broadcast group group_deref_spec {
     ref_deref_spec,
     box_deref_spec,

vstd_extra/src/external/mod.rs

@@ -1,13 +1,11 @@
 // Specifications for external functions and traits
 pub mod deref;
 pub mod ilog2;
-pub mod manually_drop;
 pub mod nonnull;
 pub mod smart_ptr;
 
 pub use deref::*;
 pub use ilog2::*;
-pub use manually_drop::*;
 pub use nonnull::*;
 pub use smart_ptr::*;