VMs follow a strict state machine: IDLE (can be CALLed) -> RUNNING (executing) -> WAITING_FOR_REPLY (blocked at CALL) or HALTED (terminal) or FAULTED (can be RESUMEd). Only IDLE VMs can be CALLed — this prevents reentrancy by construction. Call graphs are acyclic at all times.
CALL suspends the caller (RUNNING -> WAITING_FOR_REPLY), transfers gas to the callee, and starts the callee (IDLE -> RUNNING). REPLY pops the call frame, returns unused gas, and resumes the caller (WAITING_FOR_REPLY -> RUNNING).
RESUME restarts a FAULTED VM (FAULTED -> RUNNING), transferring fresh gas. Registers and PC are preserved — the faulting instruction is retried. This enables demand paging: the parent maps the missing page via indirection, then RESUMEs the child.
Jar.JAVM.Cap.VmState : TypeJar.JAVM.Cap.VmState : Type
VM lifecycle states.
FAULTED is non-terminal: RESUME can restart a faulted VM, preserving registers and PC (retries the faulting instruction).
idle : Jar.JAVM.Cap.VmState
running : Jar.JAVM.Cap.VmState
waitingForReply : Jar.JAVM.Cap.VmState
halted : Jar.JAVM.Cap.VmState
faulted : Jar.JAVM.Cap.VmState
Jar.JAVM.Cap.VmInstance : TypeJar.JAVM.Cap.VmInstance : Type
A single VM instance.
Jar.JAVM.Cap.VmInstance.mk
state : Jar.JAVM.Cap.VmState
codeCapId : Nat
registers : Jar.JAVM.Registers
pc : Nat
capTable : Jar.JAVM.Cap.CapTable
caller : Option Nat
entryIndex : Nat
gas : Nat
Jar.JAVM.Cap.CallFrame : TypeJar.JAVM.Cap.CallFrame : Type
Call frame saved on the kernel's call stack.
Jar.JAVM.Cap.CallFrame.mk
callerVmId : Nat
ipcCapIdx : Option Nat
ipcWasMapped : Option (Nat × Jar.JAVM.Cap.Access)