Adds contracts for byte_add, byte_sub and byte_offset #19

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Closed

stogaru wants to merge 17 commits into main from verify/ptr_mut_byte

Owner

stogaru commented Nov 14, 2024

Also adds proofs verifying unit, int and composite types.

Please add a description of your PR.
If this is a solution to an open challenge, please explain your solution.

Don't forget to check our book to ensure your solution satisfy the overall
requirements as well as the challenge success criteria.

Resolves #ISSUE-NUMBER

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 and MIT licenses.


          Adds contracts for byte_add, byte_sub and byte_offset

0ccf81e

- Also adds proofs verifying unit, int and composite types.

xsxszab reviewed

View reviewed changes

library/core/src/ptr/mut_ptr.rs Show resolved Hide resolved

xsxszab reviewed

View reviewed changes

library/core/src/ptr/mut_ptr.rs Outdated

+                  #[cfg_attr(
+                      bootstrap,
+                      rustc_const_stable(feature = "ptr_metadata_const", since = "1.83.0")
+                  )]

Collaborator

xsxszab Nov 15, 2024

The rustfmt formatting is unnecessary

xsxszab reviewed

View reviewed changes

library/core/src/ptr/mut_ptr.rs Outdated

@@ @@ -277,7 +285,11 @@ impl<T: ?Sized> *mut T { @@
                   pub const unsafe fn as_ref<'a>(self) -> Option<&'a T> {
                       // SAFETY: the caller must guarantee that `self` is valid for a
                       // reference if it isn't null.
-                      if self.is_null() { None } else { unsafe { Some(&*self) } }
+                      if self.is_null() {

Collaborator

xsxszab Nov 15, 2024

The rustfmt formatting is unnecessary

xsxszab reviewed

View reviewed changes

library/core/src/ptr/mut_ptr.rs Outdated

@@ @@ -352,7 +364,11 @@ impl<T: ?Sized> *mut T { @@
                   {
                       // SAFETY: the caller must guarantee that `self` meets all the
                       // requirements for a reference.
-                      if self.is_null() { None } else { Some(unsafe { &*(self as *const MaybeUninit<T>) }) }
+                      if self.is_null() {

Collaborator

xsxszab Nov 15, 2024

The rustfmt formatting is unnecessary

xsxszab reviewed

View reviewed changes

library/core/src/ptr/mut_ptr.rs Outdated

@@ @@ -537,7 +569,9 @@ impl<T: ?Sized> *mut T { @@
                   #[stable(feature = "pointer_byte_offsets", since = "1.75.0")]
                   #[rustc_const_stable(feature = "const_pointer_byte_offsets", since = "1.75.0")]
                   pub const fn wrapping_byte_offset(self, count: isize) -> Self {
-                      self.cast::<u8>().wrapping_offset(count).with_metadata_of(self)
+                      self.cast::<u8>()

Collaborator

xsxszab Nov 15, 2024

The rustfmt formatting is unnecessary

xsxszab reviewed

View reviewed changes

library/core/src/ptr/mut_ptr.rs Outdated

@@ @@ -578,7 +612,9 @@ impl<T: ?Sized> *mut T { @@
                   #[must_use = "returns a new pointer rather than modifying its argument"]
                   #[inline(always)]
                   pub fn mask(self, mask: usize) -> *mut T {
-                      intrinsics::ptr_mask(self.cast::<()>(), mask).cast_mut().with_metadata_of(self)
+                      intrinsics::ptr_mask(self.cast::<()>(), mask)

Collaborator

xsxszab Nov 15, 2024

The rustfmt formatting is unnecessary

xsxszab reviewed

View reviewed changes

library/core/src/ptr/mut_ptr.rs Outdated

@@ @@ -628,7 +664,11 @@ impl<T: ?Sized> *mut T { @@
                   pub const unsafe fn as_mut<'a>(self) -> Option<&'a mut T> {
                       // SAFETY: the caller must guarantee that `self` is be valid for
                       // a mutable reference if it isn't null.
-                      if self.is_null() { None } else { unsafe { Some(&mut *self) } }
+                      if self.is_null() {

Collaborator

xsxszab Nov 15, 2024

The rustfmt formatting is unnecessary

xsxszab reviewed

View reviewed changes

library/core/src/ptr/mut_ptr.rs Outdated

@@ @@ -689,7 +729,11 @@ impl<T: ?Sized> *mut T { @@
                   {
                       // SAFETY: the caller must guarantee that `self` meets all the
                       // requirements for a reference.
-                      if self.is_null() { None } else { Some(unsafe { &mut *(self as *mut MaybeUninit<T>) }) }
+                      if self.is_null() {

Collaborator

xsxszab Nov 15, 2024

The rustfmt formatting is unnecessary

stogaru and others added 16 commits

November 14, 2024 19:59


          Removes unnecessary rustfmt formnatting

aec0394


          Adds comment for amgic numbers

60ba93e


          Adds some comments

57c591f


          Adds slice harnesses

a02ed87


          Adds contracts for byte_offset, byte_add and byte_sub

2fdebd6

- Adds harnesses for int, unit, composite and slice types


          Runs rustfmt

cd0a134


          Merge branch 'main' into verify/ptr_mut_byte

4aa89da


          Merge branch 'main' into verify/ptr_mut_byte

fdfad2c


          Some refactoring

40eb29d


          Refactors the function contracts

81fe7c9


          Merge branch 'main' into verify/ptr_const_byte

bee4503


          Merge branch 'main' into verify/ptr_mut_byte

52963f7


          Merge branch 'main' into verify/ptr_const_byte

38066e1


          Merge branch 'verify/ptr_const_byte' into verify/ptr_mut_byte

2d32b07


          Addresses commennts on PR

5e4f616


          Merge branch 'main' into verify/ptr_mut_byte

dea6e0e

Owner Author

stogaru commented Nov 28, 2024

model-checking#169

stogaru closed this

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet