Document behavior of checked_size_of_raw and is_inbounds #3956
+34
−1
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
For posterity: We can determine that our intrinsic implementation for kani/library/kani_core/src/models.rs Lines 214 to 215 in 7d7fca2 and slices: kani/library/kani_core/src/models.rs Lines 275 to 277 in 7d7fca2 and observing that they both return |
zhassan-aws
reviewed
Mar 24, 2025
joshlf
reviewed
Mar 29, 2025
| /// - The computed size overflows. | ||
| /// - The computed size exceeds `isize::MAX`. | ||
| /// - The pointer is null (except for zero-sized types). | ||
| /// - The pointer references unallocated memory. |
There was a problem hiding this comment.
This should probably also clarify that it doesn't apply for zero-sized types. Per the std::ptr docs:
For memory accesses of size zero, every pointer is valid, including the null pointer.
There was a problem hiding this comment.
I created #3974 to address this
github-merge-queue bot
pushed a commit
that referenced
this pull request
Apr 2, 2025
See #3956 (comment) By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 and MIT licenses.
github-merge-queue bot
pushed a commit
that referenced
this pull request
Apr 4, 2025
Bump Kani version to 0.61.0. Github-generated release notes: ## What's Changed * Fix CHANGELOG of 0.60.0 by @qinheping in #3925 * Bump tests/perf/s2n-quic from `d88faa4` to `8670e83` by @dependabot in #3928 * Update toolchain to 2025-03-04 by @qinheping in #3927 * Install the right toolchain for HEAD and BASE checks in `verify-std-check.yml` by @remi-delmas-3000 in #3920 * Automatic cargo update to 2025-03-10 by @github-actions in #3926 * Automatic toolchain upgrade to nightly-2025-03-05 by @github-actions in #3929 * Upgrade toolchain to nightly-2025-03-07 by @tautschnig in #3931 * Upgrade toolchain to nightly-2025-03-12 by @tautschnig in #3933 * Automatic toolchain upgrade to nightly-2025-03-13 by @github-actions in #3934 * Update CBMC dependency to 6.5.0 by @tautschnig in #3936 * Automatic toolchain upgrade to nightly-2025-03-14 by @github-actions in #3937 * Automatic toolchain upgrade to nightly-2025-03-15 by @github-actions in #3938 * Automatic toolchain upgrade to nightly-2025-03-16 by @github-actions in #3939 * Automatic toolchain upgrade to nightly-2025-03-17 by @github-actions in #3940 * Automatic cargo update to 2025-03-17 by @github-actions in #3941 * Autoharness: Don't panic on `_` argument and add `_autoharness` suffix to GOTO files by @carolynzech in #3942 * Implement `f16` and `f128` cases in `codegen_float_type` by @carolynzech in #3943 * Support function implementations of known built-ins by @tautschnig in #3945 * Autoharness: metadata improvements and enable standard library application by @carolynzech in #3948 * Autoharness: `--list` option by @carolynzech in #3952 * Add support for anonymous nested statics by @carolynzech in #3953 * Automatic cargo update to 2025-03-24 by @github-actions in #3954 * Bump tests/perf/s2n-quic from `8670e83` to `324cf31` by @dependabot in #3955 * Document behavior of checked_size_of_raw and is_inbounds by @rajath-mk in #3956 * Upgrade toolchain to 2025-03-18 by @zhassan-aws in #3959 * Remove unstable-features from code formatting script by @zhassan-aws in #3962 * Remove CI job to update features/verify-rust-std by @tautschnig in #3963 * Make is_inbounds public by @rajath-mk in #3958 * Enable Kani to work with a stable toolchain by @zhassan-aws in #3964 * Automatic cargo update to 2025-03-31 by @github-actions in #3966 * Add support for struct field accessing in loop contracts by @thanhnguyen-aws in #3970 * Bump tests/perf/s2n-quic from `324cf31` to `d0aff82` by @dependabot in #3968 * Clarify `is_inbounds` docs by @carolynzech in #3974 * Upgrade toolchain to 2025-04-01 by @carolynzech in #3973 * Remove remaining `--enable-unstable` mentions by @carolynzech in #3978 * Clean up unused dependencies by @zhassan-aws in #3981 * Automatic toolchain upgrade to nightly-2025-04-02 by @github-actions in #3983 * Update dependencies per `cargo-outdated` by @carolynzech in #3982 * Fix `autoharness` termination test & print metadata in alphabetical order by @carolynzech in #3971 * Fix cargo invocations to only use `pkg_args` where appropriate by @carolynzech in #3984 **Full Changelog**: kani-0.60.0...kani-0.61.0 By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 and MIT licenses.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Resolves #3947
Explicitly document behavior of checked_size_of_raw and is_inbounds with respect to isize::MAX to clarify safety guarantees.
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 and MIT licenses.