Skip to content

Commit 7fdbc77

Browse files
tautschnigtautschnig
committed
Add ensures where possible
1 parent 9c1738c commit 7fdbc77

File tree

1 file changed

+8
-11
lines changed

1 file changed

+8
-11
lines changed

library/core/src/ptr/alignment.rs

Lines changed: 8 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -112,6 +112,7 @@ impl Alignment {
112112
#[rustc_const_unstable(feature = "ptr_alignment_type", issue = "102070")]
113113
#[inline]
114114
#[ensures(|result| result.get().is_power_of_two())]
115+
#[ensures(|result| result.get() == self.as_usize())]
115116
pub const fn as_nonzero(self) -> NonZero<usize> {
116117
// SAFETY: All the discriminants are non-zero.
117118
unsafe { NonZero::new_unchecked(self.as_usize()) }
@@ -135,6 +136,7 @@ impl Alignment {
135136
#[inline]
136137
#[requires(self.as_usize().is_power_of_two())]
137138
#[ensures(|result| (*result as usize) < mem::size_of::<usize>() * 8)]
139+
#[ensures(|result| 1usize << *result == self.as_usize())]
138140
pub const fn log2(self) -> u32 {
139141
self.as_nonzero().trailing_zeros()
140142
}
@@ -167,6 +169,7 @@ impl Alignment {
167169
#[inline]
168170
#[ensures(|result| *result > 0)]
169171
#[ensures(|result| *result == !(self.as_usize() -1))]
172+
#[ensures(|result| self.as_usize() & *result == self.as_usize())]
170173
pub const fn mask(self) -> usize {
171174
// SAFETY: The alignment is always nonzero, and therefore decrementing won't overflow.
172175
!(unsafe { self.as_usize().unchecked_sub(1) })
@@ -396,21 +399,15 @@ mod verify {
396399
#[kani::proof_for_contract(Alignment::new)]
397400
pub fn check_new() {
398401
let a = kani::any::<usize>();
399-
let alignment_opt = Alignment::new(a);
400-
match alignment_opt {
401-
Some(alignment) => assert_eq!(alignment.as_usize(), a),
402-
None => assert!(!a.is_power_of_two())
403-
}
402+
let _ = Alignment::new(a);
404403
}
405404

406405
// pub const unsafe fn new_unchecked(align: usize) -> Self
407406
#[kani::proof_for_contract(Alignment::new_unchecked)]
408407
pub fn check_new_unchecked() {
409408
let a = kani::any::<usize>();
410-
411409
unsafe {
412-
let alignment = Alignment::new_unchecked(a);
413-
assert!(alignment.as_usize() > 0);
410+
let _ = Alignment::new_unchecked(a);
414411
}
415412
}
416413

@@ -428,7 +425,7 @@ mod verify {
428425
pub fn check_as_nonzero() {
429426
let a = kani::any::<usize>();
430427
if let Some(alignment) = Alignment::new(a) {
431-
assert_eq!(alignment.as_nonzero().get(), a);
428+
let _ = alignment.as_nonzero();
432429
}
433430
}
434431

@@ -437,7 +434,7 @@ mod verify {
437434
pub fn check_log2() {
438435
let a = kani::any::<usize>();
439436
if let Some(alignment) = Alignment::new(a) {
440-
assert_eq!(1usize << alignment.log2(), a);
437+
let _ = alignment.log2();
441438
}
442439
}
443440

@@ -446,7 +443,7 @@ mod verify {
446443
pub fn check_mask() {
447444
let a = kani::any::<usize>();
448445
if let Some(alignment) = Alignment::new(a) {
449-
assert_eq!(a & alignment.mask(), a);
446+
let _ = alignment.mask();
450447
}
451448
}
452449
}

0 commit comments

Comments
 (0)