Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CStr Invariant proofs for bytes, as_ptr, to_str #192

Merged
merged 13 commits into from
Dec 4, 2024
Merged

CStr Invariant proofs for bytes, as_ptr, to_str #192

Changes from all commits
Commits
Show all changes
13 commits
Select commit Hold shift + click to select a range
64ddbff
Add to_bytes and to_bytes_with_nul harnesses
Yenyun035 Nov 27, 2024
1edbe31
Merge branch 'main' into c-0013-yenyunw-cstr-to-bytes
Yenyun035 Nov 27, 2024
4059184
Merge branch 'main' into c-0013-yenyunw-cstr-to-bytes
Yenyun035 Nov 28, 2024
8b15d35
add bytes, to_str and as_ptr proofs
rajathkotyal Nov 28, 2024
ec0e94c
Update c_str.rs
rajathkotyal Nov 28, 2024
8b53c8c
Remove irrelevant code
Yenyun035 Nov 28, 2024
c227b16
fix performance
rajathkotyal Nov 28, 2024
ddf3475
Update c_str.rs
rajathkotyal Nov 28, 2024
0bd780a
Merge branch 'main' into c-0013-rajathm-bytes-as_ptr-to_str
rajathkotyal Nov 30, 2024
c970af3
Merge branch 'main' into c-0013-rajathm-bytes-as_ptr-to_str
rajathkotyal Dec 1, 2024
8965253
Merge branch 'main' into c-0013-rajathm-bytes-as_ptr-to_str
rajathkotyal Dec 3, 2024
7372ed6
use arbitrary str
rajathkotyal Dec 3, 2024
8f83c58
Merge branch 'main' into c-0013-rajathm-bytes-as_ptr-to_str
rajathkotyal Dec 3, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
62 changes: 62 additions & 0 deletions library/core/src/ffi/c_str.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -886,6 +886,68 @@ mod verify {
}
}

// pub fn bytes(&self) -> Bytes<'_>
#[kani::proof]
#[kani::unwind(32)]
fn check_bytes() {
const MAX_SIZE: usize = 32;
let string: [u8; MAX_SIZE] = kani::any();
let slice = kani::slice::any_slice_of_array(&string);
let c_str = arbitrary_cstr(slice);

let bytes_iterator = c_str.bytes();
let bytes_expected = c_str.to_bytes();

// Compare the bytes obtained from the iterator and the slice
// bytes_expected.iter().copied() converts the slice into an iterator over u8
assert!(bytes_iterator.eq(bytes_expected.iter().copied()));
assert!(c_str.is_safe());
}

// pub const fn to_str(&self) -> Result<&str, str::Utf8Error>
#[kani::proof]
#[kani::unwind(32)]
fn check_to_str() {
const MAX_SIZE: usize = 32;
let string: [u8; MAX_SIZE] = kani::any();
let slice = kani::slice::any_slice_of_array(&string);
let c_str = arbitrary_cstr(slice);

// a double conversion here and assertion, if the bytes are still the same, function is valid
let str_result = c_str.to_str();
if let Ok(s) = str_result {
assert_eq!(s.as_bytes(), c_str.to_bytes());
}
assert!(c_str.is_safe());
}

// pub const fn as_ptr(&self) -> *const c_char
#[kani::proof]
#[kani::unwind(33)]
fn check_as_ptr() {
const MAX_SIZE: usize = 32;
let string: [u8; MAX_SIZE] = kani::any();
let slice = kani::slice::any_slice_of_array(&string);
let c_str = arbitrary_cstr(slice);

let ptr = c_str.as_ptr();
let bytes_with_nul = c_str.to_bytes_with_nul();
let len = bytes_with_nul.len();

// We ensure that `ptr` is valid for reads of `len` bytes
unsafe {
for i in 0..len {
// Iterate and get each byte in the C string from our raw ptr
let byte_at_ptr = *ptr.add(i);
// Get the byte at every pos
let byte_in_cstr = bytes_with_nul[i];
// Compare the two bytes to ensure they are equal
assert_eq!(byte_at_ptr as u8, byte_in_cstr);
}
}
assert!(c_str.is_safe());
}

#[kani::proof]
#[kani::unwind(17)]
fn check_from_bytes_with_nul() {
Expand Down
Loading