@@ -249,7 +249,6 @@ impl<T: ?Sized> NonNull<T> {
249249#[ unstable( feature = "ptr_metadata" , issue = "81513" ) ]
250250 #[ rustc_const_unstable( feature = "ptr_metadata" , issue = "81513" ) ]
251251 #[ inline]
252- //TODO: Do we want requires for different types?
253252 #[ ensures( |result| !result. pointer. is_null( ) ) ]
254253 pub const fn from_raw_parts (
255254 data_pointer : NonNull < ( ) > ,
@@ -269,8 +268,8 @@ impl<T: ?Sized> NonNull<T> {
269268 #[ must_use = "this returns the result of the operation, \
270269]
271270 #[ inline]
272- #[ ensures( |( data_ptr, metadata) | !data_ptr. as_ptr( ) . is_null( ) ) ] //TODO: kani bug
273- #[ ensures( |( data_ptr, metadata) | self == NonNull :: from_raw_parts ( * data_ptr, * metadata ) ) ]
271+ #[ ensures( |( data_ptr, metadata) | !data_ptr. as_ptr( ) . is_null( ) ) ]
272+ #[ ensures( |( data_ptr, metadata) | self . as_ptr ( ) as * const ( ) == data_ptr. as_ptr ( ) as * const ( ) ) ]
274273 pub const fn to_raw_parts ( self ) -> ( NonNull < ( ) > , <T as super :: Pointee >:: Metadata ) {
275274 ( self . cast ( ) , super :: metadata ( self . as_ptr ( ) ) )
276275 }
@@ -1458,7 +1457,7 @@ impl<T> NonNull<[T]> {
14581457 && ( len as isize ) . checked_mul( core:: mem:: size_of:: <T >( ) as isize ) . is_some( )
14591458 && ( data. pointer as isize ) . checked_add( len as isize * core:: mem:: size_of:: <T >( ) as isize ) . is_some( ) // adding len must not “wrap around” the address space
14601459 && unsafe { kani:: mem:: same_allocation( data. pointer, data. pointer. add( len) ) } ) ]
1461- #[ ensures( |result| !result. pointer. is_null( ) ) ] //TODO: & data[..len] == result.as_ref() preserve content(question )
1460+ #[ ensures( |result| !result. pointer. is_null( ) ) ] //TODO: compare byte by byte between data and result uptill len * size_of::<T>( )
14621461 pub const fn slice_from_raw_parts ( data : NonNull < T > , len : usize ) -> Self {
14631462 // SAFETY: `data` is a `NonNull` pointer which is necessarily non-null
14641463 unsafe { Self :: new_unchecked ( super :: slice_from_raw_parts_mut ( data. as_ptr ( ) , len) ) }
@@ -1850,8 +1849,6 @@ mod verify {
18501849 let ptr_isize = NonNull :: < isize > :: dangling ( ) ;
18511850 // unit type
18521851 let ptr_unit = NonNull :: < ( ) > :: dangling ( ) ;
1853- // trait object
1854- // let ptr_trait = NonNull::<Box<dyn SampleTrait>>::dangling(); // failed to import Box
18551852 // zero length slice from dangling unit pointer
18561853 let zero_len_slice = NonNull :: slice_from_raw_parts ( ptr_unit, 0 ) ;
18571854 }
@@ -1867,7 +1864,6 @@ mod verify {
18671864 // Get a raw NonNull pointer to the start of the slice
18681865 let arr_slice_raw_ptr = NonNull :: new ( arr_slice. as_ptr ( ) as * mut ( ) ) . unwrap ( ) ;
18691866 // Create NonNull pointer from the start pointer and the length of the slice
1870- // Safety: https://doc.rust-lang.org/std/slice/fn.from_raw_parts.html
18711867 let nonnull_slice = NonNull :: < [ i8 ] > :: from_raw_parts ( arr_slice_raw_ptr, arr_len) ;
18721868 // Ensure slice content is preserved, runtime at this step is proportional to arr_len
18731869 unsafe {
@@ -1929,12 +1925,7 @@ mod verify {
19291925
19301926 // Create NonNull<dyn MyTrait> from the data pointer and metadata
19311927 let nonnull_trait_object: NonNull < dyn SampleTrait > = NonNull :: from_raw_parts ( trait_ptr, metadata) ;
1932- let ( decomposed_data_ptr, decomposed_metadata) = NonNull :: to_raw_parts ( nonnull_trait_object) ;
1933-
1934- unsafe {
1935- // Ensure trait method and member is preserved
1936- //kani::assert( trait_object.get_value() == nonnull_trait_object.as_ref().get_value(), "trait method and member must correctly preserve"); // TODO: failed checks: partial eq
1937- kani:: assert ( trait_object as * const dyn ptr:: non_null:: verify:: SampleTrait == nonnull_trait_object. as_ptr ( ) , "trait method and member must correctly preserve" ) ;
1938- }
1928+ let ( decomposed_data_ptr, decomposed_metadata) = NonNull :: to_raw_parts ( nonnull_trait_object) ;
19391929 }
1930+
19401931}
0 commit comments