diff --git a/library/kani/src/arbitrary.rs b/library/kani/src/arbitrary.rs index 2e13f90e3aef..fcd154de35ee 100644 --- a/library/kani/src/arbitrary.rs +++ b/library/kani/src/arbitrary.rs @@ -76,8 +76,7 @@ trivial_arbitrary!(()); impl Arbitrary for bool { #[inline(always)] fn any() -> Self { - let byte = u8::any(); - crate::assume(byte < 2); + let byte = u8::any() & 0x1; byte == 1 } } @@ -88,9 +87,13 @@ impl Arbitrary for char { #[inline(always)] fn any() -> Self { // Generate an arbitrary u32 and constrain it to make it a valid representation of char. - let val = u32::any(); - crate::assume(val <= 0xD7FF || (0xE000..=0x10FFFF).contains(&val)); - unsafe { char::from_u32_unchecked(val) } + let val = u32::any() & 0x0FFFFF; + if val & 0xD800 != 0 { + // val > 0xD7FF && val < 0xE000 + unsafe { char::from_u32_unchecked(0x10FFFF) } + } else { + unsafe { char::from_u32_unchecked(val) } + } } } @@ -100,8 +103,11 @@ macro_rules! nonzero_arbitrary { #[inline(always)] fn any() -> Self { let val = <$base>::any(); - crate::assume(val != 0); - unsafe { <$type>::new_unchecked(val) } + if val == 0 { + unsafe { <$type>::new_unchecked(1) } + } else { + unsafe { <$type>::new_unchecked(val) } + } } } }; diff --git a/library/kani/src/slice.rs b/library/kani/src/slice.rs index f06118a4b2f5..01e5e384d52b 100644 --- a/library/kani/src/slice.rs +++ b/library/kani/src/slice.rs @@ -1,6 +1,6 @@ // Copyright Kani Contributors // SPDX-License-Identifier: Apache-2.0 OR MIT -use crate::{any, assume, Arbitrary}; +use crate::{any, Arbitrary}; use std::alloc::{alloc, dealloc, Layout}; use std::ops::{Deref, DerefMut}; @@ -30,9 +30,11 @@ pub fn any_slice_of_array_mut(arr: &mut [T; LENGTH]) -> fn any_range() -> (usize, usize) { let from: usize = any(); let to: usize = any(); - assume(to <= LENGTH); - assume(from <= to); - (from, to) + if to > LENGTH || to < from { + (0, 0) + } else { + (from, to) + } } /// A struct that stores a slice of type `T` with a non-deterministic length @@ -80,10 +82,15 @@ impl AnySlice { fn alloc_slice() -> Self { let slice_len = any(); - assume(slice_len <= MAX_SLICE_LENGTH); - let layout = Layout::array::(slice_len).unwrap(); - let ptr = if slice_len == 0 { std::ptr::null() } else { unsafe { alloc(layout) } }; - Self { layout, ptr: ptr as *mut T, slice_len } + if slice_len <= MAX_SLICE_LENGTH { + let layout = Layout::array::(slice_len).unwrap(); + let ptr = if slice_len == 0 { std::ptr::null() } else { unsafe { alloc(layout) } }; + Self { layout, ptr: ptr as *mut T, slice_len } + } else { + let layout = Layout::array::(0).unwrap(); + let ptr: *const T = std::ptr::null(); + Self { layout, ptr: ptr as *mut T, slice_len } + } } pub fn get_slice(&self) -> &[T] { diff --git a/library/kani/src/vec.rs b/library/kani/src/vec.rs index 5deb90d0ec14..331851ea2656 100644 --- a/library/kani/src/vec.rs +++ b/library/kani/src/vec.rs @@ -1,6 +1,6 @@ // Copyright Kani Contributors // SPDX-License-Identifier: Apache-2.0 OR MIT -use crate::{any, assume, Arbitrary}; +use crate::{any, Arbitrary}; /// Generates an arbitrary vector whose length is at most MAX_LENGTH. pub fn any_vec() -> Vec @@ -10,8 +10,9 @@ where { let mut v = exact_vec::(); let real_length: usize = any(); - assume(real_length <= MAX_LENGTH); - unsafe { v.set_len(real_length) }; + if real_length <= MAX_LENGTH { + unsafe { v.set_len(real_length) }; + } v }