Skip to content

Commit 8ccd693

Browse files
thanhnguyen-awsthanhnguyen-aws
committed
safety -> kani
1 parent b8b73bc commit 8ccd693

File tree

1 file changed

+11
-11
lines changed

1 file changed

+11
-11
lines changed

library/core/src/num/dec2flt/decimal_seq.rs

Lines changed: 11 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -87,7 +87,7 @@ impl DecimalSeq {
8787
//
8888
// Trim is only called in `right_shift` and `left_shift`.
8989
debug_assert!(self.num_digits <= Self::MAX_DIGITS);
90-
#[safety::loop_invariant(self.num_digits <= Self::MAX_DIGITS)]
90+
#[cfg_attr(kani, kani::loop_invariant(self.num_digits <= Self::MAX_DIGITS))]
9191
while self.num_digits != 0 && self.digits[self.num_digits - 1] == 0 {
9292
self.num_digits -= 1;
9393
}
@@ -103,7 +103,7 @@ impl DecimalSeq {
103103
let dp = self.decimal_point as usize;
104104
let mut n = 0_u64;
105105

106-
#[safety::loop_invariant(n < 10u64.pow(kani::index as u32))]
106+
#[cfg_attr(kani, kani::loop_invariant(n < 10u64.pow(kani::index as u32)))]
107107
for i in 0..dp {
108108
n *= 10;
109109
if i < self.num_digits {
@@ -136,14 +136,14 @@ impl DecimalSeq {
136136
let mut write_index = self.num_digits + num_new_digits;
137137
let mut n = 0_u64;
138138

139-
#[safety::loop_invariant(read_index <= Self::MAX_DIGITS &&
139+
#[cfg_attr(kani, kani::loop_invariant(read_index <= Self::MAX_DIGITS &&
140140
write_index == read_index + num_new_digits &&
141141
n < 10u64 << (shift - 1) &&
142142
(n == 0 || write_index > 0) &&
143143
self.num_digits <= Self::MAX_DIGITS &&
144144
self.decimal_point <= self.num_digits as i32 &&
145145
forall!(|i in (0,DecimalSeq::MAX_DIGITS)| self.digits[i] <= 9)
146-
)]
146+
))]
147147
while read_index != 0 {
148148
read_index -= 1;
149149
write_index -= 1;
@@ -158,7 +158,7 @@ impl DecimalSeq {
158158
n = quotient;
159159
}
160160

161-
#[safety::loop_invariant(self.num_digits <= Self::MAX_DIGITS && self.decimal_point <= self.num_digits as i32 && (write_index > 0 || prev(write_index) == 1))]
161+
#[cfg_attr(kani, kani::loop_invariant(self.num_digits <= Self::MAX_DIGITS && self.decimal_point <= self.num_digits as i32 && (write_index > 0 || prev(write_index) == 1)))]
162162
while n > 0 {
163163
//true but hard to write proof with kani currently
164164
// kani::assume(write_index > 0);
@@ -188,15 +188,15 @@ impl DecimalSeq {
188188
let mut read_index = 0;
189189
let mut write_index = 0;
190190
let mut n = 0_u64;
191-
#[safety::loop_invariant( n == 0 || (read_index > 0 && read_index <= self.num_digits + 64 - n.leading_zeros() as usize))]
191+
#[cfg_attr(kani, kani::loop_invariant( n == 0 || (read_index > 0 && read_index <= self.num_digits + 64 - n.leading_zeros() as usize)))]
192192
while (n >> shift) == 0 {
193193
if read_index < self.num_digits {
194194
n = (10 * n) + self.digits[read_index] as u64;
195195
read_index += 1;
196196
} else if n == 0 {
197197
return;
198198
} else {
199-
#[safety::loop_invariant(n > 0 && read_index <= self.num_digits + 64 - n.leading_zeros() as usize && read_index > 0)]
199+
#[cfg_attr(kani, kani::loop_invariant(n > 0 && read_index <= self.num_digits + 64 - n.leading_zeros() as usize && read_index > 0))]
200200
while (n >> shift) == 0 {
201201
n *= 10;
202202
read_index += 1;
@@ -213,18 +213,18 @@ impl DecimalSeq {
213213
return;
214214
}
215215
let mask = (1_u64 << shift) - 1;
216-
#[safety::loop_invariant(self.num_digits <= Self::MAX_DIGITS &&
216+
#[cfg_attr(kani, kani::loop_invariant(self.num_digits <= Self::MAX_DIGITS &&
217217
write_index < read_index &&
218218
write_index < Self::MAX_DIGITS - self.num_digits.saturating_sub(read_index)
219-
)]
219+
))]
220220
while read_index < self.num_digits {
221221
let new_digit = (n >> shift) as u8;
222222
n = (10 * (n & mask)) + self.digits[read_index] as u64;
223223
read_index += 1;
224224
self.digits[write_index] = new_digit;
225225
write_index += 1;
226226
}
227-
#[safety::loop_invariant(write_index <= Self::MAX_DIGITS)]
227+
#[cfg_attr(kani, kani::loop_invariant(write_index <= Self::MAX_DIGITS))]
228228
while n > 0 {
229229
let new_digit = (n >> shift) as u8;
230230
n = 10 * (n & mask);
@@ -387,7 +387,7 @@ fn number_of_digits_decimal_left_shift(d: &DecimalSeq, mut shift: usize) -> usiz
387387
let pow5_b = (0x7FF & x_b) as usize;
388388
let pow5 = &TABLE_POW5[pow5_a..];
389389

390-
#[safety::loop_invariant(true)]
390+
#[cfg_attr(kani, kani::loop_invariant(true))]
391391
for (i, &p5) in pow5.iter().enumerate().take(pow5_b - pow5_a) {
392392
if i >= d.num_digits {
393393
return num_new_digits - 1;

0 commit comments

Comments
 (0)