Skip to content

Add support for transitive modifies clause #3372

New issue
New issue
Open
Open
Add support for transitive modifies clause#3372
Labels
Z-ContractsIssue related to code contracts[C] Feature / EnhancementA new feature request or enhancement to an existing feature.
Milestone
Function Contracts
@celinval

Description

@celinval
celinval
opened on Jul 23, 2024

Requested feature: Enable contracts for functions that modify memory via encapsulated pointer.
Use case: Kani contracts require that all writeable memory to be specified. However, they may not be visible in the current context
Link to relevant documentation (Rust reference, Nomicon, RFC):

Test case:

mod heap {
#[derive(Default)]
pub struct HeapArray<T, const N: usize> {
  inner: Box<[T; N]>,
}

impl<T, const N: usize> HeapArray<T, N> {
  pub fn set(&mut self, val: T, idx: usize) {
  }
}
}

mod other {
  struct Stack<T> {
     buf: HeapArray,
     next: usize,
  }

  impl<T> Stack<T> {
    #[modifies(buf)] // This is not enough today
    #[kani::ensures(|_| self.contains(val))]
    fn enqueue(&mut self, val: T) {
      assert!(!self.is_full());
      self.buf.set(val, next);
    }
  }
}

Metadata

Metadata

Assignees

No one assigned

    Labels

    Z-ContractsIssue related to code contracts[C] Feature / EnhancementA new feature request or enhancement to an existing feature.

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions