Skip to content

Pointer sub() operation is giving spurious overflow check error #1082

Closed
#1094
Closed
Pointer sub() operation is giving spurious overflow check error#1082
#1094
Assignees
adpaco
Labels
[C] BugThis is a bug. Something isn't working.[F] Spurious FailureIssues that cause Kani verification to fail despite the code being correct.
@celinval

Description

@celinval
celinval
opened on Apr 20, 2022

I tried this code:

#[kani::proof]
fn check_thin_ptr() {
    let array = [0, 1, 2, 3, 4, 5, 6];
    let second_ptr: *const i32 = &array[3];
    unsafe {
        let before = second_ptr.sub(1);
        assert_eq!(*before, 2);
    }
}

using the following command line invocation:

kani <test_file>

with Kani version:

I expected to see this happen: Verification succeed.

Instead, this happened: It fails with the following message:

SUMMARY:
 ** 1 of 9 failed
Failed Checks: attempt to compute offset which would overflow
 File: "rustlib/src/rust/library/core/src/ptr/const_ptr.rs", line 295, in std::ptr::const_ptr::<impl *const T>::offset

VERIFICATION:- FAILED

Metadata

Metadata

Assignees

Labels

[C] BugThis is a bug. Something isn't working.[F] Spurious FailureIssues that cause Kani verification to fail despite the code being correct.

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions