| //! Check if we can annotate a constant function with contracts. |
| //! |
| //! The contract is only checked at runtime, and it will not fail if evaluated statically. |
| //! This is an existing limitation due to the existing architecture and the lack of constant |
| //! closures. |
| //! |
| //@ revisions: all_pass runtime_fail_pre runtime_fail_post |
| // |
| //@ [all_pass] run-pass |
| // |
| //@ [runtime_fail_pre] run-crash |
| //@ [runtime_fail_post] run-crash |
| // |
| //@ [all_pass] compile-flags: -Zcontract-checks=yes |
| //@ [runtime_fail_pre] compile-flags: -Zcontract-checks=yes |
| //@ [runtime_fail_post] compile-flags: -Zcontract-checks=yes |
| #![feature(contracts)] |
| //~^ WARN the feature `contracts` is incomplete and may not be safe to use and/or cause compiler crashes [incomplete_features] |
| |
| extern crate core; |
| use core::contracts::*; |
| |
| #[requires(x < 100)] |
| const fn less_than_100(x: u8) -> u8 { |
| x |
| } |
| |
| // This is wrong on purpose. |
| #[ensures(|ret| *ret)] |
| const fn always_true(b: bool) -> bool { |
| b |
| } |
| |
| const ZERO: u8 = less_than_100(0); |
| // This is no-op because the contract cannot be checked at compilation time. |
| const TWO_HUNDRED: u8 = less_than_100(200); |
| |
| /// Example from <https://github.com/rust-lang/rust/issues/136925>. |
| #[ensures(move |ret: &u32| *ret > x)] |
| const fn broken_sum(x: u32, y: u32) -> u32 { |
| x + y |
| } |
| |
| fn main() { |
| assert_eq!(ZERO, 0); |
| assert_eq!(TWO_HUNDRED, 200); |
| assert_eq!(broken_sum(0, 1), 1); |
| assert_eq!(always_true(true), true); |
| |
| #[cfg(runtime_fail_post)] |
| let _ok = always_true(false); |
| |
| // Runtime check should fail. |
| #[cfg(runtime_fail_pre)] |
| let _200 = less_than_100(200); |
| } |
