@@ -30,7 +30,8 @@ impl<const N: usize> Buffer<N> {
30
30
/// This function panics if the buffer is less than 4 bytes in size, i.e. if
31
31
/// `N < 4`.
32
32
pub const fn new ( ) -> Self {
33
- assert ! ( N >= 4 , "buffer too small, use N >= 4" ) ;
33
+ assert ! ( N >= HEADER_SIZE , "buffer too small, use N >= 4" ) ;
34
+ assert ! ( N % HEADER_SIZE == 0 , "memory size has to be divisible by 4" ) ;
34
35
let remaining_size = N - HEADER_SIZE ;
35
36
let initial_entry = Entry :: free ( remaining_size) . as_raw ( ) ;
36
37
@@ -240,7 +241,24 @@ impl<'buffer, const N: usize> Iterator for EntryIter<'buffer, N> {
240
241
241
242
#[ cfg( test) ]
242
243
mod tests {
243
- use super :: { Buffer , Entry , ValidatedOffset } ;
244
+ use super :: { Buffer , Entry , ValidatedOffset , HEADER_SIZE } ;
245
+
246
+ #[ test]
247
+ fn validated_offset_debug ( ) {
248
+ assert_eq ! ( format!( "{:?}" , ValidatedOffset ( 12 ) ) , "ValidatedOffset(12)" ) ;
249
+ }
250
+
251
+ #[ test]
252
+ fn validated_offset_equality ( ) {
253
+ assert_eq ! ( ValidatedOffset ( 12 ) , ValidatedOffset ( 12 ) ) ;
254
+ assert_ne ! ( ValidatedOffset ( 12 ) , ValidatedOffset ( 24 ) ) ;
255
+ // as this test is primarily to make the code coverage happy, let's test
256
+ // something else here: cloning. Since the type is `Copy`, it has to be
257
+ // `Clone` as well, despite `clone()` never being called. So let's do it
258
+ // here, so that the coverage testing is happy.
259
+ assert_eq ! ( ValidatedOffset ( 12 ) . clone( ) , ValidatedOffset ( 12 ) ) ;
260
+ assert_ne ! ( ValidatedOffset ( 12 ) . clone( ) , ValidatedOffset ( 24 ) ) ;
261
+ }
244
262
245
263
#[ test]
246
264
fn empty_allocator ( ) {
@@ -250,6 +268,30 @@ mod tests {
250
268
assert_eq ! ( expected, actual) ;
251
269
}
252
270
271
+ #[ test]
272
+ fn header_size ( ) {
273
+ // the codebase assumes, that the header size is `4`, so make sure that
274
+ // assumption holds.
275
+ assert_eq ! ( HEADER_SIZE , 4 ) ;
276
+ }
277
+
278
+ #[ test]
279
+ #[ should_panic( expected = "buffer too small" ) ]
280
+ fn too_small_buffer ( ) {
281
+ // this test ensures, that there is no out of bounds writing when
282
+ // setting up the initial entry
283
+ Buffer :: < 3 > :: new ( ) ;
284
+ }
285
+
286
+ #[ test]
287
+ #[ should_panic( expected = "memory size has to be divisible by 4" ) ]
288
+ fn invalid_buffer_size ( ) {
289
+ // the buffer size is not really an issue here, but the code is easier
290
+ // to write/read if the buffer size is always a multiple of the header
291
+ // size, i.e. the size of an entry, which is `4`.
292
+ Buffer :: < 13 > :: new ( ) ;
293
+ }
294
+
253
295
#[ test]
254
296
fn entry_iter ( ) {
255
297
let buffer = Buffer :: < 32 > :: new ( ) ;
@@ -278,6 +320,34 @@ mod tests {
278
320
assert_eq ! ( buffer[ ValidatedOffset ( 8 ) ] , Entry :: free( 12 ) ) ;
279
321
}
280
322
323
+ #[ test]
324
+ #[ should_panic]
325
+ fn at_out_of_bounds ( ) {
326
+ let buffer = Buffer :: < 32 > :: new ( ) ;
327
+ buffer. at ( 64 ) ; // panic here
328
+ }
329
+
330
+ #[ test]
331
+ #[ should_panic]
332
+ fn at_mut_out_of_bounds ( ) {
333
+ let mut buffer = Buffer :: < 32 > :: new ( ) ;
334
+ buffer. at_mut ( 64 ) ; // panic here
335
+ }
336
+
337
+ #[ test]
338
+ #[ should_panic]
339
+ fn at_unaligned ( ) {
340
+ let buffer = Buffer :: < 32 > :: new ( ) ;
341
+ buffer. at ( 2 ) ; // panic here
342
+ }
343
+
344
+ #[ test]
345
+ #[ should_panic]
346
+ fn at_mut_unaligned ( ) {
347
+ let mut buffer = Buffer :: < 32 > :: new ( ) ;
348
+ buffer. at_mut ( 2 ) ; // panic here
349
+ }
350
+
281
351
#[ test]
282
352
fn following_free_entry ( ) {
283
353
let mut buffer = Buffer :: < 24 > :: new ( ) ;
0 commit comments