@@ -168,15 +168,13 @@ macro_rules! kani_mem {
168168
169169 /// Checks that `ptr` points to an allocation that can hold data of size calculated from `T`.
170170///
171- /// This will panic if `ptr` points to an invalid `non_null`
172- /// Returns `false` if:
173- /// - The computed size overflows.
174- /// - The computed size exceeds `isize::MAX`.
175- /// - The pointer is null (except for zero-sized types).
176- /// - The pointer references unallocated memory.
177- ///
178- /// This function aligns with Rust's memory safety requirements, which restrict valid allocations
179- /// to sizes no larger than `isize::MAX`.
171+ /// This function always returns `true` for ZSTs, since every pointer to a ZST is valid.
172+ /// For non-ZSTs, this function will return `false` if `ptr` is null
173+ /// or the size of the val pointed to exceeds `isize::MAX`.
174+ /// Otherwise, it will return `true` if and only if `ptr` points to allocated memory
175+ /// that can hold data of size calculated from `T`.
176+ /// Note that Kani does not support reasoning about pointers to unallocated memory,
177+ /// so if `ptr` does not point to allocated memory, verification will fail.
180178[ crate :: kani:: unstable_feature(
181179 feature = "mem-predicates" ,
182180 issue = 3946 ,
@@ -192,7 +190,7 @@ macro_rules! kani_mem {
192190 } else {
193191 // Note that this branch can't be tested in concrete execution as `is_read_ok` needs to be
194192 // stubbed.
195- // We first assert that the data_ptr
193+ // We first assert that the data_ptr points to a valid allocation.
196194 let data_ptr = ptr as * const ( ) ;
197195 if !unsafe { is_allocated( data_ptr, 0 ) } {
198196 crate :: kani:: unsupported(
0 commit comments