clean up const stability around UB checks
This commit is contained in:
Ralf Jung
parent
5eef5ee38a
commit
543627ddbe
5 changed files with 26 additions and 24 deletions
|
|
@ -4013,9 +4013,9 @@ pub const unsafe fn copy_nonoverlapping<T>(src: *const T, dst: *mut T, count: us
|
||||||
count: usize = count,
|
count: usize = count,
|
||||||
) => {
|
) => {
|
||||||
let zero_size = count == 0 || size == 0;
|
let zero_size = count == 0 || size == 0;
|
||||||
ub_checks::is_aligned_and_not_null(src, align, zero_size)
|
ub_checks::maybe_is_aligned_and_not_null(src, align, zero_size)
|
||||||
&& ub_checks::is_aligned_and_not_null(dst, align, zero_size)
|
&& ub_checks::maybe_is_aligned_and_not_null(dst, align, zero_size)
|
||||||
&& ub_checks::is_nonoverlapping(src, dst, size, count)
|
&& ub_checks::maybe_is_nonoverlapping(src, dst, size, count)
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
|
|
||||||
|
|
@ -4119,8 +4119,8 @@ pub const unsafe fn copy<T>(src: *const T, dst: *mut T, count: usize) {
|
||||||
align: usize = align_of::<T>(),
|
align: usize = align_of::<T>(),
|
||||||
zero_size: bool = T::IS_ZST || count == 0,
|
zero_size: bool = T::IS_ZST || count == 0,
|
||||||
) =>
|
) =>
|
||||||
ub_checks::is_aligned_and_not_null(src, align, zero_size)
|
ub_checks::maybe_is_aligned_and_not_null(src, align, zero_size)
|
||||||
&& ub_checks::is_aligned_and_not_null(dst, align, zero_size)
|
&& ub_checks::maybe_is_aligned_and_not_null(dst, align, zero_size)
|
||||||
);
|
);
|
||||||
copy(src, dst, count)
|
copy(src, dst, count)
|
||||||
}
|
}
|
||||||
|
|
@ -4201,7 +4201,7 @@ pub const unsafe fn write_bytes<T>(dst: *mut T, val: u8, count: usize) {
|
||||||
addr: *const () = dst as *const (),
|
addr: *const () = dst as *const (),
|
||||||
align: usize = align_of::<T>(),
|
align: usize = align_of::<T>(),
|
||||||
zero_size: bool = T::IS_ZST || count == 0,
|
zero_size: bool = T::IS_ZST || count == 0,
|
||||||
) => ub_checks::is_aligned_and_not_null(addr, align, zero_size)
|
) => ub_checks::maybe_is_aligned_and_not_null(addr, align, zero_size)
|
||||||
);
|
);
|
||||||
write_bytes(dst, val, count)
|
write_bytes(dst, val, count)
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -109,6 +109,7 @@
|
||||||
// tidy-alphabetical-start
|
// tidy-alphabetical-start
|
||||||
#![cfg_attr(bootstrap, feature(const_exact_div))]
|
#![cfg_attr(bootstrap, feature(const_exact_div))]
|
||||||
#![cfg_attr(bootstrap, feature(const_fmt_arguments_new))]
|
#![cfg_attr(bootstrap, feature(const_fmt_arguments_new))]
|
||||||
|
#![cfg_attr(bootstrap, feature(const_ub_checks))]
|
||||||
#![feature(array_ptr_get)]
|
#![feature(array_ptr_get)]
|
||||||
#![feature(asm_experimental_arch)]
|
#![feature(asm_experimental_arch)]
|
||||||
#![feature(const_align_of_val)]
|
#![feature(const_align_of_val)]
|
||||||
|
|
@ -131,7 +132,6 @@
|
||||||
#![feature(const_type_id)]
|
#![feature(const_type_id)]
|
||||||
#![feature(const_type_name)]
|
#![feature(const_type_name)]
|
||||||
#![feature(const_typed_swap)]
|
#![feature(const_typed_swap)]
|
||||||
#![feature(const_ub_checks)]
|
|
||||||
#![feature(core_intrinsics)]
|
#![feature(core_intrinsics)]
|
||||||
#![feature(coverage_attribute)]
|
#![feature(coverage_attribute)]
|
||||||
#![feature(do_not_recommend)]
|
#![feature(do_not_recommend)]
|
||||||
|
|
|
||||||
|
|
@ -1103,9 +1103,9 @@ pub const unsafe fn swap_nonoverlapping<T>(x: *mut T, y: *mut T, count: usize) {
|
||||||
count: usize = count,
|
count: usize = count,
|
||||||
) => {
|
) => {
|
||||||
let zero_size = size == 0 || count == 0;
|
let zero_size = size == 0 || count == 0;
|
||||||
ub_checks::is_aligned_and_not_null(x, align, zero_size)
|
ub_checks::maybe_is_aligned_and_not_null(x, align, zero_size)
|
||||||
&& ub_checks::is_aligned_and_not_null(y, align, zero_size)
|
&& ub_checks::maybe_is_aligned_and_not_null(y, align, zero_size)
|
||||||
&& ub_checks::is_nonoverlapping(x, y, size, count)
|
&& ub_checks::maybe_is_nonoverlapping(x, y, size, count)
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
|
|
||||||
|
|
@ -1216,7 +1216,7 @@ pub const unsafe fn replace<T>(dst: *mut T, src: T) -> T {
|
||||||
addr: *const () = dst as *const (),
|
addr: *const () = dst as *const (),
|
||||||
align: usize = align_of::<T>(),
|
align: usize = align_of::<T>(),
|
||||||
is_zst: bool = T::IS_ZST,
|
is_zst: bool = T::IS_ZST,
|
||||||
) => ub_checks::is_aligned_and_not_null(addr, align, is_zst)
|
) => ub_checks::maybe_is_aligned_and_not_null(addr, align, is_zst)
|
||||||
);
|
);
|
||||||
mem::replace(&mut *dst, src)
|
mem::replace(&mut *dst, src)
|
||||||
}
|
}
|
||||||
|
|
@ -1369,7 +1369,7 @@ pub const unsafe fn read<T>(src: *const T) -> T {
|
||||||
addr: *const () = src as *const (),
|
addr: *const () = src as *const (),
|
||||||
align: usize = align_of::<T>(),
|
align: usize = align_of::<T>(),
|
||||||
is_zst: bool = T::IS_ZST,
|
is_zst: bool = T::IS_ZST,
|
||||||
) => ub_checks::is_aligned_and_not_null(addr, align, is_zst)
|
) => ub_checks::maybe_is_aligned_and_not_null(addr, align, is_zst)
|
||||||
);
|
);
|
||||||
crate::intrinsics::read_via_copy(src)
|
crate::intrinsics::read_via_copy(src)
|
||||||
}
|
}
|
||||||
|
|
@ -1573,7 +1573,7 @@ pub const unsafe fn write<T>(dst: *mut T, src: T) {
|
||||||
addr: *mut () = dst as *mut (),
|
addr: *mut () = dst as *mut (),
|
||||||
align: usize = align_of::<T>(),
|
align: usize = align_of::<T>(),
|
||||||
is_zst: bool = T::IS_ZST,
|
is_zst: bool = T::IS_ZST,
|
||||||
) => ub_checks::is_aligned_and_not_null(addr, align, is_zst)
|
) => ub_checks::maybe_is_aligned_and_not_null(addr, align, is_zst)
|
||||||
);
|
);
|
||||||
intrinsics::write_via_move(dst, src)
|
intrinsics::write_via_move(dst, src)
|
||||||
}
|
}
|
||||||
|
|
@ -1745,7 +1745,7 @@ pub unsafe fn read_volatile<T>(src: *const T) -> T {
|
||||||
addr: *const () = src as *const (),
|
addr: *const () = src as *const (),
|
||||||
align: usize = align_of::<T>(),
|
align: usize = align_of::<T>(),
|
||||||
is_zst: bool = T::IS_ZST,
|
is_zst: bool = T::IS_ZST,
|
||||||
) => ub_checks::is_aligned_and_not_null(addr, align, is_zst)
|
) => ub_checks::maybe_is_aligned_and_not_null(addr, align, is_zst)
|
||||||
);
|
);
|
||||||
intrinsics::volatile_load(src)
|
intrinsics::volatile_load(src)
|
||||||
}
|
}
|
||||||
|
|
@ -1825,7 +1825,7 @@ pub unsafe fn write_volatile<T>(dst: *mut T, src: T) {
|
||||||
addr: *mut () = dst as *mut (),
|
addr: *mut () = dst as *mut (),
|
||||||
align: usize = align_of::<T>(),
|
align: usize = align_of::<T>(),
|
||||||
is_zst: bool = T::IS_ZST,
|
is_zst: bool = T::IS_ZST,
|
||||||
) => ub_checks::is_aligned_and_not_null(addr, align, is_zst)
|
) => ub_checks::maybe_is_aligned_and_not_null(addr, align, is_zst)
|
||||||
);
|
);
|
||||||
intrinsics::volatile_store(dst, src);
|
intrinsics::volatile_store(dst, src);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -132,7 +132,7 @@ pub const unsafe fn from_raw_parts<'a, T>(data: *const T, len: usize) -> &'a [T]
|
||||||
align: usize = align_of::<T>(),
|
align: usize = align_of::<T>(),
|
||||||
len: usize = len,
|
len: usize = len,
|
||||||
) =>
|
) =>
|
||||||
ub_checks::is_aligned_and_not_null(data, align, false)
|
ub_checks::maybe_is_aligned_and_not_null(data, align, false)
|
||||||
&& ub_checks::is_valid_allocation_size(size, len)
|
&& ub_checks::is_valid_allocation_size(size, len)
|
||||||
);
|
);
|
||||||
&*ptr::slice_from_raw_parts(data, len)
|
&*ptr::slice_from_raw_parts(data, len)
|
||||||
|
|
@ -186,7 +186,7 @@ pub const unsafe fn from_raw_parts_mut<'a, T>(data: *mut T, len: usize) -> &'a m
|
||||||
align: usize = align_of::<T>(),
|
align: usize = align_of::<T>(),
|
||||||
len: usize = len,
|
len: usize = len,
|
||||||
) =>
|
) =>
|
||||||
ub_checks::is_aligned_and_not_null(data, align, false)
|
ub_checks::maybe_is_aligned_and_not_null(data, align, false)
|
||||||
&& ub_checks::is_valid_allocation_size(size, len)
|
&& ub_checks::is_valid_allocation_size(size, len)
|
||||||
);
|
);
|
||||||
&mut *ptr::slice_from_raw_parts_mut(data, len)
|
&mut *ptr::slice_from_raw_parts_mut(data, len)
|
||||||
|
|
|
||||||
|
|
@ -64,8 +64,6 @@ macro_rules! assert_unsafe_precondition {
|
||||||
#[rustc_no_mir_inline]
|
#[rustc_no_mir_inline]
|
||||||
#[inline]
|
#[inline]
|
||||||
#[rustc_nounwind]
|
#[rustc_nounwind]
|
||||||
#[cfg_attr(bootstrap, rustc_const_unstable(feature = "const_ub_checks", issue = "none"))]
|
|
||||||
#[rustc_allow_const_fn_unstable(const_ub_checks)] // only for UB checks
|
|
||||||
const fn precondition_check($($name:$ty),*) {
|
const fn precondition_check($($name:$ty),*) {
|
||||||
if !$e {
|
if !$e {
|
||||||
::core::panicking::panic_nounwind(
|
::core::panicking::panic_nounwind(
|
||||||
|
|
@ -116,12 +114,16 @@ pub(crate) const fn check_language_ub() -> bool {
|
||||||
/// for `assert_unsafe_precondition!` with `check_language_ub`, in which case the
|
/// for `assert_unsafe_precondition!` with `check_language_ub`, in which case the
|
||||||
/// check is anyway not executed in `const`.
|
/// check is anyway not executed in `const`.
|
||||||
#[inline]
|
#[inline]
|
||||||
#[rustc_const_unstable(feature = "const_ub_checks", issue = "none")]
|
#[rustc_allow_const_fn_unstable(const_eval_select)]
|
||||||
pub(crate) const fn is_aligned_and_not_null(ptr: *const (), align: usize, is_zst: bool) -> bool {
|
pub(crate) const fn maybe_is_aligned_and_not_null(
|
||||||
|
ptr: *const (),
|
||||||
|
align: usize,
|
||||||
|
is_zst: bool,
|
||||||
|
) -> bool {
|
||||||
// This is just for safety checks so we can const_eval_select.
|
// This is just for safety checks so we can const_eval_select.
|
||||||
const_eval_select!(
|
const_eval_select!(
|
||||||
@capture { ptr: *const (), align: usize, is_zst: bool } -> bool:
|
@capture { ptr: *const (), align: usize, is_zst: bool } -> bool:
|
||||||
if const #[rustc_const_unstable(feature = "const_ub_checks", issue = "none")] {
|
if const {
|
||||||
is_zst || !ptr.is_null()
|
is_zst || !ptr.is_null()
|
||||||
} else {
|
} else {
|
||||||
ptr.is_aligned_to(align) && (is_zst || !ptr.is_null())
|
ptr.is_aligned_to(align) && (is_zst || !ptr.is_null())
|
||||||
|
|
@ -141,8 +143,8 @@ pub(crate) const fn is_valid_allocation_size(size: usize, len: usize) -> bool {
|
||||||
/// Note that in const-eval this function just returns `true` and therefore must
|
/// Note that in const-eval this function just returns `true` and therefore must
|
||||||
/// only be used with `assert_unsafe_precondition!`, similar to `is_aligned_and_not_null`.
|
/// only be used with `assert_unsafe_precondition!`, similar to `is_aligned_and_not_null`.
|
||||||
#[inline]
|
#[inline]
|
||||||
#[rustc_const_unstable(feature = "const_ub_checks", issue = "none")]
|
#[rustc_allow_const_fn_unstable(const_eval_select)]
|
||||||
pub(crate) const fn is_nonoverlapping(
|
pub(crate) const fn maybe_is_nonoverlapping(
|
||||||
src: *const (),
|
src: *const (),
|
||||||
dst: *const (),
|
dst: *const (),
|
||||||
size: usize,
|
size: usize,
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue