diff --git a/library/alloc/src/raw_vec.rs b/library/alloc/src/raw_vec.rs index 94e6924f41a..49f5f53f9b3 100644 --- a/library/alloc/src/raw_vec.rs +++ b/library/alloc/src/raw_vec.rs @@ -207,11 +207,7 @@ impl RawVec { // Allocators currently return a `NonNull<[u8]>` whose length // matches the size requested. If that ever changes, the capacity // here should change to `ptr.len() / mem::size_of::()`. - Self { - ptr: unsafe { Unique::new_unchecked(ptr.cast().as_ptr()) }, - cap: unsafe { Cap(capacity) }, - alloc, - } + Self { ptr: Unique::from(ptr.cast()), cap: unsafe { Cap(capacity) }, alloc } } } @@ -239,6 +235,11 @@ impl RawVec { self.ptr.as_ptr() } + #[inline] + pub fn non_null(&self) -> NonNull { + NonNull::from(self.ptr) + } + /// Gets the capacity of the allocation. /// /// This will always be `usize::MAX` if `T` is zero-sized. @@ -398,7 +399,7 @@ impl RawVec { // Allocators currently return a `NonNull<[u8]>` whose length matches // the size requested. If that ever changes, the capacity here should // change to `ptr.len() / mem::size_of::()`. - self.ptr = unsafe { Unique::new_unchecked(ptr.cast().as_ptr()) }; + self.ptr = Unique::from(ptr.cast()); self.cap = unsafe { Cap(cap) }; } diff --git a/library/alloc/src/vec/into_iter.rs b/library/alloc/src/vec/into_iter.rs index 654ce09afcd..7800560da94 100644 --- a/library/alloc/src/vec/into_iter.rs +++ b/library/alloc/src/vec/into_iter.rs @@ -136,7 +136,7 @@ impl IntoIter { // struct and then overwriting &mut self. // this creates less assembly self.cap = 0; - self.buf = unsafe { NonNull::new_unchecked(RawVec::NEW.ptr()) }; + self.buf = RawVec::NEW.non_null(); self.ptr = self.buf; self.end = self.buf.as_ptr(); diff --git a/library/alloc/src/vec/mod.rs b/library/alloc/src/vec/mod.rs index b3e5ecc9240..08e3cdedc66 100644 --- a/library/alloc/src/vec/mod.rs +++ b/library/alloc/src/vec/mod.rs @@ -2861,16 +2861,16 @@ impl IntoIterator for Vec { #[inline] fn into_iter(self) -> Self::IntoIter { unsafe { - let mut me = ManuallyDrop::new(self); + let me = ManuallyDrop::new(self); let alloc = ManuallyDrop::new(ptr::read(me.allocator())); - let begin = me.as_mut_ptr(); + let buf = me.buf.non_null(); + let begin = buf.as_ptr(); let end = if T::IS_ZST { begin.wrapping_byte_add(me.len()) } else { begin.add(me.len()) as *const T }; let cap = me.buf.capacity(); - let buf = NonNull::new_unchecked(begin); IntoIter { buf, phantom: PhantomData, cap, alloc, ptr: buf, end } } } diff --git a/library/core/src/ptr/non_null.rs b/library/core/src/ptr/non_null.rs index d6266ba8da5..575af96fc98 100644 --- a/library/core/src/ptr/non_null.rs +++ b/library/core/src/ptr/non_null.rs @@ -473,7 +473,7 @@ impl NonNull { #[inline] pub const fn cast(self) -> NonNull { // SAFETY: `self` is a `NonNull` pointer which is necessarily non-null - unsafe { NonNull::new_unchecked(self.as_ptr() as *mut U) } + unsafe { NonNull { pointer: self.as_ptr() as *mut U } } } /// Calculates the offset from a pointer. @@ -1828,9 +1828,8 @@ impl hash::Hash for NonNull { impl From> for NonNull { #[inline] fn from(unique: Unique) -> Self { - // SAFETY: A Unique pointer cannot be null, so the conditions for - // new_unchecked() are respected. - unsafe { NonNull::new_unchecked(unique.as_ptr()) } + // SAFETY: A Unique pointer cannot be null. + unsafe { NonNull { pointer: unique.as_ptr() } } } } @@ -1853,8 +1852,7 @@ impl From<&T> for NonNull { /// This conversion is safe and infallible since references cannot be null. #[inline] fn from(reference: &T) -> Self { - // SAFETY: A reference cannot be null, so the conditions for - // new_unchecked() are respected. + // SAFETY: A reference cannot be null. unsafe { NonNull { pointer: reference as *const T } } } } diff --git a/library/core/src/ptr/unique.rs b/library/core/src/ptr/unique.rs index 067f1541e31..2d878836b16 100644 --- a/library/core/src/ptr/unique.rs +++ b/library/core/src/ptr/unique.rs @@ -138,7 +138,7 @@ impl Unique { pub const fn cast(self) -> Unique { // FIXME(const-hack): replace with `From` // SAFETY: is `NonNull` - unsafe { Unique::new_unchecked(self.pointer.cast().as_ptr()) } + Unique { pointer: self.pointer.cast(), _marker: PhantomData } } } diff --git a/library/core/src/slice/iter.rs b/library/core/src/slice/iter.rs index 2d4c7e78aea..1ca4ecbfba9 100644 --- a/library/core/src/slice/iter.rs +++ b/library/core/src/slice/iter.rs @@ -87,12 +87,13 @@ unsafe impl Send for Iter<'_, T> {} impl<'a, T> Iter<'a, T> { #[inline] pub(super) fn new(slice: &'a [T]) -> Self { - let ptr = slice.as_ptr(); + let len = slice.len(); + let ptr: NonNull = NonNull::from(slice).cast(); // SAFETY: Similar to `IterMut::new`. unsafe { - let end_or_len = if T::IS_ZST { invalid(slice.len()) } else { ptr.add(slice.len()) }; + let end_or_len = if T::IS_ZST { invalid(len) } else { ptr.as_ptr().add(len) }; - Self { ptr: NonNull::new_unchecked(ptr as *mut T), end_or_len, _marker: PhantomData } + Self { ptr, end_or_len, _marker: PhantomData } } } @@ -208,7 +209,8 @@ unsafe impl Send for IterMut<'_, T> {} impl<'a, T> IterMut<'a, T> { #[inline] pub(super) fn new(slice: &'a mut [T]) -> Self { - let ptr = slice.as_mut_ptr(); + let len = slice.len(); + let ptr: NonNull = NonNull::from(slice).cast(); // SAFETY: There are several things here: // // `ptr` has been obtained by `slice.as_ptr()` where `slice` is a valid @@ -226,10 +228,9 @@ impl<'a, T> IterMut<'a, T> { // See the `next_unchecked!` and `is_empty!` macros as well as the // `post_inc_start` method for more information. unsafe { - let end_or_len = - if T::IS_ZST { invalid_mut(slice.len()) } else { ptr.add(slice.len()) }; + let end_or_len = if T::IS_ZST { invalid_mut(len) } else { ptr.as_ptr().add(len) }; - Self { ptr: NonNull::new_unchecked(ptr), end_or_len, _marker: PhantomData } + Self { ptr, end_or_len, _marker: PhantomData } } }