diff options
| author | Ralf Jung <post@ralfj.de> | 2022-09-26 16:54:22 +0200 |
|---|---|---|
| committer | Ralf Jung <post@ralfj.de> | 2022-10-07 14:35:12 +0200 |
| commit | 6f6433428f064f520d09fb5585dfc3e59e1165e7 (patch) | |
| tree | 68aea41f1a3796e5b29d37369263f69759fdde15 | |
| parent | 4bd30785eb6e55f317b41b7c278f438807eeb174 (diff) | |
| download | rust-6f6433428f064f520d09fb5585dfc3e59e1165e7.tar.gz rust-6f6433428f064f520d09fb5585dfc3e59e1165e7.zip | |
add a few more assert_unsafe_precondition
| -rw-r--r-- | library/core/src/hint.rs | 5 | ||||
| -rw-r--r-- | library/core/src/ptr/mod.rs | 2 | ||||
| -rw-r--r-- | src/test/codegen/mem-replace-direct-memcpy.rs | 1 | ||||
| -rw-r--r-- | src/test/ui/consts/const_unsafe_unreachable_ub.stderr | 10 |
4 files changed, 12 insertions, 6 deletions
diff --git a/library/core/src/hint.rs b/library/core/src/hint.rs index f9267371aa7..80036bcc4de 100644 --- a/library/core/src/hint.rs +++ b/library/core/src/hint.rs @@ -100,7 +100,10 @@ use crate::intrinsics; pub const unsafe fn unreachable_unchecked() -> ! { // SAFETY: the safety contract for `intrinsics::unreachable` must // be upheld by the caller. - unsafe { intrinsics::unreachable() } + unsafe { + intrinsics::assert_unsafe_precondition!(() => false); + intrinsics::unreachable() + } } /// Emits a machine instruction to signal the processor that it is running in diff --git a/library/core/src/ptr/mod.rs b/library/core/src/ptr/mod.rs index e976abed774..d4ab234cec3 100644 --- a/library/core/src/ptr/mod.rs +++ b/library/core/src/ptr/mod.rs @@ -1114,6 +1114,7 @@ pub const unsafe fn read<T>(src: *const T) -> T { // Also, since we just wrote a valid value into `tmp`, it is guaranteed // to be properly initialized. unsafe { + assert_unsafe_precondition!([T](src: *const T) => is_aligned_and_not_null(src)); copy_nonoverlapping(src, tmp.as_mut_ptr(), 1); tmp.assume_init() } @@ -1307,6 +1308,7 @@ pub const unsafe fn write<T>(dst: *mut T, src: T) { // `dst` cannot overlap `src` because the caller has mutable access // to `dst` while `src` is owned by this function. unsafe { + assert_unsafe_precondition!([T](dst: *mut T) => is_aligned_and_not_null(dst)); copy_nonoverlapping(&src as *const T, dst, 1); intrinsics::forget(src); } diff --git a/src/test/codegen/mem-replace-direct-memcpy.rs b/src/test/codegen/mem-replace-direct-memcpy.rs index b41ef538d71..4318e926e47 100644 --- a/src/test/codegen/mem-replace-direct-memcpy.rs +++ b/src/test/codegen/mem-replace-direct-memcpy.rs @@ -4,6 +4,7 @@ // known to be `1` after inlining). // compile-flags: -C no-prepopulate-passes -Zinline-mir=no +// ignore-debug: the debug assertions get in the way #![crate_type = "lib"] diff --git a/src/test/ui/consts/const_unsafe_unreachable_ub.stderr b/src/test/ui/consts/const_unsafe_unreachable_ub.stderr index ec6ce1f5d7c..f6de3699f77 100644 --- a/src/test/ui/consts/const_unsafe_unreachable_ub.stderr +++ b/src/test/ui/consts/const_unsafe_unreachable_ub.stderr @@ -1,11 +1,11 @@ error[E0080]: evaluation of constant value failed --> $SRC_DIR/core/src/hint.rs:LL:COL | -LL | unsafe { intrinsics::unreachable() } - | ^^^^^^^^^^^^^^^^^^^^^^^^^ - | | - | entering unreachable code - | inside `unreachable_unchecked` at $SRC_DIR/core/src/hint.rs:LL:COL +LL | intrinsics::unreachable() + | ^^^^^^^^^^^^^^^^^^^^^^^^^ + | | + | entering unreachable code + | inside `unreachable_unchecked` at $SRC_DIR/core/src/hint.rs:LL:COL | ::: $DIR/const_unsafe_unreachable_ub.rs:6:18 | |