about summary refs log tree commit diff
path: root/library/core/src
diff options
context:
space:
mode:
authorRalf Jung <post@ralfj.de>2025-09-22 09:28:38 +0200
committerRalf Jung <post@ralfj.de>2025-09-22 09:28:38 +0200
commit7d0012914ea223ba1f6b7dae1ecd31be95e0051a (patch)
tree029bbf899e9e38752aea8becbb23cb71ddb5b9cd /library/core/src
parent9f32ccf35fb877270bc44a86a126440f04d676d0 (diff)
downloadrust-7d0012914ea223ba1f6b7dae1ecd31be95e0051a.tar.gz
rust-7d0012914ea223ba1f6b7dae1ecd31be95e0051a.zip
assert_unsafe_precondition: fix some incorrect check_language_ub
Diffstat (limited to 'library/core/src')
-rw-r--r--library/core/src/ascii/ascii_char.rs2


-rw-r--r--library/core/src/num/int_macros.rs6


-rw-r--r--library/core/src/num/uint_macros.rs4


-rw-r--r--library/core/src/slice/index.rs2


-rw-r--r--library/core/src/ub_checks.rs5


5 files changed, 10 insertions, 9 deletions
diff --git a/library/core/src/ascii/ascii_char.rs b/library/core/src/ascii/ascii_char.rs
index 178af2c0e3b..d77fafed203 100644
--- a/library/core/src/ascii/ascii_char.rs
+++ b/library/core/src/ascii/ascii_char.rs
@@ -515,7 +515,7 @@ impl AsciiChar {
     #[track_caller]
     pub const unsafe fn digit_unchecked(d: u8) -> Self {
         assert_unsafe_precondition!(
-            check_language_ub,
+            check_library_ub,
             "`ascii::Char::digit_unchecked` input cannot exceed 9.",
             (d: u8 = d) => d < 10
         );
diff --git a/library/core/src/num/int_macros.rs b/library/core/src/num/int_macros.rs
index 64a3dd3e8bc..0d80c40fb23 100644
--- a/library/core/src/num/int_macros.rs
+++ b/library/core/src/num/int_macros.rs
@@ -1460,8 +1460,8 @@ macro_rules! int_impl {
         #[inline]
         pub const unsafe fn unchecked_exact_shl(self, rhs: u32) -> $SelfT {
             assert_unsafe_precondition!(
-                check_language_ub,
-                concat!(stringify!($SelfT), "::unchecked_exact_shl cannot shift out non-zero bits"),
+                check_library_ub,
+                concat!(stringify!($SelfT), "::unchecked_exact_shl cannot shift out bits that would change the value of the first bit"),
                 (
                     zeros: u32 = self.leading_zeros(),
                     ones: u32 = self.leading_ones(),
@@ -1638,7 +1638,7 @@ macro_rules! int_impl {
         #[inline]
         pub const unsafe fn unchecked_exact_shr(self, rhs: u32) -> $SelfT {
             assert_unsafe_precondition!(
-                check_language_ub,
+                check_library_ub,
                 concat!(stringify!($SelfT), "::unchecked_exact_shr cannot shift out non-zero bits"),
                 (
                     zeros: u32 = self.trailing_zeros(),
diff --git a/library/core/src/num/uint_macros.rs b/library/core/src/num/uint_macros.rs
index bf72ec83197..d68c7be9865 100644
--- a/library/core/src/num/uint_macros.rs
+++ b/library/core/src/num/uint_macros.rs
@@ -1865,7 +1865,7 @@ macro_rules! uint_impl {
         #[inline]
         pub const unsafe fn unchecked_exact_shl(self, rhs: u32) -> $SelfT {
             assert_unsafe_precondition!(
-                check_language_ub,
+                check_library_ub,
                 concat!(stringify!($SelfT), "::exact_shl_unchecked cannot shift out non-zero bits"),
                 (
                     zeros: u32 = self.leading_zeros(),
@@ -2037,7 +2037,7 @@ macro_rules! uint_impl {
         #[inline]
         pub const unsafe fn unchecked_exact_shr(self, rhs: u32) -> $SelfT {
             assert_unsafe_precondition!(
-                check_language_ub,
+                check_library_ub,
                 concat!(stringify!($SelfT), "::exact_shr_unchecked cannot shift out non-zero bits"),
                 (
                     zeros: u32 = self.trailing_zeros(),
diff --git a/library/core/src/slice/index.rs b/library/core/src/slice/index.rs
index a8147d745f3..d4c466201ed 100644
--- a/library/core/src/slice/index.rs
+++ b/library/core/src/slice/index.rs
@@ -233,7 +233,7 @@ unsafe impl<T> const SliceIndex<[T]> for usize {
     #[track_caller]
     unsafe fn get_unchecked(self, slice: *const [T]) -> *const T {
         assert_unsafe_precondition!(
-            check_language_ub,
+            check_language_ub, // okay because of the `assume` below
             "slice::get_unchecked requires that the index is within the slice",
             (this: usize = self, len: usize = slice.len()) => this < len
         );
diff --git a/library/core/src/ub_checks.rs b/library/core/src/ub_checks.rs
index b809294cfce..514ff93c982 100644
--- a/library/core/src/ub_checks.rs
+++ b/library/core/src/ub_checks.rs
@@ -21,8 +21,9 @@ use crate::intrinsics::{self, const_eval_select};
 /// slow down const-eval/Miri and we'll get the panic message instead of the interpreter's nice
 /// diagnostic, but our ability to detect UB is unchanged.
 /// But if `check_language_ub` is used when the check is actually for library UB, the check is
-/// omitted in const-eval/Miri and thus if we eventually execute language UB which relies on the
-/// library UB, the backtrace Miri reports may be far removed from original cause.
+/// omitted in const-eval/Miri and thus UB might occur undetected. Even if we eventually execute
+/// language UB which relies on the library UB, the backtrace Miri reports may be far removed from
+/// original cause.
 ///
 /// These checks are behind a condition which is evaluated at codegen time, not expansion time like
 /// [`debug_assert`]. This means that a standard library built with optimizations and debug

 

generated by cgit-pink 1.4.1-3-g733a5 (git 2.37.1) at 2025-10-26 15:48:12 +0000