diff options
| author | Ralf Jung <post@ralfj.de> | 2020-06-19 14:29:24 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-06-19 14:29:24 +0200 |
| commit | 125c196bca6f144c5f6a97b725b715dd0964c3d5 (patch) | |
| tree | eb381b65ce8a97b9916df9b18778f966fb644a74 /src/libcore/ptr | |
| parent | 0851036ae30efa58b47258ad3b718d6ef66dc706 (diff) | |
| parent | 81c7ebd54418fe2f91be10b7371c7a3f5cca3771 (diff) | |
| download | rust-125c196bca6f144c5f6a97b725b715dd0964c3d5.tar.gz rust-125c196bca6f144c5f6a97b725b715dd0964c3d5.zip | |
Rollup merge of #73054 - RalfJung:dont-panic, r=Mark-Simulacrum
memory access sanity checks: abort instead of panic Suggested by @Mark-Simulacrum, this should help reduce the performance impact of these checks.
Diffstat (limited to 'src/libcore/ptr')
| -rw-r--r-- | src/libcore/ptr/mod.rs | 28 |
1 files changed, 21 insertions, 7 deletions
diff --git a/src/libcore/ptr/mod.rs b/src/libcore/ptr/mod.rs index 172b23a8d5a..ca2b0c85ec1 100644 --- a/src/libcore/ptr/mod.rs +++ b/src/libcore/ptr/mod.rs @@ -70,7 +70,7 @@ use crate::cmp::Ordering; use crate::fmt; use crate::hash; -use crate::intrinsics::{self, is_aligned_and_not_null, is_nonoverlapping}; +use crate::intrinsics::{self, abort, is_aligned_and_not_null, is_nonoverlapping}; use crate::mem::{self, MaybeUninit}; #[stable(feature = "rust1", since = "1.0.0")] @@ -420,9 +420,14 @@ pub unsafe fn swap<T>(x: *mut T, y: *mut T) { #[inline] #[stable(feature = "swap_nonoverlapping", since = "1.27.0")] pub unsafe fn swap_nonoverlapping<T>(x: *mut T, y: *mut T, count: usize) { - debug_assert!(is_aligned_and_not_null(x), "attempt to swap unaligned or null pointer"); - debug_assert!(is_aligned_and_not_null(y), "attempt to swap unaligned or null pointer"); - debug_assert!(is_nonoverlapping(x, y, count), "attempt to swap overlapping memory"); + if cfg!(debug_assertions) + && !(is_aligned_and_not_null(x) + && is_aligned_and_not_null(y) + && is_nonoverlapping(x, y, count)) + { + // Not panicking to keep codegen impact smaller. + abort(); + } let x = x as *mut u8; let y = y as *mut u8; @@ -838,7 +843,10 @@ pub unsafe fn read_unaligned<T>(src: *const T) -> T { #[inline] #[stable(feature = "rust1", since = "1.0.0")] pub unsafe fn write<T>(dst: *mut T, src: T) { - debug_assert!(is_aligned_and_not_null(dst), "attempt to write to unaligned or null pointer"); + if cfg!(debug_assertions) && !is_aligned_and_not_null(dst) { + // Not panicking to keep codegen impact smaller. + abort(); + } intrinsics::move_val_init(&mut *dst, src) } @@ -1003,7 +1011,10 @@ pub unsafe fn write_unaligned<T>(dst: *mut T, src: T) { #[inline] #[stable(feature = "volatile", since = "1.9.0")] pub unsafe fn read_volatile<T>(src: *const T) -> T { - debug_assert!(is_aligned_and_not_null(src), "attempt to read from unaligned or null pointer"); + if cfg!(debug_assertions) && !is_aligned_and_not_null(src) { + // Not panicking to keep codegen impact smaller. + abort(); + } intrinsics::volatile_load(src) } @@ -1072,7 +1083,10 @@ pub unsafe fn read_volatile<T>(src: *const T) -> T { #[inline] #[stable(feature = "volatile", since = "1.9.0")] pub unsafe fn write_volatile<T>(dst: *mut T, src: T) { - debug_assert!(is_aligned_and_not_null(dst), "attempt to write to unaligned or null pointer"); + if cfg!(debug_assertions) && !is_aligned_and_not_null(dst) { + // Not panicking to keep codegen impact smaller. + abort(); + } intrinsics::volatile_store(dst, src); } |