Skip to content

Commit

Permalink
Rollup merge of rust-lang#104654 - thomcc:alloc-tests-unsafe_op_in_un…
Browse files Browse the repository at this point in the history
…safe_fn, r=Mark-Simulacrum

Add `#![deny(unsafe_op_in_unsafe_fn)]` in liballoc tests

In rust-lang#104647 (comment) it was mentioned that liballoc tests should probably have this enabled (we have it pretty much everywhere else in the stdlib), so I added it.

This will probably conflict with rust-lang#104647 so I'll rebase after that lands.
  • Loading branch information
matthiaskrgr authored Nov 25, 2022
2 parents 1ca5dce + 54a6d4e commit 5a31a74
Show file tree
Hide file tree
Showing 3 changed files with 38 additions and 7 deletions.
41 changes: 35 additions & 6 deletions library/alloc/tests/boxed.rs
Original file line number Diff line number Diff line change
Expand Up @@ -102,8 +102,18 @@ unsafe impl const Allocator for ConstAllocator {

let new_ptr = self.allocate(new_layout)?;
if new_layout.size() > 0 {
new_ptr.as_mut_ptr().copy_from_nonoverlapping(ptr.as_ptr(), old_layout.size());
self.deallocate(ptr, old_layout);
// Safety: `new_ptr` is valid for writes and `ptr` for reads of
// `old_layout.size()`, because `new_layout.size() >=
// old_layout.size()` (which is an invariant that must be upheld by
// callers).
unsafe {
new_ptr.as_mut_ptr().copy_from_nonoverlapping(ptr.as_ptr(), old_layout.size());
}
// Safety: `ptr` is never used again is also an invariant which must
// be upheld by callers.
unsafe {
self.deallocate(ptr, old_layout);
}
}
Ok(new_ptr)
}
Expand All @@ -114,12 +124,21 @@ unsafe impl const Allocator for ConstAllocator {
old_layout: Layout,
new_layout: Layout,
) -> Result<NonNull<[u8]>, AllocError> {
let new_ptr = self.grow(ptr, old_layout, new_layout)?;
// Safety: Invariants of `grow_zeroed` and `grow` are the same, and must
// be enforced by callers.
let new_ptr = unsafe { self.grow(ptr, old_layout, new_layout)? };
if new_layout.size() > 0 {
let old_size = old_layout.size();
let new_size = new_layout.size();
let raw_ptr = new_ptr.as_mut_ptr();
raw_ptr.add(old_size).write_bytes(0, new_size - old_size);
// Safety:
// - `grow` returned Ok, so the returned pointer must be valid for
// `new_size` bytes
// - `new_size` must be larger than `old_size`, which is an
// invariant which must be upheld by callers.
unsafe {
raw_ptr.add(old_size).write_bytes(0, new_size - old_size);
}
}
Ok(new_ptr)
}
Expand All @@ -137,8 +156,18 @@ unsafe impl const Allocator for ConstAllocator {

let new_ptr = self.allocate(new_layout)?;
if new_layout.size() > 0 {
new_ptr.as_mut_ptr().copy_from_nonoverlapping(ptr.as_ptr(), new_layout.size());
self.deallocate(ptr, old_layout);
// Safety: `new_ptr` and `ptr` are valid for reads/writes of
// `new_layout.size()` because of the invariants of shrink, which
// include `new_layout.size()` being smaller than (or equal to)
// `old_layout.size()`.
unsafe {
new_ptr.as_mut_ptr().copy_from_nonoverlapping(ptr.as_ptr(), new_layout.size());
}
// Safety: `ptr` is never used again is also an invariant which must
// be upheld by callers.
unsafe {
self.deallocate(ptr, old_layout);
}
}
Ok(new_ptr)
}
Expand Down
1 change: 1 addition & 0 deletions library/alloc/tests/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,7 @@
#![feature(once_cell)]
#![feature(drain_keep_rest)]
#![deny(fuzzy_provenance_casts)]
#![deny(unsafe_op_in_unsafe_fn)]

use std::collections::hash_map::DefaultHasher;
use std::hash::{Hash, Hasher};
Expand Down
3 changes: 2 additions & 1 deletion library/alloc/tests/vec.rs
Original file line number Diff line number Diff line change
Expand Up @@ -1089,7 +1089,8 @@ fn test_into_iter_drop_allocator() {
}

unsafe fn deallocate(&self, ptr: NonNull<u8>, layout: Layout) {
System.deallocate(ptr, layout)
// Safety: Invariants passed to caller.
unsafe { System.deallocate(ptr, layout) }
}
}

Expand Down

0 comments on commit 5a31a74

Please sign in to comment.