bjoernager/rust
bjoernager/rust
1
Fork 0
Code Activity

Add #[rustc_never_returns_null_ptr] to std functions

Browse source 
Add the attribute to standard library functions that
are guaranteed to never return null pointers, as their
originating data wouldn't allow it.
This commit is contained in:
est31 2023-08-05 14:01:56 +02:00
parent 8cfa4fe6b2
commit 33970db8c6
10 changed files with 22 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

2
library/alloc/src/rc.rs
View file

@ -1304,6 +1304,7 @@ impl<T: ?Sized, A: Allocator> Rc<T, A> {
/// assert_eq!(unsafe { &*x_ptr }, "hello"); /// assert_eq!(unsafe { &*x_ptr }, "hello");
/// ``` /// ```
#[stable(feature = "rc_raw", since = "1.17.0")] #[stable(feature = "rc_raw", since = "1.17.0")]
#[cfg_attr(not(bootstrap), rustc_never_returns_null_ptr)]
pub fn into_raw(this: Self) -> *const T { pub fn into_raw(this: Self) -> *const T {
let ptr = Self::as_ptr(&this); let ptr = Self::as_ptr(&this);
mem::forget(this); mem::forget(this);
@ -1327,6 +1328,7 @@ impl<T: ?Sized, A: Allocator> Rc<T, A> {
/// assert_eq!(unsafe { &*x_ptr }, "hello"); /// assert_eq!(unsafe { &*x_ptr }, "hello");
/// ``` /// ```
#[stable(feature = "weak_into_raw", since = "1.45.0")] #[stable(feature = "weak_into_raw", since = "1.45.0")]
#[cfg_attr(not(bootstrap), rustc_never_returns_null_ptr)]
pub fn as_ptr(this: &Self) -> *const T { pub fn as_ptr(this: &Self) -> *const T {
let ptr: *mut RcBox<T> = NonNull::as_ptr(this.ptr); let ptr: *mut RcBox<T> = NonNull::as_ptr(this.ptr);

2
library/alloc/src/sync.rs
View file

@ -1455,6 +1455,7 @@ impl<T: ?Sized, A: Allocator> Arc<T, A> {
/// ``` /// ```
#[must_use = "losing the pointer will leak memory"] #[must_use = "losing the pointer will leak memory"]
#[stable(feature = "rc_raw", since = "1.17.0")] #[stable(feature = "rc_raw", since = "1.17.0")]
#[cfg_attr(not(bootstrap), rustc_never_returns_null_ptr)]
pub fn into_raw(this: Self) -> *const T { pub fn into_raw(this: Self) -> *const T {
let ptr = Self::as_ptr(&this); let ptr = Self::as_ptr(&this);
mem::forget(this); mem::forget(this);
@ -1479,6 +1480,7 @@ impl<T: ?Sized, A: Allocator> Arc<T, A> {
/// ``` /// ```
#[must_use] #[must_use]
#[stable(feature = "rc_as_ptr", since = "1.45.0")] #[stable(feature = "rc_as_ptr", since = "1.45.0")]
#[cfg_attr(not(bootstrap), rustc_never_returns_null_ptr)]
pub fn as_ptr(this: &Self) -> *const T { pub fn as_ptr(this: &Self) -> *const T {
let ptr: *mut ArcInner<T> = NonNull::as_ptr(this.ptr); let ptr: *mut ArcInner<T> = NonNull::as_ptr(this.ptr);

2
library/alloc/src/vec/mod.rs
View file

@ -1233,6 +1233,7 @@ impl<T, A: Allocator> Vec<T, A> {
/// ///
/// [`as_mut_ptr`]: Vec::as_mut_ptr /// [`as_mut_ptr`]: Vec::as_mut_ptr
#[stable(feature = "vec_as_ptr", since = "1.37.0")] #[stable(feature = "vec_as_ptr", since = "1.37.0")]
#[cfg_attr(not(bootstrap), rustc_never_returns_null_ptr)]
#[inline] #[inline]
pub fn as_ptr(&self) -> *const T { pub fn as_ptr(&self) -> *const T {
// We shadow the slice method of the same name to avoid going through // We shadow the slice method of the same name to avoid going through
@ -1266,6 +1267,7 @@ impl<T, A: Allocator> Vec<T, A> {
/// assert_eq!(&*x, &[0, 1, 2, 3]); /// assert_eq!(&*x, &[0, 1, 2, 3]);
/// ``` /// ```
#[stable(feature = "vec_as_ptr", since = "1.37.0")] #[stable(feature = "vec_as_ptr", since = "1.37.0")]
#[cfg_attr(not(bootstrap), rustc_never_returns_null_ptr)]
#[inline] #[inline]
pub fn as_mut_ptr(&mut self) -> *mut T { pub fn as_mut_ptr(&mut self) -> *mut T {
// We shadow the slice method of the same name to avoid going through // We shadow the slice method of the same name to avoid going through

4
library/core/src/cell.rs
View file

@ -543,6 +543,7 @@ impl<T: ?Sized> Cell<T> {
#[inline] #[inline]
#[stable(feature = "cell_as_ptr", since = "1.12.0")] #[stable(feature = "cell_as_ptr", since = "1.12.0")]
#[rustc_const_stable(feature = "const_cell_as_ptr", since = "1.32.0")] #[rustc_const_stable(feature = "const_cell_as_ptr", since = "1.32.0")]
#[cfg_attr(not(bootstrap), rustc_never_returns_null_ptr)]
pub const fn as_ptr(&self) -> *mut T { pub const fn as_ptr(&self) -> *mut T {
self.value.get() self.value.get()
} }
@ -1076,6 +1077,7 @@ impl<T: ?Sized> RefCell<T> {
/// ``` /// ```
#[inline] #[inline]
#[stable(feature = "cell_as_ptr", since = "1.12.0")] #[stable(feature = "cell_as_ptr", since = "1.12.0")]
#[cfg_attr(not(bootstrap), rustc_never_returns_null_ptr)]
pub fn as_ptr(&self) -> *mut T { pub fn as_ptr(&self) -> *mut T {
self.value.get() self.value.get()
} }
@ -2071,6 +2073,7 @@ impl<T: ?Sized> UnsafeCell<T> {
#[inline(always)] #[inline(always)]
#[stable(feature = "rust1", since = "1.0.0")] #[stable(feature = "rust1", since = "1.0.0")]
#[rustc_const_stable(feature = "const_unsafecell_get", since = "1.32.0")] #[rustc_const_stable(feature = "const_unsafecell_get", since = "1.32.0")]
#[cfg_attr(not(bootstrap), rustc_never_returns_null_ptr)]
pub const fn get(&self) -> *mut T { pub const fn get(&self) -> *mut T {
// We can just cast the pointer from `UnsafeCell<T>` to `T` because of // We can just cast the pointer from `UnsafeCell<T>` to `T` because of
// #[repr(transparent)]. This exploits std's special status, there is // #[repr(transparent)]. This exploits std's special status, there is
@ -2213,6 +2216,7 @@ impl<T: ?Sized> SyncUnsafeCell<T> {
/// when casting to `&mut T`, and ensure that there are no mutations /// when casting to `&mut T`, and ensure that there are no mutations
/// or mutable aliases going on when casting to `&T` /// or mutable aliases going on when casting to `&T`
#[inline] #[inline]
#[cfg_attr(not(bootstrap), rustc_never_returns_null_ptr)]
pub const fn get(&self) -> *mut T { pub const fn get(&self) -> *mut T {
self.value.get() self.value.get()
} }

1
library/core/src/ffi/c_str.rs
View file

@ -509,6 +509,7 @@ impl CStr {
#[must_use] #[must_use]
#[stable(feature = "rust1", since = "1.0.0")] #[stable(feature = "rust1", since = "1.0.0")]
#[rustc_const_stable(feature = "const_str_as_ptr", since = "1.32.0")] #[rustc_const_stable(feature = "const_str_as_ptr", since = "1.32.0")]
#[cfg_attr(not(bootstrap), rustc_never_returns_null_ptr)]
pub const fn as_ptr(&self) -> *const c_char { pub const fn as_ptr(&self) -> *const c_char {
self.inner.as_ptr() self.inner.as_ptr()
} }

2
library/core/src/ptr/mod.rs
View file

@ -698,6 +698,7 @@ where
#[inline(always)] #[inline(always)]
#[must_use] #[must_use]
#[unstable(feature = "ptr_from_ref", issue = "106116")] #[unstable(feature = "ptr_from_ref", issue = "106116")]
#[cfg_attr(not(bootstrap), rustc_never_returns_null_ptr)]
#[rustc_diagnostic_item = "ptr_from_ref"] #[rustc_diagnostic_item = "ptr_from_ref"]
pub const fn from_ref<T: ?Sized>(r: &T) -> *const T { pub const fn from_ref<T: ?Sized>(r: &T) -> *const T {
r r
@ -710,6 +711,7 @@ pub const fn from_ref<T: ?Sized>(r: &T) -> *const T {
#[inline(always)] #[inline(always)]
#[must_use] #[must_use]
#[unstable(feature = "ptr_from_ref", issue = "106116")] #[unstable(feature = "ptr_from_ref", issue = "106116")]
#[cfg_attr(not(bootstrap), rustc_never_returns_null_ptr)]
#[rustc_diagnostic_item = "ptr_from_mut"] #[rustc_diagnostic_item = "ptr_from_mut"]
pub const fn from_mut<T: ?Sized>(r: &mut T) -> *mut T { pub const fn from_mut<T: ?Sized>(r: &mut T) -> *mut T {
r r

2
library/core/src/ptr/non_null.rs
View file

@ -320,6 +320,7 @@ impl<T: ?Sized> NonNull<T> {
/// ``` /// ```
#[stable(feature = "nonnull", since = "1.25.0")] #[stable(feature = "nonnull", since = "1.25.0")]
#[rustc_const_stable(feature = "const_nonnull_as_ptr", since = "1.32.0")] #[rustc_const_stable(feature = "const_nonnull_as_ptr", since = "1.32.0")]
#[cfg_attr(not(bootstrap), rustc_never_returns_null_ptr)]
#[must_use] #[must_use]
#[inline(always)] #[inline(always)]
pub const fn as_ptr(self) -> *mut T { pub const fn as_ptr(self) -> *mut T {
@ -579,6 +580,7 @@ impl<T> NonNull<[T]> {
#[must_use] #[must_use]
#[unstable(feature = "slice_ptr_get", issue = "74265")] #[unstable(feature = "slice_ptr_get", issue = "74265")]
#[rustc_const_unstable(feature = "slice_ptr_get", issue = "74265")] #[rustc_const_unstable(feature = "slice_ptr_get", issue = "74265")]
#[cfg_attr(not(bootstrap), rustc_never_returns_null_ptr)]
pub const fn as_mut_ptr(self) -> *mut T { pub const fn as_mut_ptr(self) -> *mut T {
self.as_non_null_ptr().as_ptr() self.as_non_null_ptr().as_ptr()
} }

2
library/core/src/slice/mod.rs
View file

@ -730,6 +730,7 @@ impl<T> [T] {
/// [`as_mut_ptr`]: slice::as_mut_ptr /// [`as_mut_ptr`]: slice::as_mut_ptr
#[stable(feature = "rust1", since = "1.0.0")] #[stable(feature = "rust1", since = "1.0.0")]
#[rustc_const_stable(feature = "const_slice_as_ptr", since = "1.32.0")] #[rustc_const_stable(feature = "const_slice_as_ptr", since = "1.32.0")]
#[cfg_attr(not(bootstrap), rustc_never_returns_null_ptr)]
#[inline(always)] #[inline(always)]
#[must_use] #[must_use]
pub const fn as_ptr(&self) -> *const T { pub const fn as_ptr(&self) -> *const T {
@ -760,6 +761,7 @@ impl<T> [T] {
#[stable(feature = "rust1", since = "1.0.0")] #[stable(feature = "rust1", since = "1.0.0")]
#[rustc_const_stable(feature = "const_ptr_offset", since = "1.61.0")] #[rustc_const_stable(feature = "const_ptr_offset", since = "1.61.0")]
#[rustc_allow_const_fn_unstable(const_mut_refs)] #[rustc_allow_const_fn_unstable(const_mut_refs)]
#[cfg_attr(not(bootstrap), rustc_never_returns_null_ptr)]
#[inline(always)] #[inline(always)]
#[must_use] #[must_use]
pub const fn as_mut_ptr(&mut self) -> *mut T { pub const fn as_mut_ptr(&mut self) -> *mut T {

2
library/core/src/str/mod.rs
View file

@ -387,6 +387,7 @@ impl str {
/// ``` /// ```
#[stable(feature = "rust1", since = "1.0.0")] #[stable(feature = "rust1", since = "1.0.0")]
#[rustc_const_stable(feature = "rustc_str_as_ptr", since = "1.32.0")] #[rustc_const_stable(feature = "rustc_str_as_ptr", since = "1.32.0")]
#[cfg_attr(not(bootstrap), rustc_never_returns_null_ptr)]
#[must_use] #[must_use]
#[inline(always)] #[inline(always)]
pub const fn as_ptr(&self) -> *const u8 { pub const fn as_ptr(&self) -> *const u8 {
@ -402,6 +403,7 @@ impl str {
/// It is your responsibility to make sure that the string slice only gets /// It is your responsibility to make sure that the string slice only gets
/// modified in a way that it remains valid UTF-8. /// modified in a way that it remains valid UTF-8.
#[stable(feature = "str_as_mut_ptr", since = "1.36.0")] #[stable(feature = "str_as_mut_ptr", since = "1.36.0")]
#[cfg_attr(not(bootstrap), rustc_never_returns_null_ptr)]
#[must_use] #[must_use]
#[inline(always)] #[inline(always)]
pub fn as_mut_ptr(&mut self) -> *mut u8 { pub fn as_mut_ptr(&mut self) -> *mut u8 {

3
library/core/src/sync/atomic.rs
View file

@ -1018,6 +1018,7 @@ impl AtomicBool {
#[inline] #[inline]
#[stable(feature = "atomic_as_ptr", since = "1.70.0")] #[stable(feature = "atomic_as_ptr", since = "1.70.0")]
#[rustc_const_stable(feature = "atomic_as_ptr", since = "1.70.0")] #[rustc_const_stable(feature = "atomic_as_ptr", since = "1.70.0")]
#[cfg_attr(not(bootstrap), rustc_never_returns_null_ptr)]
pub const fn as_ptr(&self) -> *mut bool { pub const fn as_ptr(&self) -> *mut bool {
self.v.get().cast() self.v.get().cast()
} }
@ -1953,6 +1954,7 @@ impl<T> AtomicPtr<T> {
#[inline] #[inline]
#[stable(feature = "atomic_as_ptr", since = "1.70.0")] #[stable(feature = "atomic_as_ptr", since = "1.70.0")]
#[rustc_const_stable(feature = "atomic_as_ptr", since = "1.70.0")] #[rustc_const_stable(feature = "atomic_as_ptr", since = "1.70.0")]
#[cfg_attr(not(bootstrap), rustc_never_returns_null_ptr)]
pub const fn as_ptr(&self) -> *mut *mut T { pub const fn as_ptr(&self) -> *mut *mut T {
self.p.get() self.p.get()
} }
@ -2891,6 +2893,7 @@ macro_rules! atomic_int {
#[inline] #[inline]
#[stable(feature = "atomic_as_ptr", since = "1.70.0")] #[stable(feature = "atomic_as_ptr", since = "1.70.0")]
#[rustc_const_stable(feature = "atomic_as_ptr", since = "1.70.0")] #[rustc_const_stable(feature = "atomic_as_ptr", since = "1.70.0")]
#[cfg_attr(not(bootstrap), rustc_never_returns_null_ptr)]
pub const fn as_ptr(&self) -> *mut $int_type { pub const fn as_ptr(&self) -> *mut $int_type {
self.v.get() self.v.get()
} }