diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-30 18:31:44 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-30 18:31:44 +0000 |
commit | c23a457e72abe608715ac76f076f47dc42af07a5 (patch) | |
tree | 2772049aaf84b5c9d0ed12ec8d86812f7a7904b6 /library/core/src/intrinsics.rs | |
parent | Releasing progress-linux version 1.73.0+dfsg1-1~progress7.99u1. (diff) | |
download | rustc-c23a457e72abe608715ac76f076f47dc42af07a5.tar.xz rustc-c23a457e72abe608715ac76f076f47dc42af07a5.zip |
Merging upstream version 1.74.1+dfsg1.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'library/core/src/intrinsics.rs')
-rw-r--r-- | library/core/src/intrinsics.rs | 31 |
1 files changed, 11 insertions, 20 deletions
diff --git a/library/core/src/intrinsics.rs b/library/core/src/intrinsics.rs index 676d4f2f3..4c76662ac 100644 --- a/library/core/src/intrinsics.rs +++ b/library/core/src/intrinsics.rs @@ -1130,7 +1130,10 @@ extern "rust-intrinsic" { /// may lead to unexpected and unstable compilation results. This makes `transmute` **incredibly /// unsafe**. `transmute` should be the absolute last resort. /// - /// Transmuting pointers to integers in a `const` context is [undefined behavior][ub]. + /// Transmuting pointers *to* integers in a `const` context is [undefined behavior][ub], + /// unless the pointer was originally created *from* an integer. + /// (That includes this function specifically, integer-to-pointer casts, and helpers like [`invalid`][crate::ptr::invalid], + /// but also semantically-equivalent conversions such as punning through `repr(C)` union fields.) /// Any attempt to use the resulting value for integer operations will abort const-evaluation. /// (And even outside `const`, such transmutation is touching on many unspecified aspects of the /// Rust memory model and should be avoided. See below for alternatives.) @@ -2399,7 +2402,6 @@ extern "rust-intrinsic" { /// that differs. That allows optimizations that can read in large chunks. /// /// [valid]: crate::ptr#safety - #[cfg(not(bootstrap))] #[rustc_const_unstable(feature = "const_intrinsic_compare_bytes", issue = "none")] #[rustc_nounwind] pub fn compare_bytes(left: *const u8, right: *const u8, bytes: usize) -> i32; @@ -2568,7 +2570,7 @@ pub(crate) fn is_nonoverlapping<T>(src: *const T, dst: *const T, count: usize) - let size = mem::size_of::<T>() .checked_mul(count) .expect("is_nonoverlapping: `size_of::<T>() * count` overflows a usize"); - let diff = if src_usize > dst_usize { src_usize - dst_usize } else { dst_usize - src_usize }; + let diff = src_usize.abs_diff(dst_usize); // If the absolute distance between the ptrs is at least as big as the size of the buffer, // they do not overlap. diff >= size @@ -2705,9 +2707,13 @@ pub const unsafe fn copy_nonoverlapping<T>(src: *const T, dst: *mut T, count: us /// /// Behavior is undefined if any of the following conditions are violated: /// -/// * `src` must be [valid] for reads of `count * size_of::<T>()` bytes. +/// * `src` must be [valid] for reads of `count * size_of::<T>()` bytes, and must remain valid even +/// when `dst` is written for `count * size_of::<T>()` bytes. (This means if the memory ranges +/// overlap, the two pointers must not be subject to aliasing restrictions relative to each +/// other.) /// -/// * `dst` must be [valid] for writes of `count * size_of::<T>()` bytes. +/// * `dst` must be [valid] for writes of `count * size_of::<T>()` bytes, and must remain valid even +/// when `src` is read for `count * size_of::<T>()` bytes. /// /// * Both `src` and `dst` must be properly aligned. /// @@ -2844,18 +2850,3 @@ pub const unsafe fn write_bytes<T>(dst: *mut T, val: u8, count: usize) { write_bytes(dst, val, count) } } - -/// Backfill for bootstrap -#[cfg(bootstrap)] -pub unsafe fn compare_bytes(left: *const u8, right: *const u8, bytes: usize) -> i32 { - extern "C" { - fn memcmp(s1: *const u8, s2: *const u8, n: usize) -> crate::ffi::c_int; - } - - if bytes != 0 { - // SAFETY: Since bytes is non-zero, the caller has met `memcmp`'s requirements. - unsafe { memcmp(left, right, bytes).into() } - } else { - 0 - } -} |