2014-04-20 22:07:55 -05:00
|
|
|
// Copyright 2012-2014 The Rust Project Developers. See the COPYRIGHT
|
2012-12-03 18:48:01 -06:00
|
|
|
// file at the top-level directory of this distribution and at
|
|
|
|
|
// http://rust-lang.org/COPYRIGHT.
|
|
|
|
|
//
|
|
|
|
|
// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
|
|
|
|
|
// http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
|
|
|
|
|
// <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your
|
|
|
|
|
// option. This file may not be copied, modified, or distributed
|
|
|
|
|
// except according to those terms.
|
|
|
|
|
|
2013-03-24 20:59:04 -05:00
|
|
|
//! Unsafe casting functions
|
|
|
|
|
|
2013-10-16 20:34:01 -05:00
|
|
|
use mem;
|
2014-02-16 01:49:08 -06:00
|
|
|
use intrinsics;
|
2013-11-03 15:54:58 -06:00
|
|
|
use ptr::copy_nonoverlapping_memory;
|
2011-12-13 18:25:51 -06:00
|
|
|
|
2013-05-28 16:35:52 -05:00
|
|
|
/// Casts the value at `src` to U. The two types must have the same length.
|
2013-06-18 16:45:18 -05:00
|
|
|
#[inline]
|
2013-05-25 10:43:11 -05:00
|
|
|
pub unsafe fn transmute_copy<T, U>(src: &T) -> U {
|
2014-02-08 04:46:55 -06:00
|
|
|
let mut dest: U = mem::uninit();
|
2013-05-25 10:43:11 -05:00
|
|
|
let dest_ptr: *mut u8 = transmute(&mut dest);
|
|
|
|
|
let src_ptr: *u8 = transmute(src);
|
2013-11-03 15:54:58 -06:00
|
|
|
copy_nonoverlapping_memory(dest_ptr, src_ptr, mem::size_of::<U>());
|
2013-05-25 10:43:11 -05:00
|
|
|
dest
|
|
|
|
|
}
|
|
|
|
|
|
2012-07-04 16:53:12 -05:00
|
|
|
/**
|
|
|
|
|
* Move a thing into the void
|
|
|
|
|
*
|
|
|
|
|
* The forget function will take ownership of the provided value but neglect
|
2014-04-20 20:54:16 -05:00
|
|
|
* to run any required cleanup or memory-management operations on it.
|
2012-07-04 16:53:12 -05:00
|
|
|
*/
|
2013-06-18 16:45:18 -05:00
|
|
|
#[inline]
|
2013-05-09 14:49:14 -05:00
|
|
|
pub unsafe fn forget<T>(thing: T) { intrinsics::forget(thing); }
|
2012-01-17 19:28:21 -06:00
|
|
|
|
2012-07-04 16:53:12 -05:00
|
|
|
/**
|
|
|
|
|
* Force-increment the reference count on a shared box. If used
|
2013-06-15 17:22:22 -05:00
|
|
|
* carelessly, this can leak the box.
|
2012-07-04 16:53:12 -05:00
|
|
|
*/
|
2013-06-18 16:45:18 -05:00
|
|
|
#[inline]
|
2013-02-15 02:51:28 -06:00
|
|
|
pub unsafe fn bump_box_refcount<T>(t: @T) { forget(t); }
|
2012-06-27 12:11:57 -05:00
|
|
|
|
2012-07-04 16:53:12 -05:00
|
|
|
/**
|
|
|
|
|
* Transform a value of one type into a value of another type.
|
|
|
|
|
* Both types must have the same size and alignment.
|
|
|
|
|
*
|
|
|
|
|
* # Example
|
|
|
|
|
*
|
2013-09-23 19:20:36 -05:00
|
|
|
* ```rust
|
2013-12-22 15:31:23 -06:00
|
|
|
* use std::cast;
|
|
|
|
|
*
|
|
|
|
|
* let v: &[u8] = unsafe { cast::transmute("L") };
|
2013-08-22 14:06:41 -05:00
|
|
|
* assert!(v == [76u8]);
|
2013-09-23 19:20:36 -05:00
|
|
|
* ```
|
2012-07-04 16:53:12 -05:00
|
|
|
*/
|
2013-06-18 16:45:18 -05:00
|
|
|
#[inline]
|
2013-04-22 18:22:36 -05:00
|
|
|
pub unsafe fn transmute<L, G>(thing: L) -> G {
|
2013-05-09 14:49:14 -05:00
|
|
|
intrinsics::transmute(thing)
|
2013-04-22 18:22:36 -05:00
|
|
|
}
|
|
|
|
|
|
2012-08-14 12:32:41 -05:00
|
|
|
/// Coerce an immutable reference to be mutable.
|
2013-06-18 16:45:18 -05:00
|
|
|
#[inline]
|
std: deprecate cast::transmute_mut.
Turning a `&T` into an `&mut T` carries a large risk of undefined
behaviour, and needs to be done very very carefully. Providing a
convenience function for exactly this task is a bad idea, just tempting
people into doing the wrong thing.
The right thing is to use types like `Cell`, `RefCell` or `Unsafe`.
For memory safety, Rust has that guarantee that `&mut` pointers do not
alias with any other pointer, that is, if you have a `&mut T` then that
is the only usable pointer to that `T`. This allows Rust to assume that
writes through a `&mut T` do not affect the values of any other `&` or
`&mut` references. `&` pointers have no guarantees about aliasing or
not, so it's entirely possible for the same pointer to be passed into
both arguments of a function like
fn foo(x: &int, y: &int) { ... }
Converting either of `x` or `y` to a `&mut` pointer and modifying it
would affect the other value: invalid behaviour.
(Similarly, it's undefined behaviour to modify the value of an immutable
local, like `let x = 1;`.)
At a low-level, the *only* safe way to obtain an `&mut` out of a `&` is
using the `Unsafe` type (there are higher level wrappers around it, like
`Cell`, `RefCell`, `Mutex` etc.). The `Unsafe` type is registered with
the compiler so that it can reason a little about these `&` to `&mut`
casts, but it is still up to the user to ensure that the `&mut`s
obtained out of an `Unsafe` never alias.
(Note that *any* conversion from `&` to `&mut` can be invalid, including
a plain `transmute`, or casting `&T` -> `*T` -> `*mut T` -> `&mut T`.)
[breaking-change]
2014-05-04 08:17:37 -05:00
|
|
|
#[deprecated="casting &T to &mut T is undefined behaviour: use Cell<T>, RefCell<T> or Unsafe<T>"]
|
2013-03-25 15:21:04 -05:00
|
|
|
pub unsafe fn transmute_mut<'a,T>(ptr: &'a T) -> &'a mut T { transmute(ptr) }
|
2012-08-27 18:08:17 -05:00
|
|
|
|
2014-04-13 16:23:17 -05:00
|
|
|
/// Coerce a reference to have an arbitrary associated lifetime.
|
2013-06-18 16:45:18 -05:00
|
|
|
#[inline]
|
2014-04-13 16:23:17 -05:00
|
|
|
pub unsafe fn transmute_lifetime<'a,'b,T>(ptr: &'a T) -> &'b T {
|
2013-03-25 15:21:04 -05:00
|
|
|
transmute(ptr)
|
|
|
|
|
}
|
2012-08-27 18:08:17 -05:00
|
|
|
|
2012-09-12 12:38:17 -05:00
|
|
|
/// Coerce an immutable reference to be mutable.
|
2013-06-18 16:45:18 -05:00
|
|
|
#[inline]
|
2014-01-31 16:01:59 -06:00
|
|
|
pub unsafe fn transmute_mut_unsafe<T>(ptr: *T) -> *mut T {
|
2012-09-26 17:24:31 -05:00
|
|
|
transmute(ptr)
|
|
|
|
|
}
|
2012-09-12 12:38:17 -05:00
|
|
|
|
2014-04-13 16:23:17 -05:00
|
|
|
/// Coerce a mutable reference to have an arbitrary associated lifetime.
|
2013-06-18 16:45:18 -05:00
|
|
|
#[inline]
|
2014-04-13 16:23:17 -05:00
|
|
|
pub unsafe fn transmute_mut_lifetime<'a,'b,T>(ptr: &'a mut T) -> &'b mut T {
|
2013-02-15 02:51:28 -06:00
|
|
|
transmute(ptr)
|
2012-08-14 12:32:41 -05:00
|
|
|
}
|
|
|
|
|
|
2012-08-27 18:08:17 -05:00
|
|
|
/// Transforms lifetime of the second pointer to match the first.
|
2013-06-18 16:45:18 -05:00
|
|
|
#[inline]
|
2013-03-25 15:21:04 -05:00
|
|
|
pub unsafe fn copy_lifetime<'a,S,T>(_ptr: &'a S, ptr: &T) -> &'a T {
|
2014-04-13 16:23:17 -05:00
|
|
|
transmute_lifetime(ptr)
|
2012-08-27 18:08:17 -05:00
|
|
|
}
|
|
|
|
|
|
2013-05-08 14:03:39 -05:00
|
|
|
/// Transforms lifetime of the second pointer to match the first.
|
2013-06-18 16:45:18 -05:00
|
|
|
#[inline]
|
2013-05-08 14:03:39 -05:00
|
|
|
pub unsafe fn copy_mut_lifetime<'a,S,T>(_ptr: &'a mut S, ptr: &mut T) -> &'a mut T {
|
2014-04-13 16:23:17 -05:00
|
|
|
transmute_mut_lifetime(ptr)
|
2013-05-08 14:03:39 -05:00
|
|
|
}
|
|
|
|
|
|
2012-09-12 12:38:17 -05:00
|
|
|
/// Transforms lifetime of the second pointer to match the first.
|
2013-06-18 16:45:18 -05:00
|
|
|
#[inline]
|
2013-03-25 15:21:04 -05:00
|
|
|
pub unsafe fn copy_lifetime_vec<'a,S,T>(_ptr: &'a [S], ptr: &T) -> &'a T {
|
2014-04-13 16:23:17 -05:00
|
|
|
transmute_lifetime(ptr)
|
2012-09-12 12:38:17 -05:00
|
|
|
}
|
|
|
|
|
|
2012-08-27 18:08:17 -05:00
|
|
|
|
2012-08-10 17:20:03 -05:00
|
|
|
/****************************************************************************
|
|
|
|
|
* Tests
|
|
|
|
|
****************************************************************************/
|
|
|
|
|
|
2012-01-17 19:28:21 -06:00
|
|
|
#[cfg(test)]
|
2013-04-15 10:08:52 -05:00
|
|
|
mod tests {
|
2013-04-22 19:34:42 -05:00
|
|
|
use cast::{bump_box_refcount, transmute};
|
2014-02-16 02:04:33 -06:00
|
|
|
use raw;
|
2014-05-01 20:06:59 -05:00
|
|
|
use realstd::str::StrAllocating;
|
2013-01-08 21:37:25 -06:00
|
|
|
|
2012-01-17 19:28:21 -06:00
|
|
|
#[test]
|
2013-04-22 19:34:42 -05:00
|
|
|
fn test_transmute_copy() {
|
2013-05-18 21:02:45 -05:00
|
|
|
assert_eq!(1u, unsafe { ::cast::transmute_copy(&1) });
|
2012-01-17 19:28:21 -06:00
|
|
|
}
|
2012-06-08 01:36:34 -05:00
|
|
|
|
2012-06-27 12:11:57 -05:00
|
|
|
#[test]
|
2013-12-11 19:04:50 -06:00
|
|
|
fn test_bump_managed_refcount() {
|
2012-06-27 12:11:57 -05:00
|
|
|
unsafe {
|
2014-04-15 20:17:48 -05:00
|
|
|
let managed = @"box box box".to_owned(); // refcount 1
|
2013-12-14 16:53:20 -06:00
|
|
|
bump_box_refcount(managed); // refcount 2
|
2013-12-11 19:04:50 -06:00
|
|
|
let ptr: *int = transmute(managed); // refcount 2
|
2013-04-26 16:04:39 -05:00
|
|
|
let _box1: @~str = ::cast::transmute_copy(&ptr);
|
|
|
|
|
let _box2: @~str = ::cast::transmute_copy(&ptr);
|
2014-04-15 20:17:48 -05:00
|
|
|
assert!(*_box1 == "box box box".to_owned());
|
|
|
|
|
assert!(*_box2 == "box box box".to_owned());
|
2012-06-27 12:11:57 -05:00
|
|
|
// Will destroy _box1 and _box2. Without the bump, this would
|
|
|
|
|
// use-after-free. With too many bumps, it would leak.
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2012-06-08 01:36:34 -05:00
|
|
|
#[test]
|
2013-04-15 10:08:52 -05:00
|
|
|
fn test_transmute() {
|
2012-06-24 22:18:18 -05:00
|
|
|
unsafe {
|
2012-12-12 20:41:30 -06:00
|
|
|
let x = @100u8;
|
2013-07-21 19:20:52 -05:00
|
|
|
let x: *raw::Box<u8> = transmute(x);
|
2013-03-28 20:39:09 -05:00
|
|
|
assert!((*x).data == 100);
|
2013-02-15 02:51:28 -06:00
|
|
|
let _x: @int = transmute(x);
|
2012-06-24 22:18:18 -05:00
|
|
|
}
|
2012-06-08 01:36:34 -05:00
|
|
|
}
|
|
|
|
|
|
2013-08-04 15:22:56 -05:00
|
|
|
#[test]
|
|
|
|
|
fn test_transmute2() {
|
|
|
|
|
unsafe {
|
2014-04-25 03:08:02 -05:00
|
|
|
assert_eq!(box [76u8], transmute("L".to_owned()));
|
2013-08-04 15:22:56 -05:00
|
|
|
}
|
|
|
|
|
}
|
2012-01-17 19:28:21 -06:00
|
|
|
}
|
