mikros/rust
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Rollup merge of #72431 - RalfJung:ub-warning, r=shepmaster

Browse Source 
add warning sign to UB examples

Just to make it less likely that people miss the fact that these are examples for how to *not* do it.
This commit is contained in:
Dylan DPC 2020-05-23 19:09:58 +02:00 committed by GitHub
commit d5e3009bd8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 13 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
src/libcore/mem/maybe_uninit.rs
View File

@ -20,9 +20,9 @@
/// # #![allow(invalid_value)]
/// use std::mem::{self, MaybeUninit};
///
/// let x: &i32 = unsafe { mem::zeroed() }; // undefined behavior!
/// let x: &i32 = unsafe { mem::zeroed() }; // undefined behavior! ⚠️
/// // The equivalent code with `MaybeUninit<&i32>`:
/// let x: &i32 = unsafe { MaybeUninit::zeroed().assume_init() }; // undefined behavior!
/// let x: &i32 = unsafe { MaybeUninit::zeroed().assume_init() }; // undefined behavior! ⚠️
/// ```
///
/// This is exploited by the compiler for various optimizations, such as eliding
@ -35,9 +35,9 @@
/// # #![allow(invalid_value)]
/// use std::mem::{self, MaybeUninit};
///
/// let b: bool = unsafe { mem::uninitialized() }; // undefined behavior!
/// let b: bool = unsafe { mem::uninitialized() }; // undefined behavior! ⚠️
/// // The equivalent code with `MaybeUninit<bool>`:
/// let b: bool = unsafe { MaybeUninit::uninit().assume_init() }; // undefined behavior!
/// let b: bool = unsafe { MaybeUninit::uninit().assume_init() }; // undefined behavior! ⚠️
/// ```
///
/// Moreover, uninitialized memory is special in that the compiler knows that
@ -49,9 +49,9 @@
/// # #![allow(invalid_value)]
/// use std::mem::{self, MaybeUninit};
///
/// let x: i32 = unsafe { mem::uninitialized() }; // undefined behavior!
/// let x: i32 = unsafe { mem::uninitialized() }; // undefined behavior! ⚠️
/// // The equivalent code with `MaybeUninit<i32>`:
/// let x: i32 = unsafe { MaybeUninit::uninit().assume_init() }; // undefined behavior!
/// let x: i32 = unsafe { MaybeUninit::uninit().assume_init() }; // undefined behavior! ⚠️
/// ```
/// (Notice that the rules around uninitialized integers are not finalized yet, but
/// until they are, it is advisable to avoid them.)
@ -348,7 +348,7 @@ pub const fn uninit() -> MaybeUninit<T> {
/// let x = MaybeUninit::<(u8, NotZero)>::zeroed();
/// let x = unsafe { x.assume_init() };
/// // Inside a pair, we create a `NotZero` that does not have a valid discriminant.
/// // This is undefined behavior.
/// // This is undefined behavior. ⚠️
/// ```
#[stable(feature = "maybe_uninit", since = "1.36.0")]
#[inline]
@ -400,7 +400,7 @@ pub fn write(&mut self, val: T) -> &mut T {
///
/// let x = MaybeUninit::<Vec<u32>>::uninit();
/// let x_vec = unsafe { &*x.as_ptr() };
/// // We have created a reference to an uninitialized vector! This is undefined behavior.
/// // We have created a reference to an uninitialized vector! This is undefined behavior. ⚠️
/// ```
///
/// (Notice that the rules around references to uninitialized data are not finalized yet, but
@ -437,7 +437,7 @@ pub fn as_ptr(&self) -> *const T {
///
/// let mut x = MaybeUninit::<Vec<u32>>::uninit();
/// let x_vec = unsafe { &mut *x.as_mut_ptr() };
/// // We have created a reference to an uninitialized vector! This is undefined behavior.
/// // We have created a reference to an uninitialized vector! This is undefined behavior. ⚠️
/// ```
///
/// (Notice that the rules around references to uninitialized data are not finalized yet, but
@ -489,7 +489,7 @@ pub fn as_mut_ptr(&mut self) -> *mut T {
///
/// let x = MaybeUninit::<Vec<u32>>::uninit();
/// let x_init = unsafe { x.assume_init() };
/// // `x` had not been initialized yet, so this last line caused undefined behavior.
/// // `x` had not been initialized yet, so this last line caused undefined behavior. ⚠️
/// ```
#[stable(feature = "maybe_uninit", since = "1.36.0")]
#[inline(always)]
@ -553,7 +553,7 @@ pub unsafe fn assume_init(self) -> T {
/// x.write(Some(vec![0,1,2]));
/// let x1 = unsafe { x.read() };
/// let x2 = unsafe { x.read() };
/// // We now created two copies of the same vector, leading to a double-free when
/// // We now created two copies of the same vector, leading to a double-free ⚠️ when
/// // they both get dropped!
/// ```
#[unstable(feature = "maybe_uninit_extra", issue = "63567")]
@ -603,7 +603,7 @@ pub unsafe fn read(&self) -> T {
///
/// let x = MaybeUninit::<Vec<u32>>::uninit();
/// let x_vec: &Vec<u32> = unsafe { x.get_ref() };
/// // We have created a reference to an uninitialized vector! This is undefined behavior.
/// // We have created a reference to an uninitialized vector! This is undefined behavior. ⚠️
/// ```
///
/// ```rust,no_run
@ -686,7 +686,7 @@ pub unsafe fn get_ref(&self) -> &T {
/// unsafe {
/// *b.get_mut() = true;
/// // We have created a (mutable) reference to an uninitialized `bool`!
/// // This is undefined behavior.
/// // This is undefined behavior. ⚠️
/// }
/// ```
///