mikros/rust
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Auto merge of #119892 - joboet:libs_use_assert_unchecked, r=Nilstrieb,cuviper

Browse Source 
Use `assert_unchecked` instead of `assume` intrinsic in the standard library

Now that a public wrapper for the `assume` intrinsic exists, we can use it in the standard library.

CC #119131
This commit is contained in:
bors 2024-01-23 06:45:58 +00:00
commit e35a56d96f
17 changed files with 32 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
library/alloc/src/alloc.rs
View File

@ -3,7 +3,7 @@
#![stable(feature = "alloc_module", since = "1.28.0")]
#[cfg(not(test))]
use core::intrinsics;
use core::hint;
#[cfg(not(test))]
use core::ptr::{self, NonNull};
@ -208,7 +208,7 @@ unsafe fn grow_impl(
let new_size = new_layout.size();
// `realloc` probably checks for `new_size >= old_layout.size()` or something similar.
intrinsics::assume(new_size >= old_layout.size());
hint::assert_unchecked(new_size >= old_layout.size());
let raw_ptr = realloc(ptr.as_ptr(), old_layout, new_size);
let ptr = NonNull::new(raw_ptr).ok_or(AllocError)?;
@ -299,7 +299,7 @@ unsafe fn shrink(
// SAFETY: `new_size` is non-zero. Other conditions must be upheld by the caller
new_size if old_layout.align() == new_layout.align() => unsafe {
// `realloc` probably checks for `new_size <= old_layout.size()` or something similar.
intrinsics::assume(new_size <= old_layout.size());
hint::assert_unchecked(new_size <= old_layout.size());
let raw_ptr = realloc(ptr.as_ptr(), old_layout, new_size);
let ptr = NonNull::new(raw_ptr).ok_or(AllocError)?;

1
library/alloc/src/lib.rs
View File

@ -129,6 +129,7 @@
#![feature(fmt_internals)]
#![feature(fn_traits)]
#![feature(hasher_prefixfree_extras)]
#![feature(hint_assert_unchecked)]
#![feature(inline_const)]
#![feature(inplace_iteration)]
#![feature(iter_advance_by)]

8
library/alloc/src/raw_vec.rs
View File

@ -2,7 +2,7 @@
use core::alloc::LayoutError;
use core::cmp;
use core::intrinsics;
use core::hint;
use core::mem::{self, ManuallyDrop, MaybeUninit, SizedTypeProperties};
use core::ptr::{self, NonNull, Unique};
use core::slice;
@ -325,7 +325,7 @@ pub fn try_reserve(&mut self, len: usize, additional: usize) -> Result<(), TryRe
}
unsafe {
// Inform the optimizer that the reservation has succeeded or wasn't needed
core::intrinsics::assume(!self.needs_to_grow(len, additional));
hint::assert_unchecked(!self.needs_to_grow(len, additional));
}
Ok(())
}
@ -363,7 +363,7 @@ pub fn try_reserve_exact(
}
unsafe {
// Inform the optimizer that the reservation has succeeded or wasn't needed
core::intrinsics::assume(!self.needs_to_grow(len, additional));
hint::assert_unchecked(!self.needs_to_grow(len, additional));
}
Ok(())
}
@ -514,7 +514,7 @@ fn finish_grow<A>(
debug_assert_eq!(old_layout.align(), new_layout.align());
unsafe {
// The allocator checks for alignment equality
intrinsics::assume(old_layout.align() == new_layout.align());
hint::assert_unchecked(old_layout.align() == new_layout.align());
alloc.grow(ptr, old_layout, new_layout)
}
} else {

5
library/alloc/src/rc.rs
View File

@ -252,6 +252,7 @@
use core::cmp::Ordering;
use core::fmt;
use core::hash::{Hash, Hasher};
use core::hint;
use core::intrinsics::abort;
#[cfg(not(no_global_oom_handling))]
use core::iter;
@ -3268,7 +3269,7 @@ fn inc_strong(&self) {
// SAFETY: The reference count will never be zero when this is
// called.
unsafe {
core::intrinsics::assume(strong != 0);
hint::assert_unchecked(strong != 0);
}
let strong = strong.wrapping_add(1);
@ -3301,7 +3302,7 @@ fn inc_weak(&self) {
// SAFETY: The reference count will never be zero when this is
// called.
unsafe {
core::intrinsics::assume(weak != 0);
hint::assert_unchecked(weak != 0);
}
let weak = weak.wrapping_add(1);

2
library/alloc/src/vec/mod.rs
View File

@ -1996,7 +1996,7 @@ pub fn pop(&mut self) -> Option<T> {
} else {
unsafe {
self.len -= 1;
core::intrinsics::assume(self.len < self.capacity());
core::hint::assert_unchecked(self.len < self.capacity());
Some(ptr::read(self.as_ptr().add(self.len())))
}
}

2
library/core/src/alloc/global.rs
View File

@ -110,7 +110,7 @@
/// ```rust,ignore (unsound and has placeholders)
/// drop(Box::new(42));
/// let number_of_heap_allocs = /* call private allocator API */;
/// unsafe { std::intrinsics::assume(number_of_heap_allocs > 0); }
/// unsafe { std::hint::assert_unchecked(number_of_heap_allocs > 0); }
/// ```
///
/// Note that the optimizations mentioned above are not the only

1
library/core/src/lib.rs
View File

@ -132,6 +132,7 @@
#![feature(const_fmt_arguments_new)]
#![feature(const_hash)]
#![feature(const_heap)]
#![feature(const_hint_assert_unchecked)]
#![feature(const_index_range_slice_index)]
#![feature(const_int_unchecked_arith)]
#![feature(const_intrinsic_forget)]

1
library/core/src/num/mod.rs
View File

@ -3,6 +3,7 @@
#![stable(feature = "rust1", since = "1.0.0")]
use crate::ascii;
use crate::hint;
use crate::intrinsics;
use crate::mem;
use crate::ops::{Add, Mul, Sub};

4
library/core/src/num/uint_macros.rs
View File

@ -2452,8 +2452,8 @@ pub const fn isqrt(self) -> Self {
// SAFETY: the result is positive and fits in an integer with half as many bits.
// Inform the optimizer about it.
unsafe {
intrinsics::assume(0 < res);
intrinsics::assume(res < 1 << (Self::BITS / 2));
hint::assert_unchecked(0 < res);
hint::assert_unchecked(res < 1 << (Self::BITS / 2));
}
res

2
library/core/src/slice/index.rs
View File

@ -234,7 +234,7 @@ unsafe fn get_unchecked(self, slice: *const [T]) -> *const T {
// `self` is in bounds of `slice` so `self` cannot overflow an `isize`,
// so the call to `add` is safe.
unsafe {
crate::intrinsics::assume(self < slice.len());
crate::hint::assert_unchecked(self < slice.len());
slice.as_ptr().add(self)
}
}

2
library/core/src/slice/iter.rs
View File

@ -5,7 +5,7 @@
use crate::cmp;
use crate::fmt;
use crate::intrinsics::assume;
use crate::hint::assert_unchecked;
use crate::iter::{
FusedIterator, TrustedLen, TrustedRandomAccess, TrustedRandomAccessNoCoerce, UncheckedIterator,
};

4
library/core/src/slice/iter/macros.rs
View File

@ -338,7 +338,7 @@ fn position<P>(&mut self, mut predicate: P) -> Option<usize> where
if predicate(x) {
// SAFETY: we are guaranteed to be in bounds by the loop invariant:
// when `i >= n`, `self.next()` returns `None` and the loop breaks.
unsafe { assume(i < n) };
unsafe { assert_unchecked(i < n) };
return Some(i);
}
i += 1;
@ -361,7 +361,7 @@ fn rposition<P>(&mut self, mut predicate: P) -> Option<usize> where
if predicate(x) {
// SAFETY: `i` must be lower than `n` since it starts at `n`
// and is only decreasing.
unsafe { assume(i < n) };
unsafe { assert_unchecked(i < n) };
return Some(i);
}
}

5
library/core/src/slice/mod.rs
View File

@ -8,6 +8,7 @@
use crate::cmp::Ordering::{self, Equal, Greater, Less};
use crate::fmt;
use crate::hint;
use crate::intrinsics::exact_div;
use crate::mem::{self, SizedTypeProperties};
use crate::num::NonZeroUsize;
@ -2799,7 +2800,7 @@ pub fn binary_search_by<'a, F>(&'a self, mut f: F) -> Result<usize, usize>
right = if cmp == Greater { mid } else { right };
if cmp == Equal {
// SAFETY: same as the `get_unchecked` above
unsafe { crate::intrinsics::assume(mid < self.len()) };
unsafe { hint::assert_unchecked(mid < self.len()) };
return Ok(mid);
}
@ -2808,7 +2809,7 @@ pub fn binary_search_by<'a, F>(&'a self, mut f: F) -> Result<usize, usize>
// SAFETY: directly true from the overall invariant.
// Note that this is `<=`, unlike the assume in the `Ok` path.
unsafe { crate::intrinsics::assume(left <= self.len()) };
unsafe { hint::assert_unchecked(left <= self.len()) };
Err(left)
}

6
library/std/src/alloc.rs
View File

@ -56,7 +56,7 @@
#![deny(unsafe_op_in_unsafe_fn)]
#![stable(feature = "alloc_module", since = "1.28.0")]
use core::intrinsics;
use core::hint;
use core::ptr::NonNull;
use core::sync::atomic::{AtomicPtr, Ordering};
use core::{mem, ptr};
@ -172,7 +172,7 @@ unsafe fn grow_impl(
let new_size = new_layout.size();
// `realloc` probably checks for `new_size >= old_layout.size()` or something similar.
intrinsics::assume(new_size >= old_layout.size());
hint::assert_unchecked(new_size >= old_layout.size());
let raw_ptr = GlobalAlloc::realloc(self, ptr.as_ptr(), old_layout, new_size);
let ptr = NonNull::new(raw_ptr).ok_or(AllocError)?;
@ -264,7 +264,7 @@ unsafe fn shrink(
// SAFETY: `new_size` is non-zero. Other conditions must be upheld by the caller
new_size if old_layout.align() == new_layout.align() => unsafe {
// `realloc` probably checks for `new_size <= old_layout.size()` or something similar.
intrinsics::assume(new_size <= old_layout.size());
hint::assert_unchecked(new_size <= old_layout.size());
let raw_ptr = GlobalAlloc::realloc(self, ptr.as_ptr(), old_layout, new_size);
let ptr = NonNull::new(raw_ptr).ok_or(AllocError)?;

1
library/std/src/lib.rs
View File

@ -325,6 +325,7 @@
#![feature(float_next_up_down)]
#![feature(hasher_prefixfree_extras)]
#![feature(hashmap_internals)]
#![feature(hint_assert_unchecked)]
#![feature(ip)]
#![feature(maybe_uninit_slice)]
#![feature(maybe_uninit_uninit_array)]

2
tests/codegen/vec-reserve-extend.rs
View File

@ -1,4 +1,6 @@
// compile-flags: -O
// ignore-debug
// (with debug assertions turned on, `assert_unchecked` generates a real assertion)
#![crate_type = "lib"]

2
tests/codegen/vec_pop_push_noop.rs
View File

@ -1,4 +1,6 @@
// compile-flags: -O
// ignore-debug
// (with debug assertions turned on, `assert_unchecked` generates a real assertion)
#![crate_type = "lib"]