Skip to content

Commit

Permalink
Rollup merge of #73054 - RalfJung:dont-panic, r=Mark-Simulacrum
Browse files Browse the repository at this point in the history
memory access sanity checks: abort instead of panic

Suggested by @Mark-Simulacrum, this should help reduce the performance impact of these checks.
  • Loading branch information
RalfJung authored Jun 19, 2020
2 parents 0851036 + 81c7ebd commit 125c196
Show file tree
Hide file tree
Showing 4 changed files with 33 additions and 14 deletions.
17 changes: 12 additions & 5 deletions src/libcore/intrinsics.rs
Original file line number Diff line number Diff line change
Expand Up @@ -2064,9 +2064,14 @@ pub unsafe fn copy_nonoverlapping<T>(src: *const T, dst: *mut T, count: usize) {
fn copy_nonoverlapping<T>(src: *const T, dst: *mut T, count: usize);
}

debug_assert!(is_aligned_and_not_null(src), "attempt to copy from unaligned or null pointer");
debug_assert!(is_aligned_and_not_null(dst), "attempt to copy to unaligned or null pointer");
debug_assert!(is_nonoverlapping(src, dst, count), "attempt to copy to overlapping memory");
if cfg!(debug_assertions)
&& !(is_aligned_and_not_null(src)
&& is_aligned_and_not_null(dst)
&& is_nonoverlapping(src, dst, count))
{
// Not panicking to keep codegen impact smaller.
abort();
}
copy_nonoverlapping(src, dst, count)
}

Expand Down Expand Up @@ -2129,8 +2134,10 @@ pub unsafe fn copy<T>(src: *const T, dst: *mut T, count: usize) {
fn copy<T>(src: *const T, dst: *mut T, count: usize);
}

debug_assert!(is_aligned_and_not_null(src), "attempt to copy from unaligned or null pointer");
debug_assert!(is_aligned_and_not_null(dst), "attempt to copy to unaligned or null pointer");
if cfg!(debug_assertions) && !(is_aligned_and_not_null(src) && is_aligned_and_not_null(dst)) {
// Not panicking to keep codegen impact smaller.
abort();
}
copy(src, dst, count)
}

Expand Down
28 changes: 21 additions & 7 deletions src/libcore/ptr/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -70,7 +70,7 @@
use crate::cmp::Ordering;
use crate::fmt;
use crate::hash;
use crate::intrinsics::{self, is_aligned_and_not_null, is_nonoverlapping};
use crate::intrinsics::{self, abort, is_aligned_and_not_null, is_nonoverlapping};
use crate::mem::{self, MaybeUninit};

#[stable(feature = "rust1", since = "1.0.0")]
Expand Down Expand Up @@ -420,9 +420,14 @@ pub unsafe fn swap<T>(x: *mut T, y: *mut T) {
#[inline]
#[stable(feature = "swap_nonoverlapping", since = "1.27.0")]
pub unsafe fn swap_nonoverlapping<T>(x: *mut T, y: *mut T, count: usize) {
debug_assert!(is_aligned_and_not_null(x), "attempt to swap unaligned or null pointer");
debug_assert!(is_aligned_and_not_null(y), "attempt to swap unaligned or null pointer");
debug_assert!(is_nonoverlapping(x, y, count), "attempt to swap overlapping memory");
if cfg!(debug_assertions)
&& !(is_aligned_and_not_null(x)
&& is_aligned_and_not_null(y)
&& is_nonoverlapping(x, y, count))
{
// Not panicking to keep codegen impact smaller.
abort();
}

let x = x as *mut u8;
let y = y as *mut u8;
Expand Down Expand Up @@ -838,7 +843,10 @@ pub unsafe fn read_unaligned<T>(src: *const T) -> T {
#[inline]
#[stable(feature = "rust1", since = "1.0.0")]
pub unsafe fn write<T>(dst: *mut T, src: T) {
debug_assert!(is_aligned_and_not_null(dst), "attempt to write to unaligned or null pointer");
if cfg!(debug_assertions) && !is_aligned_and_not_null(dst) {
// Not panicking to keep codegen impact smaller.
abort();
}
intrinsics::move_val_init(&mut *dst, src)
}

Expand Down Expand Up @@ -1003,7 +1011,10 @@ pub unsafe fn write_unaligned<T>(dst: *mut T, src: T) {
#[inline]
#[stable(feature = "volatile", since = "1.9.0")]
pub unsafe fn read_volatile<T>(src: *const T) -> T {
debug_assert!(is_aligned_and_not_null(src), "attempt to read from unaligned or null pointer");
if cfg!(debug_assertions) && !is_aligned_and_not_null(src) {
// Not panicking to keep codegen impact smaller.
abort();
}
intrinsics::volatile_load(src)
}

Expand Down Expand Up @@ -1072,7 +1083,10 @@ pub unsafe fn read_volatile<T>(src: *const T) -> T {
#[inline]
#[stable(feature = "volatile", since = "1.9.0")]
pub unsafe fn write_volatile<T>(dst: *mut T, src: T) {
debug_assert!(is_aligned_and_not_null(dst), "attempt to write to unaligned or null pointer");
if cfg!(debug_assertions) && !is_aligned_and_not_null(dst) {
// Not panicking to keep codegen impact smaller.
abort();
}
intrinsics::volatile_store(dst, src);
}

Expand Down
1 change: 0 additions & 1 deletion src/test/codegen/vec-clear.rs
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@
// ignore-debug: the debug assertions get in the way
// compile-flags: -O

#![crate_type = "lib"]
Expand Down
1 change: 0 additions & 1 deletion src/test/codegen/vec-optimizes-away.rs
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@
//
// ignore-debug: the debug assertions get in the way
// no-system-llvm
// compile-flags: -O
Expand Down

0 comments on commit 125c196

Please sign in to comment.