forestia/bevy
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

bevy_ptr: fix unsafe_op_in_unsafe_fn lint (#11610)

Browse Source 
# Objective

- Part of #11590

## Solution

Fix `unsafe_op_in_unsafe_fn` for `bevy_ptr`.
This commit is contained in:
Tristan Guichaoua 2024-01-31 00:37:29 +01:00 committed by GitHub
parent 6990c0ec24
commit b66f2fd7c4
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 30 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
crates/bevy_ptr/src/lib.rs
View File

@ -1,8 +1,6 @@
#![doc = include_str!("../README.md")] #![doc = include_str!("../README.md")]
#![no_std] #![no_std]
#![warn(missing_docs)] #![warn(missing_docs)]
// FIXME(11590): remove this once the lint is fixed
#![allow(unsafe_op_in_unsafe_fn)]
use core::fmt::{self, Formatter, Pointer}; use core::fmt::{self, Formatter, Pointer};
use core::{ use core::{
@ -106,7 +104,8 @@ macro_rules! impl_ptr {
#[inline] #[inline]
pub unsafe fn byte_offset(self, count: isize) -> Self { pub unsafe fn byte_offset(self, count: isize) -> Self {
Self( Self(
NonNull::new_unchecked(self.as_ptr().offset(count)), // SAFETY: The caller upholds safety for `offset` and ensures the result is not null.
unsafe { NonNull::new_unchecked(self.as_ptr().offset(count)) },
PhantomData, PhantomData,
) )
} }
@ -126,7 +125,8 @@ macro_rules! impl_ptr {
#[inline] #[inline]
pub unsafe fn byte_add(self, count: usize) -> Self { pub unsafe fn byte_add(self, count: usize) -> Self {
Self( Self(
NonNull::new_unchecked(self.as_ptr().add(count)), // SAFETY: The caller upholds safety for `add` and ensures the result is not null.
unsafe { NonNull::new_unchecked(self.as_ptr().add(count)) },
PhantomData, PhantomData,
) )
} }
@ -176,7 +176,9 @@ impl<'a, A: IsAligned> Ptr<'a, A> {
/// for the pointee type `T`. /// for the pointee type `T`.
#[inline] #[inline]
pub unsafe fn deref<T>(self) -> &'a T { pub unsafe fn deref<T>(self) -> &'a T {
&*self.as_ptr().cast::<T>().debug_ensure_aligned() let ptr = self.as_ptr().cast::<T>().debug_ensure_aligned();
// SAFETY: The caller ensures the pointee is of type `T` and the pointer can be dereferenced.
unsafe { &*ptr }
} }
/// Gets the underlying pointer, erasing the associated lifetime. /// Gets the underlying pointer, erasing the associated lifetime.
@ -230,7 +232,9 @@ impl<'a, A: IsAligned> PtrMut<'a, A> {
/// for the pointee type `T`. /// for the pointee type `T`.
#[inline] #[inline]
pub unsafe fn deref_mut<T>(self) -> &'a mut T { pub unsafe fn deref_mut<T>(self) -> &'a mut T {
&mut *self.as_ptr().cast::<T>().debug_ensure_aligned() let ptr = self.as_ptr().cast::<T>().debug_ensure_aligned();
// SAFETY: The caller ensures the pointee is of type `T` and the pointer can be dereferenced.
unsafe { &mut *ptr }
} }
/// Gets the underlying pointer, erasing the associated lifetime. /// Gets the underlying pointer, erasing the associated lifetime.
@ -299,7 +303,9 @@ impl<'a, A: IsAligned> OwningPtr<'a, A> {
/// for the pointee type `T`. /// for the pointee type `T`.
#[inline] #[inline]
pub unsafe fn read<T>(self) -> T { pub unsafe fn read<T>(self) -> T {
self.as_ptr().cast::<T>().debug_ensure_aligned().read() let ptr = self.as_ptr().cast::<T>().debug_ensure_aligned();
// SAFETY: The caller ensure the pointee is of type `T` and uphold safety for `read`.
unsafe { ptr.read() }
} }
/// Consumes the [`OwningPtr`] to drop the underlying data of type `T`. /// Consumes the [`OwningPtr`] to drop the underlying data of type `T`.
@ -310,10 +316,11 @@ impl<'a, A: IsAligned> OwningPtr<'a, A> {
/// for the pointee type `T`. /// for the pointee type `T`.
#[inline] #[inline]
pub unsafe fn drop_as<T>(self) { pub unsafe fn drop_as<T>(self) {
self.as_ptr() let ptr = self.as_ptr().cast::<T>().debug_ensure_aligned();
.cast::<T>() // SAFETY: The caller ensure the pointee is of type `T` and uphold safety for `drop_in_place`.
.debug_ensure_aligned() unsafe {
.drop_in_place(); ptr.drop_in_place();
}
} }
/// Gets the underlying pointer, erasing the associated lifetime. /// Gets the underlying pointer, erasing the associated lifetime.
@ -346,7 +353,9 @@ impl<'a> OwningPtr<'a, Unaligned> {
/// # Safety /// # Safety
/// - `T` must be the erased pointee type for this [`OwningPtr`]. /// - `T` must be the erased pointee type for this [`OwningPtr`].
pub unsafe fn read_unaligned<T>(self) -> T { pub unsafe fn read_unaligned<T>(self) -> T {
self.as_ptr().cast::<T>().read_unaligned() let ptr = self.as_ptr().cast::<T>();
// SAFETY: The caller ensure the pointee is of type `T` and uphold safety for `read_unaligned`.
unsafe { ptr.read_unaligned() }
} }
} }
@ -368,7 +377,9 @@ impl<'a, T> ThinSlicePtr<'a, T> {
#[cfg(debug_assertions)] #[cfg(debug_assertions)]
debug_assert!(index < self.len); debug_assert!(index < self.len);
&*self.ptr.as_ptr().add(index) let ptr = self.ptr.as_ptr();
// SAFETY: `index` is in-bounds so the resulting pointer is valid to dereference.
unsafe { &*ptr.add(index) }
} }
} }
@ -435,11 +446,13 @@ pub trait UnsafeCellDeref<'a, T>: private::SealedUnsafeCell {
impl<'a, T> UnsafeCellDeref<'a, T> for &'a UnsafeCell<T> { impl<'a, T> UnsafeCellDeref<'a, T> for &'a UnsafeCell<T> {
#[inline] #[inline]
unsafe fn deref_mut(self) -> &'a mut T { unsafe fn deref_mut(self) -> &'a mut T {
&mut *self.get() // SAFETY: The caller upholds the alias rules.
unsafe { &mut *self.get() }
} }
#[inline] #[inline]
unsafe fn deref(self) -> &'a T { unsafe fn deref(self) -> &'a T {
&*self.get() // SAFETY: The caller upholds the alias rules.
unsafe { &*self.get() }
} }
#[inline] #[inline]
@ -447,7 +460,8 @@ impl<'a, T> UnsafeCellDeref<'a, T> for &'a UnsafeCell<T> {
where where
T: Copy, T: Copy,
{ {
self.get().read() // SAFETY: The caller upholds the alias rules.
unsafe { self.get().read() }
} }
} }