From 289a208d60103eee50f9dde4b3f1e9fe3da42882 Mon Sep 17 00:00:00 2001 From: Ben Kimock Date: Sun, 16 Jun 2024 12:58:08 -0400 Subject: [PATCH 1/2] Add a precondition check for Layout::from_size_align_unchecked --- library/core/src/alloc/layout.rs | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/library/core/src/alloc/layout.rs b/library/core/src/alloc/layout.rs index 0b92767c93205..5f694616e59e1 100644 --- a/library/core/src/alloc/layout.rs +++ b/library/core/src/alloc/layout.rs @@ -4,6 +4,7 @@ // collections, resulting in having to optimize down excess IR multiple times. // Your performance intuition is useless. Run perf. +use crate::assert_unsafe_precondition; use crate::cmp; use crate::error::Error; use crate::fmt; @@ -118,6 +119,15 @@ impl Layout { #[inline] #[rustc_allow_const_fn_unstable(ptr_alignment_type)] pub const unsafe fn from_size_align_unchecked(size: usize, align: usize) -> Self { + assert_unsafe_precondition!( + check_library_ub, + "Layout::from_size_align_unchecked requires that align is a power of 2 \ + and the rounded-up allocation size does not exceed isize::MAX", + ( + size: usize = size, + align: usize = align, + ) => Layout::from_size_align(size, align).is_ok() + ); // SAFETY: the caller is required to uphold the preconditions. unsafe { Layout { size, align: Alignment::new_unchecked(align) } } } From 31f0305bc84d06a40f1be8582ef5a409e1de9ae5 Mon Sep 17 00:00:00 2001 From: Ben Kimock Date: Tue, 18 Jun 2024 14:30:29 -0400 Subject: [PATCH 2/2] Use Alignment::of more --- library/alloc/src/lib.rs | 1 + library/alloc/src/raw_vec.rs | 6 +++--- library/core/src/alloc/layout.rs | 4 +++- 3 files changed, 7 insertions(+), 4 deletions(-) diff --git a/library/alloc/src/lib.rs b/library/alloc/src/lib.rs index 4749b8880fbc4..6509e5576ec80 100644 --- a/library/alloc/src/lib.rs +++ b/library/alloc/src/lib.rs @@ -138,6 +138,7 @@ #![feature(maybe_uninit_uninit_array_transpose)] #![feature(panic_internals)] #![feature(pattern)] +#![feature(ptr_alignment_type)] #![feature(ptr_internals)] #![feature(ptr_metadata)] #![feature(ptr_sub_ptr)] diff --git a/library/alloc/src/raw_vec.rs b/library/alloc/src/raw_vec.rs index 1134c7f833e2b..569aac75d2aef 100644 --- a/library/alloc/src/raw_vec.rs +++ b/library/alloc/src/raw_vec.rs @@ -4,7 +4,7 @@ use core::alloc::LayoutError; use core::cmp; use core::hint; use core::mem::{self, ManuallyDrop, MaybeUninit, SizedTypeProperties}; -use core::ptr::{self, NonNull, Unique}; +use core::ptr::{self, Alignment, NonNull, Unique}; #[cfg(not(no_global_oom_handling))] use crate::alloc::handle_alloc_error; @@ -306,9 +306,9 @@ impl RawVec { // support such types. So we can do better by skipping some checks and avoid an unwrap. const { assert!(mem::size_of::() % mem::align_of::() == 0) }; unsafe { - let align = mem::align_of::(); + let align = Alignment::of::(); let size = mem::size_of::().unchecked_mul(self.cap.0); - let layout = Layout::from_size_align_unchecked(size, align); + let layout = Layout::from_size_alignment(size, align).unwrap_unchecked(); Some((self.ptr.cast().into(), layout)) } } diff --git a/library/core/src/alloc/layout.rs b/library/core/src/alloc/layout.rs index 5f694616e59e1..b577c531ff55c 100644 --- a/library/core/src/alloc/layout.rs +++ b/library/core/src/alloc/layout.rs @@ -97,8 +97,10 @@ impl Layout { } /// Internal helper constructor to skip revalidating alignment validity. + #[unstable(feature = "ptr_alignment_type", issue = "102070")] + #[rustc_const_unstable(feature = "ptr_alignment_type", issue = "102070")] #[inline] - const fn from_size_alignment(size: usize, align: Alignment) -> Result { + pub const fn from_size_alignment(size: usize, align: Alignment) -> Result { if size > Self::max_size_for_align(align) { return Err(LayoutError); }