user0/rust
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

A slice covering exactly half the address space is not OK

Browse source
This commit is contained in:
Tobias Bucher 2018-09-10 07:53:42 +02:00
parent 7b77508e23
commit 1aac00fad3
1 changed files with 6 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

12
src/libcore/slice/mod.rs
View file

@ -3852,8 +3852,8 @@ unsafe impl<'a, T> TrustedRandomAccess for ExactChunksMut<'a, T> {
/// them from other data. You can obtain a pointer that is usable as `data`
/// for zero-length slices using [`NonNull::dangling()`].
///
/// The total size of the slice must be no larger than `isize::MAX` **bytes**
/// in memory. See the safety documentation of [`pointer::offset`].
/// The total size of the slice must lower than `isize::MAX` **bytes** in
/// memory. See the safety documentation of [`pointer::offset`].
///
/// # Caveat
///
@ -3881,7 +3881,7 @@ unsafe impl<'a, T> TrustedRandomAccess for ExactChunksMut<'a, T> {
#[stable(feature = "rust1", since = "1.0.0")]
pub unsafe fn from_raw_parts<'a, T>(data: *const T, len: usize) -> &'a [T] {
debug_assert!(data as usize % mem::align_of::<T>() == 0, "attempt to create unaligned slice");
debug_assert!(len * mem::size_of::<T>() <= isize::MAX as usize,
debug_assert!(len * mem::size_of::<T>() < isize::MAX as usize,
"attempt to create slice covering half the address space");
Repr { raw: FatPtr { data, len } }.rust
}
@ -3892,8 +3892,8 @@ pub unsafe fn from_raw_parts<'a, T>(data: *const T, len: usize) -> &'a [T] {
/// This function is unsafe for the same reasons as [`from_raw_parts`], as well
/// as not being able to provide a non-aliasing guarantee of the returned
/// mutable slice. `data` must be non-null and aligned even for zero-length
/// slices as with [`from_raw_parts`]. The total size of the slice must be no
/// larger than `isize::MAX` **bytes** in memory. See the safety documentation
/// slices as with [`from_raw_parts`]. The total size of the slice must be
/// lower than `isize::MAX` **bytes** in memory. See the safety documentation
/// of [`pointer::offset`].
///
/// See the documentation of [`from_raw_parts`] for more details.
@ -3904,7 +3904,7 @@ pub unsafe fn from_raw_parts<'a, T>(data: *const T, len: usize) -> &'a [T] {
#[stable(feature = "rust1", since = "1.0.0")]
pub unsafe fn from_raw_parts_mut<'a, T>(data: *mut T, len: usize) -> &'a mut [T] {
debug_assert!(data as usize % mem::align_of::<T>() == 0, "attempt to create unaligned slice");
debug_assert!(len * mem::size_of::<T>() <= isize::MAX as usize,
debug_assert!(len * mem::size_of::<T>() < isize::MAX as usize,
"attempt to create slice covering half the address space");
Repr { raw: FatPtr { data, len} }.rust_mut
}