Make assignment operators panic safe

branpk · mbrubeck · commit c55cda301c94 · 2020-12-06T10:51:46.000-08:00
diff --git a/src/lib.rs b/src/lib.rs
@@ -377,8 +377,7 @@ impl<T: Float + AddAssign> AddAssign for NotNan<T> {
 /// Panics if the provided value is NaN.
 impl<T: Float + AddAssign> AddAssign<T> for NotNan<T> {
     fn add_assign(&mut self, other: T) {
-        self.0 += other;
-        assert!(!self.0.is_nan(), "Addition resulted in NaN");
+        *self = *self + other;
     }
 }
 
@@ -425,8 +424,7 @@ impl<T: Float + SubAssign> SubAssign for NotNan<T> {
 /// Panics if the provided value is NaN or the computation results in NaN
 impl<T: Float + SubAssign> SubAssign<T> for NotNan<T> {
     fn sub_assign(&mut self, other: T) {
-        self.0 -= other;
-        assert!(!self.0.is_nan(), "Subtraction resulted in NaN");
+        *self = *self - other;
     }
 }
 
@@ -460,8 +458,7 @@ impl<T: Float + MulAssign> MulAssign for NotNan<T> {
 /// Panics if the provided value is NaN.
 impl<T: Float + MulAssign> MulAssign<T> for NotNan<T> {
     fn mul_assign(&mut self, other: T) {
-        self.0 *= other;
-        assert!(!self.0.is_nan(), "Multiplication resulted in NaN");
+        *self = *self * other;
     }
 }
 
@@ -507,8 +504,7 @@ impl<T: Float + DivAssign> DivAssign for NotNan<T> {
 /// Panics if the provided value is NaN or the computation results in NaN
 impl<T: Float + DivAssign> DivAssign<T> for NotNan<T> {
     fn div_assign(&mut self, other: T) {
-        self.0 /= other;
-        assert!(!self.0.is_nan(), "Division resulted in NaN");
+        *self = *self / other;
     }
 }
 
@@ -542,8 +538,7 @@ impl<T: Float + RemAssign> RemAssign for NotNan<T> {
 /// Panics if the provided value is NaN or the computation results in NaN
 impl<T: Float + RemAssign> RemAssign<T> for NotNan<T> {
     fn rem_assign(&mut self, other: T) {
-        self.0 %= other;
-        assert!(!self.0.is_nan(), "Rem resulted in NaN");
+        *self = *self % other;
     }
 }
 
diff --git a/tests/test.rs b/tests/test.rs
@@ -590,3 +590,18 @@ fn not_nan_usage_in_const_context() {
     const A: NotNan<f32> = unsafe { NotNan::unchecked_new(111f32) };
     assert_eq!(A, NotNan::new(111f32).unwrap());
 }
+
+#[test]
+fn not_nan_panic_safety() {
+    let catch_op = |mut num, op: fn(&mut NotNan<_>)| {
+        let mut num_ref = panic::AssertUnwindSafe(&mut num);
+        let _ = panic::catch_unwind(move || op(*num_ref));
+        num
+    };
+
+    assert!(!catch_op(not_nan(f32::INFINITY), |a| *a += f32::NEG_INFINITY).is_nan());
+    assert!(!catch_op(not_nan(f32::INFINITY), |a| *a -= f32::INFINITY).is_nan());
+    assert!(!catch_op(not_nan(0.0), |a| *a *= f32::INFINITY).is_nan());
+    assert!(!catch_op(not_nan(0.0), |a| *a /= 0.0).is_nan());
+    assert!(!catch_op(not_nan(0.0), |a| *a %= 0.0).is_nan());
+}

Original file line number	Diff line number	Diff line change
`@@ -377,8 +377,7 @@ impl<T: Float + AddAssign> AddAssign for NotNan<T> {`
`377`	`377`	`/// Panics if the provided value is NaN.`
`378`	`378`	`impl<T: Float + AddAssign> AddAssign<T> for NotNan<T> {`
`379`	`379`	`fn add_assign(&mut self, other: T) {`
`380`		`- self.0 += other;`
`381`		`- assert!(!self.0.is_nan(), "Addition resulted in NaN");`
	`380`	`+ self = self + other;`
`382`	`381`	`}`
`383`	`382`	`}`
`384`	`383`
`@@ -425,8 +424,7 @@ impl<T: Float + SubAssign> SubAssign for NotNan<T> {`
`425`	`424`	`/// Panics if the provided value is NaN or the computation results in NaN`
`426`	`425`	`impl<T: Float + SubAssign> SubAssign<T> for NotNan<T> {`
`427`	`426`	`fn sub_assign(&mut self, other: T) {`
`428`		`- self.0 -= other;`
`429`		`- assert!(!self.0.is_nan(), "Subtraction resulted in NaN");`
	`427`	`+ self = self - other;`
`430`	`428`	`}`
`431`	`429`	`}`
`432`	`430`
`@@ -460,8 +458,7 @@ impl<T: Float + MulAssign> MulAssign for NotNan<T> {`
`460`	`458`	`/// Panics if the provided value is NaN.`
`461`	`459`	`impl<T: Float + MulAssign> MulAssign<T> for NotNan<T> {`
`462`	`460`	`fn mul_assign(&mut self, other: T) {`
`463`		`- self.0 *= other;`
`464`		`- assert!(!self.0.is_nan(), "Multiplication resulted in NaN");`
	`461`	`+ self = self * other;`
`465`	`462`	`}`
`466`	`463`	`}`
`467`	`464`
`@@ -507,8 +504,7 @@ impl<T: Float + DivAssign> DivAssign for NotNan<T> {`
`507`	`504`	`/// Panics if the provided value is NaN or the computation results in NaN`
`508`	`505`	`impl<T: Float + DivAssign> DivAssign<T> for NotNan<T> {`
`509`	`506`	`fn div_assign(&mut self, other: T) {`
`510`		`- self.0 /= other;`
`511`		`- assert!(!self.0.is_nan(), "Division resulted in NaN");`
	`507`	`+ self = self / other;`
`512`	`508`	`}`
`513`	`509`	`}`
`514`	`510`
`@@ -542,8 +538,7 @@ impl<T: Float + RemAssign> RemAssign for NotNan<T> {`
`542`	`538`	`/// Panics if the provided value is NaN or the computation results in NaN`
`543`	`539`	`impl<T: Float + RemAssign> RemAssign<T> for NotNan<T> {`
`544`	`540`	`fn rem_assign(&mut self, other: T) {`
`545`		`- self.0 %= other;`
`546`		`- assert!(!self.0.is_nan(), "Rem resulted in NaN");`
	`541`	`+ self = self % other;`
`547`	`542`	`}`
`548`	`543`	`}`
`549`	`544`