Skip to content

Commit 7b77508

Browse files
tbu-tbu-
committed
Add debug_assert!s to slice::from_raw_parts
Copy the documentation over to `slice::from_raw_parts_mut`.
1 parent 1975b8d commit 7b77508

File tree

1 file changed

+11
-2
lines changed

1 file changed

+11
-2
lines changed

src/libcore/slice/mod.rs

Lines changed: 11 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -34,6 +34,7 @@ use cmp::Ordering::{self, Less, Equal, Greater};
3434
use cmp;
3535
use fmt;
3636
use intrinsics::assume;
37+
use isize;
3738
use iter::*;
3839
use ops::{FnMut, Try, self};
3940
use option::Option;
@@ -3880,6 +3881,8 @@ unsafe impl<'a, T> TrustedRandomAccess for ExactChunksMut<'a, T> {
38803881
#[stable(feature = "rust1", since = "1.0.0")]
38813882
pub unsafe fn from_raw_parts<'a, T>(data: *const T, len: usize) -> &'a [T] {
38823883
debug_assert!(data as usize % mem::align_of::<T>() == 0, "attempt to create unaligned slice");
3884+
debug_assert!(len * mem::size_of::<T>() <= isize::MAX as usize,
3885+
"attempt to create slice covering half the address space");
38833886
Repr { raw: FatPtr { data, len } }.rust
38843887
}
38853888

@@ -3889,14 +3892,20 @@ pub unsafe fn from_raw_parts<'a, T>(data: *const T, len: usize) -> &'a [T] {
38893892
/// This function is unsafe for the same reasons as [`from_raw_parts`], as well
38903893
/// as not being able to provide a non-aliasing guarantee of the returned
38913894
/// mutable slice. `data` must be non-null and aligned even for zero-length
3892-
/// slices as with [`from_raw_parts`]. See the documentation of
3893-
/// [`from_raw_parts`] for more details.
3895+
/// slices as with [`from_raw_parts`]. The total size of the slice must be no
3896+
/// larger than `isize::MAX` **bytes** in memory. See the safety documentation
3897+
/// of [`pointer::offset`].
3898+
///
3899+
/// See the documentation of [`from_raw_parts`] for more details.
38943900
///
38953901
/// [`from_raw_parts`]: ../../std/slice/fn.from_raw_parts.html
3902+
/// [`pointer::offset`]: ../../std/primitive.pointer.html#method.offset
38963903
#[inline]
38973904
#[stable(feature = "rust1", since = "1.0.0")]
38983905
pub unsafe fn from_raw_parts_mut<'a, T>(data: *mut T, len: usize) -> &'a mut [T] {
38993906
debug_assert!(data as usize % mem::align_of::<T>() == 0, "attempt to create unaligned slice");
3907+
debug_assert!(len * mem::size_of::<T>() <= isize::MAX as usize,
3908+
"attempt to create slice covering half the address space");
39003909
Repr { raw: FatPtr { data, len} }.rust_mut
39013910
}
39023911

0 commit comments

Comments
 (0)