Skip to content

Commit

Permalink
make many ptr functions must_use
Browse files Browse the repository at this point in the history 
https://djugei.github.io/bad-at-unsafe/ describes an error a user had when trying to use offset:

> At first I just assumed that the .add() and .offset() methods on pointers would mutate the pointer. They do not. Instead they return a new pointer, which gets dropped silently if you don't use it. Unlike for example Result, which is must_use annotated.
  • Loading branch information
@steveklabnik
steveklabnik committed May 17, 2020
1 parent 7faeae0 commit aea0186
Show file tree
Hide file tree
Showing 3 changed files with 14 additions and 0 deletions.
2 changes: 2 additions & 0 deletions src/libcore/intrinsics.rs
View file
Expand Up @@ -1311,6 +1311,7 @@ extern "rust-intrinsic" {
///
/// The stabilized version of this intrinsic is
/// [`std::pointer::offset`](../../std/primitive.pointer.html#method.offset).
#[must_use = "returns a new pointer rather than modifying its argument"]
pub fn offset<T>(dst: *const T, offset: isize) -> *const T;

/// Calculates the offset from a pointer, potentially wrapping.
Expand All @@ -1327,6 +1328,7 @@ extern "rust-intrinsic" {
///
/// The stabilized version of this intrinsic is
/// [`std::pointer::wrapping_offset`](../../std/primitive.pointer.html#method.wrapping_offset).
#[must_use = "returns a new pointer rather than modifying its argument"]
pub fn arith_offset<T>(dst: *const T, offset: isize) -> *const T;

/// Equivalent to the appropriate `llvm.memcpy.p0i8.0i8.*` intrinsic, with
Expand Down
6 changes: 6 additions & 0 deletions src/libcore/ptr/const_ptr.rs
View file
Expand Up @@ -150,6 +150,7 @@ impl<T: ?Sized> *const T {
/// }
/// ```
#[stable(feature = "rust1", since = "1.0.0")]
#[must_use = "returns a new pointer rather than modifying its argument"]
#[inline]
pub unsafe fn offset(self, count: isize) -> *const T
where
Expand Down Expand Up @@ -208,6 +209,7 @@ impl<T: ?Sized> *const T {
/// }
/// ```
#[stable(feature = "ptr_wrapping_offset", since = "1.16.0")]
#[must_use = "returns a new pointer rather than modifying its argument"]
#[inline]
pub fn wrapping_offset(self, count: isize) -> *const T
where
Expand Down Expand Up @@ -390,6 +392,7 @@ impl<T: ?Sized> *const T {
/// }
/// ```
#[stable(feature = "pointer_methods", since = "1.26.0")]
#[must_use = "returns a new pointer rather than modifying its argument"]
#[inline]
pub unsafe fn add(self, count: usize) -> Self
where
Expand Down Expand Up @@ -451,6 +454,7 @@ impl<T: ?Sized> *const T {
/// }
/// ```
#[stable(feature = "pointer_methods", since = "1.26.0")]
#[must_use = "returns a new pointer rather than modifying its argument"]
#[inline]
pub unsafe fn sub(self, count: usize) -> Self
where
Expand Down Expand Up @@ -506,6 +510,7 @@ impl<T: ?Sized> *const T {
/// }
/// ```
#[stable(feature = "pointer_methods", since = "1.26.0")]
#[must_use = "returns a new pointer rather than modifying its argument"]
#[inline]
pub fn wrapping_add(self, count: usize) -> Self
where
Expand Down Expand Up @@ -561,6 +566,7 @@ impl<T: ?Sized> *const T {
/// }
/// ```
#[stable(feature = "pointer_methods", since = "1.26.0")]
#[must_use = "returns a new pointer rather than modifying its argument"]
#[inline]
pub fn wrapping_sub(self, count: usize) -> Self
where
Expand Down
6 changes: 6 additions & 0 deletions src/libcore/ptr/mut_ptr.rs
View file
Expand Up @@ -144,6 +144,7 @@ impl<T: ?Sized> *mut T {
/// }
/// ```
#[stable(feature = "rust1", since = "1.0.0")]
#[must_use = "returns a new pointer rather than modifying its argument"]
#[inline]
pub unsafe fn offset(self, count: isize) -> *mut T
where
Expand Down Expand Up @@ -201,6 +202,7 @@ impl<T: ?Sized> *mut T {
/// assert_eq!(&data, &[0, 2, 0, 4, 0]);
/// ```
#[stable(feature = "ptr_wrapping_offset", since = "1.16.0")]
#[must_use = "returns a new pointer rather than modifying its argument"]
#[inline]
pub fn wrapping_offset(self, count: isize) -> *mut T
where
Expand Down Expand Up @@ -436,6 +438,7 @@ impl<T: ?Sized> *mut T {
/// }
/// ```
#[stable(feature = "pointer_methods", since = "1.26.0")]
#[must_use = "returns a new pointer rather than modifying its argument"]
#[inline]
pub unsafe fn add(self, count: usize) -> Self
where
Expand Down Expand Up @@ -497,6 +500,7 @@ impl<T: ?Sized> *mut T {
/// }
/// ```
#[stable(feature = "pointer_methods", since = "1.26.0")]
#[must_use = "returns a new pointer rather than modifying its argument"]
#[inline]
pub unsafe fn sub(self, count: usize) -> Self
where
Expand Down Expand Up @@ -552,6 +556,7 @@ impl<T: ?Sized> *mut T {
/// }
/// ```
#[stable(feature = "pointer_methods", since = "1.26.0")]
#[must_use = "returns a new pointer rather than modifying its argument"]
#[inline]
pub fn wrapping_add(self, count: usize) -> Self
where
Expand Down Expand Up @@ -607,6 +612,7 @@ impl<T: ?Sized> *mut T {
/// }
/// ```
#[stable(feature = "pointer_methods", since = "1.26.0")]
#[must_use = "returns a new pointer rather than modifying its argument"]
#[inline]
pub fn wrapping_sub(self, count: usize) -> Self
where
Expand Down

0 comments on commit aea0186

Please sign in to comment.