rust-lang#66219 documented unsafe in core::{cell, hint, panic}

foeb · Nov 9, 2019 · 5797593 · 5797593
1 parent 267aebc
commit 5797593
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 6 deletions.
diff --git a/src/libcore/hint.rs b/src/libcore/hint.rs
@@ -2,8 +2,6 @@
 
 //! Hints to compiler that affects how code should be emitted or optimized.
 
-// ignore-tidy-undocumented-unsafe
-
 use crate::intrinsics;
 
 /// Informs the compiler that this point in the code is not reachable, enabling
@@ -71,10 +69,12 @@ pub fn spin_loop() {
         )
     )] {
         #[cfg(target_arch = "x86")] {
+            // SAFETY: technically does nothing
             unsafe { crate::arch::x86::_mm_pause() };
         }
 
         #[cfg(target_arch = "x86_64")] {
+            // SAFETY: technically does nothing
             unsafe { crate::arch::x86_64::_mm_pause() };
         }
     }
@@ -86,9 +86,11 @@ pub fn spin_loop() {
         )
     )] {
         #[cfg(target_arch = "aarch64")] {
+            // SAFETY: hardware hint
             unsafe { crate::arch::aarch64::__yield() };
         }
         #[cfg(target_arch = "arm")] {
+            // SAFETY: hardware hint
             unsafe { crate::arch::arm::__yield() };
         }
     }
@@ -116,6 +118,7 @@ pub fn black_box<T>(dummy: T) -> T {
     // this. LLVM's intepretation of inline assembly is that it's, well, a black
     // box. This isn't the greatest implementation since it probably deoptimizes
     // more than we want, but it's so far good enough.
+    // SAFETY: compiler hint
     unsafe {
         asm!("" : : "r"(&dummy));
         return dummy;

diff --git a/src/libcore/option.rs b/src/libcore/option.rs
@@ -133,8 +133,6 @@
 //! [`Box<T>`]: ../../std/boxed/struct.Box.html
 //! [`i32`]: ../../std/primitive.i32.html
 
-// ignore-tidy-undocumented-unsafe
-
 #![stable(feature = "rust1", since = "1.0.0")]
 
 use crate::iter::{FromIterator, FusedIterator, TrustedLen};
@@ -298,6 +296,7 @@ impl<T> Option<T> {
     #[inline]
     #[stable(feature = "pin", since = "1.33.0")]
     pub fn as_pin_ref(self: Pin<&Self>) -> Option<Pin<&T>> {
+        // SAFETY: data already pinned
         unsafe {
             Pin::get_ref(self).as_ref().map(|x| Pin::new_unchecked(x))
         }
@@ -309,6 +308,7 @@ impl<T> Option<T> {
     #[inline]
     #[stable(feature = "pin", since = "1.33.0")]
     pub fn as_pin_mut(self: Pin<&mut Self>) -> Option<Pin<&mut T>> {
+        // SAFETY: data already pinned
         unsafe {
             Pin::get_unchecked_mut(self).as_mut().map(|x| Pin::new_unchecked(x))
         }
@@ -845,6 +845,7 @@ impl<T> Option<T> {
 
         match *self {
             Some(ref mut v) => v,
+            // SAFETY: *self is always Some(F)
             None => unsafe { hint::unreachable_unchecked() },
         }
     }

diff --git a/src/libcore/panicking.rs b/src/libcore/panicking.rs
@@ -20,8 +20,6 @@
 //! one function. Currently, the actual symbol is declared in the standard
 //! library, but the location of this may change over time.
 
-// ignore-tidy-undocumented-unsafe
-
 #![allow(dead_code, missing_docs)]
 #![unstable(feature = "core_panic",
             reason = "internal details of the implementation of the `panic!` \
@@ -39,6 +37,7 @@ use crate::panic::{Location, PanicInfo};
 #[lang = "panic"]
 pub fn panic(expr_file_line_col: &(&'static str, &'static str, u32, u32)) -> ! {
     if cfg!(feature = "panic_immediate_abort") {
+        // SAFETY: ends the program
         unsafe { super::intrinsics::abort() }
     }
 
@@ -60,6 +59,7 @@ pub fn panic(expr_file_line_col: &(&'static str, &'static str, u32, u32)) -> ! {
 #[lang = "panic"]
 pub fn panic(expr: &str, location: &Location<'_>) -> ! {
     if cfg!(feature = "panic_immediate_abort") {
+        // SAFETY: ends the program
         unsafe { super::intrinsics::abort() }
     }
 
@@ -79,6 +79,7 @@ pub fn panic(expr: &str, location: &Location<'_>) -> ! {
 fn panic_bounds_check(file_line_col: &(&'static str, u32, u32),
                      index: usize, len: usize) -> ! {
     if cfg!(feature = "panic_immediate_abort") {
+        // SAFETY: ends the program
         unsafe { super::intrinsics::abort() }
     }
 
@@ -92,6 +93,7 @@ fn panic_bounds_check(file_line_col: &(&'static str, u32, u32),
 #[lang = "panic_bounds_check"]
 fn panic_bounds_check(location: &Location<'_>, index: usize, len: usize) -> ! {
     if cfg!(feature = "panic_immediate_abort") {
+        // SAFETY: ends the program
         unsafe { super::intrinsics::abort() }
     }
 
@@ -107,6 +109,7 @@ fn panic_bounds_check(location: &Location<'_>, index: usize, len: usize) -> ! {
 #[cfg_attr(    feature="panic_immediate_abort" ,inline)]
 pub fn panic_fmt(fmt: fmt::Arguments<'_>, file_line_col: &(&'static str, u32, u32)) -> ! {
     if cfg!(feature = "panic_immediate_abort") {
+        // SAFETY: ends the program
         unsafe { super::intrinsics::abort() }
     }
 
@@ -119,6 +122,7 @@ pub fn panic_fmt(fmt: fmt::Arguments<'_>, file_line_col: &(&'static str, u32, u3
     let (file, line, col) = *file_line_col;
     let location = Location::internal_constructor(file, line, col);
     let pi = PanicInfo::internal_constructor(Some(&fmt), &location);
+    // SAFETY: psuedo-FFI call to end the program
     unsafe { panic_impl(&pi) }
 }
 
@@ -128,6 +132,7 @@ pub fn panic_fmt(fmt: fmt::Arguments<'_>, file_line_col: &(&'static str, u32, u3
 #[cfg_attr(    feature="panic_immediate_abort" ,inline)]
 pub fn panic_fmt(fmt: fmt::Arguments<'_>, location: &Location<'_>) -> ! {
     if cfg!(feature = "panic_immediate_abort") {
+        // SAFETY: ends the program
         unsafe { super::intrinsics::abort() }
     }
 
@@ -138,5 +143,6 @@ pub fn panic_fmt(fmt: fmt::Arguments<'_>, location: &Location<'_>) -> ! {
     }
 
     let pi = PanicInfo::internal_constructor(Some(&fmt), location);
+    // SAFETY: psuedo-FFI call to end the program
     unsafe { panic_impl(&pi) }
 }