Skip to content

Commit ca4f31c

Browse files
crlf0710crlf0710
committed
Make sure all unsafe blocks are documented.
1 parent 80ed381 commit ca4f31c

File tree

3 files changed

+42
-0
lines changed

3 files changed

+42
-0
lines changed

library/core/src/needle/ext.rs

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -215,6 +215,8 @@ where
215215
let end = hay.end_index();
216216
start..end
217217
};
218+
// SAFETY: the start and end indices of `range` are returned from `trim_start` and `end_index`,
219+
// and both are valid indices.
218220
unsafe { haystack.slice_unchecked(range) }
219221
}
220222

@@ -232,6 +234,8 @@ where
232234
let end = needle.into_consumer().trim_end(hay);
233235
start..end
234236
};
237+
// SAFETY: the start and end indices of `range` are returned from `start_index` and `trim_end`,
238+
// and both are valid indices.
235239
unsafe { haystack.slice_unchecked(range) }
236240
}
237241

@@ -248,10 +252,14 @@ where
248252
let range = {
249253
let hay = &*haystack;
250254
let end = checker.trim_end(hay);
255+
// SAFETY: the start and end indices are returned from `start_index` and `trim_end`,
256+
// and both are valid indices.
251257
let hay = unsafe { Hay::slice_unchecked(hay, hay.start_index()..end) };
252258
let start = checker.trim_start(hay);
253259
start..end
254260
};
261+
// SAFETY: the start and end indices of `range` are returned from `trim_start` and `trim_end`,
262+
// and both are valid indices.
255263
unsafe { haystack.slice_unchecked(range) }
256264
}
257265

@@ -279,6 +287,8 @@ where
279287
fn next_spanned(&mut self) -> Option<Span<H>> {
280288
let rest = self.rest.take();
281289
let range = self.searcher.search(rest.borrow())?;
290+
// SAFETY: the start and end indices of `range` are returned from `search`,
291+
// and both are valid indices.
282292
let [_, middle, right] = unsafe { rest.split_around(range) };
283293
self.rest = right;
284294
Some(middle)
@@ -300,6 +310,8 @@ where
300310
fn next_back_spanned(&mut self) -> Option<Span<H>> {
301311
let rest = self.rest.take();
302312
let range = self.searcher.rsearch(rest.borrow())?;
313+
// SAFETY: the start and end indices of `range` are returned from `rsearch`,
314+
// and both are valid indices.
303315
let [left, middle, _] = unsafe { rest.split_around(range) };
304316
self.rest = left;
305317
Some(middle)
@@ -608,6 +620,8 @@ where
608620
let mut rest = self.rest.take();
609621
match self.searcher.search(rest.borrow()) {
610622
Some(subrange) => {
623+
// SAFETY: the start and end indices of `subrange` are returned from `search`,
624+
// and both are valid indices.
611625
let [left, _, right] = unsafe { rest.split_around(subrange) };
612626
self.rest = right;
613627
rest = left;
@@ -638,6 +652,8 @@ where
638652
let rest = self.rest.take();
639653
let after = match self.searcher.rsearch(rest.borrow()) {
640654
Some(range) => {
655+
// SAFETY: the start and end indices of `subrange` are returned from `rsearch`,
656+
// and both are valid indices.
641657
let [left, _, right] = unsafe { rest.split_around(range) };
642658
self.rest = left;
643659
right
@@ -792,6 +808,8 @@ where
792808
}
793809
n => match self.searcher.search(rest.borrow()) {
794810
Some(range) => {
811+
// SAFETY: the start and end indices of `range` are returned from `search`,
812+
// and both are valid indices.
795813
let [left, _, right] = unsafe { rest.split_around(range) };
796814
self.n = n - 1;
797815
self.rest = right;
@@ -824,6 +842,8 @@ where
824842
}
825843
n => match self.searcher.rsearch(rest.borrow()) {
826844
Some(range) => {
845+
// SAFETY: the start and end indices of `range` are returned from `rsearch`,
846+
// and both are valid indices.
827847
let [left, _, right] = unsafe { rest.split_around(range) };
828848
self.n = n - 1;
829849
self.rest = left;
@@ -896,6 +916,8 @@ where
896916
let mut searcher = from.into_searcher();
897917
let mut src = Span::from(src);
898918
while let Some(range) = searcher.search(src.borrow()) {
919+
// SAFETY: the start and end indices of `range` are returned from `search`,
920+
// and both are valid indices.
899921
let [left, middle, right] = unsafe { src.split_around(range) };
900922
writer(Span::into(left));
901923
writer(replacer(Span::into(middle)));
@@ -921,6 +943,8 @@ where
921943
}
922944
n -= 1;
923945
if let Some(range) = searcher.search(src.borrow()) {
946+
// SAFETY: the start and end indices of `range` are returned from `search`,
947+
// and both are valid indices.
924948
let [left, middle, right] = unsafe { src.split_around(range) };
925949
writer(Span::into(left));
926950
writer(replacer(Span::into(middle)));

library/core/src/needle/haystack.rs

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -175,6 +175,7 @@ where
175175
/// The starts and end indices of `range` must be valid indices for the
176176
/// haystack `self` with `range.start <= range.end`.
177177
unsafe fn slice_unchecked(self, range: Range<<Self::Target as Hay>::Index>) -> Self {
178+
// SAFETY: the caller must guarantee that starts and end indices of `range` are valid indices.
178179
let [_, middle, _] = unsafe { self.split_around(range) };
179180
middle
180181
}
@@ -307,6 +308,7 @@ where
307308
self,
308309
subrange: Range<<Self::Target as Hay>::Index>,
309310
) -> [Self; 3] {
311+
// SAFETY: the caller must guarantee that starts and end indices of `subrange` are valid indices.
310312
unsafe { self.split_around(subrange) }
311313
}
312314

@@ -315,6 +317,7 @@ where
315317
self,
316318
subrange: Range<<Self::Target as Hay>::Index>,
317319
) -> Self {
320+
// SAFETY: the caller must guarantee that starts and end indices of `subrange` are valid indices.
318321
unsafe { self.slice_unchecked(subrange) }
319322
}
320323
}
@@ -330,6 +333,7 @@ where
330333

331334
#[inline]
332335
fn from_span(span: Span<Self>) -> Self {
336+
// SAFETY: span's range is guaranteed to be valid for the haystack.
333337
unsafe { span.haystack.slice_unchecked(span.range) }
334338
}
335339

@@ -469,6 +473,7 @@ where
469473
pub unsafe fn split_around(self, subrange: Range<<H::Target as Hay>::Index>) -> [Self; 3] {
470474
let self_range = self.haystack.borrow_range(self.range.clone());
471475
let [left, middle, right] =
476+
// SAFETY: the caller must guarantee that starts and end indices of `subrange` are valid indices.
472477
unsafe { self.haystack.split_around_for_span(subrange.clone()) };
473478

474479
let left_range =
@@ -490,6 +495,7 @@ where
490495
/// `subrange` must be a valid range relative to `self.borrow()`.
491496
#[inline]
492497
pub unsafe fn slice_unchecked(self, subrange: Range<<H::Target as Hay>::Index>) -> Self {
498+
// SAFETY: the caller must guarantee that starts and end indices of `subrange` are valid indices.
493499
let haystack = unsafe { self.haystack.slice_unchecked_for_span(subrange.clone()) };
494500
let range = haystack.do_restore_range(self.range, subrange);
495501
Self { haystack, range }
@@ -504,6 +510,7 @@ unsafe impl<'a, A: Hay + ?Sized + 'a> Haystack for &'a A {
504510

505511
#[inline]
506512
unsafe fn split_around(self, range: Range<A::Index>) -> [Self; 3] {
513+
// SAFETY: the caller must guarantee that starts and end indices of `range` are valid indices.
507514
unsafe {
508515
[
509516
self.slice_unchecked(self.start_index()..range.start),
@@ -515,6 +522,7 @@ unsafe impl<'a, A: Hay + ?Sized + 'a> Haystack for &'a A {
515522

516523
#[inline]
517524
unsafe fn slice_unchecked(self, range: Range<A::Index>) -> Self {
525+
// SAFETY: the caller must guarantee that starts and end indices of `range` are valid indices.
518526
unsafe { A::slice_unchecked(self, range) }
519527
}
520528

@@ -546,16 +554,19 @@ unsafe impl Hay for str {
546554

547555
#[inline]
548556
unsafe fn slice_unchecked(&self, range: Range<usize>) -> &Self {
557+
// SAFETY: the caller must guarantee that starts and end indices of `range` are valid indices.
549558
unsafe { self.get_unchecked(range) }
550559
}
551560

552561
#[inline]
553562
unsafe fn next_index(&self, index: Self::Index) -> Self::Index {
563+
// SAFETY: the caller must guarantee that `index` is a valid index.
554564
index + unsafe { self.get_unchecked(index..).chars().next().unwrap().len_utf8() }
555565
}
556566

557567
#[inline]
558568
unsafe fn prev_index(&self, index: Self::Index) -> Self::Index {
569+
// SAFETY: the caller must guarantee that `index` is a valid index.
559570
index - unsafe { self.get_unchecked(..index).chars().next_back().unwrap().len_utf8() }
560571
}
561572
}
@@ -568,6 +579,7 @@ unsafe impl<'h> Haystack for &'h mut str {
568579

569580
#[inline]
570581
unsafe fn slice_unchecked(self, range: Range<usize>) -> Self {
582+
// SAFETY: the caller must guarantee that starts and end indices of `range` are valid indices.
571583
unsafe { self.get_unchecked_mut(range) }
572584
}
573585

@@ -604,6 +616,7 @@ unsafe impl<T> Hay for [T] {
604616

605617
#[inline]
606618
unsafe fn slice_unchecked(&self, range: Range<usize>) -> &Self {
619+
// SAFETY: the caller must guarantee that starts and end indices of `range` are valid indices.
607620
unsafe { self.get_unchecked(range) }
608621
}
609622

@@ -626,6 +639,7 @@ unsafe impl<'h, T: 'h> Haystack for &'h mut [T] {
626639

627640
#[inline]
628641
unsafe fn slice_unchecked(self, range: Range<usize>) -> Self {
642+
// SAFETY: the caller must guarantee that starts and end indices of `range` are valid indices.
629643
unsafe { self.get_unchecked_mut(range) }
630644
}
631645

library/core/src/needle/needle.rs

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -167,6 +167,7 @@ pub unsafe trait Consumer<A: Hay + ?Sized> {
167167
if pos == range.start {
168168
break;
169169
}
170+
// SAFETY: span's range is guaranteed to be valid for the haystack.
170171
span = unsafe { Span::from_parts(hay, pos..range.end) };
171172
}
172173
offset
@@ -250,6 +251,7 @@ pub unsafe trait ReverseConsumer<A: Hay + ?Sized>: Consumer<A> {
250251
if pos == range.end {
251252
break;
252253
}
254+
// SAFETY: span's range is guaranteed to be valid for the haystack.
253255
span = unsafe { Span::from_parts(hay, range.start..pos) };
254256
}
255257
offset
@@ -342,6 +344,7 @@ unsafe impl<A: Hay + ?Sized> Searcher<A> for EmptySearcher {
342344
} else if range.start == range.end {
343345
return None;
344346
} else {
347+
// SAFETY: span's range is guaranteed to be valid for the haystack.
345348
unsafe { hay.next_index(range.start) }
346349
};
347350
Some(start..start)
@@ -371,6 +374,7 @@ unsafe impl<A: Hay + ?Sized> ReverseSearcher<A> for EmptySearcher {
371374
} else if range.start == range.end {
372375
return None;
373376
} else {
377+
// SAFETY: span's range is guaranteed to be valid for the haystack.
374378
unsafe { hay.prev_index(range.end) }
375379
};
376380
Some(end..end)

0 commit comments

Comments
 (0)