Make visit_clobber's impl safe

This commit is contained in:
Oli Scherer 2024-07-10 07:54:17 +00:00
parent 7caf6726db
commit 3562ec74ca

View File

@ -20,7 +20,7 @@ use rustc_span::symbol::Ident;
use rustc_span::Span; use rustc_span::Span;
use smallvec::{smallvec, Array, SmallVec}; use smallvec::{smallvec, Array, SmallVec};
use std::ops::DerefMut; use std::ops::DerefMut;
use std::{panic, ptr}; use std::panic;
use thin_vec::ThinVec; use thin_vec::ThinVec;
pub trait ExpectOne<A: Array> { pub trait ExpectOne<A: Array> {
@ -318,19 +318,8 @@ pub trait MutVisitor: Sized {
// //
// No `noop_` prefix because there isn't a corresponding method in `MutVisitor`. // No `noop_` prefix because there isn't a corresponding method in `MutVisitor`.
pub fn visit_clobber<T: DummyAstNode>(t: &mut T, f: impl FnOnce(T) -> T) { pub fn visit_clobber<T: DummyAstNode>(t: &mut T, f: impl FnOnce(T) -> T) {
unsafe { let old_t = std::mem::replace(t, T::dummy());
// Safe because `t` is used in a read-only fashion by `read()` before *t = f(old_t);
// being overwritten by `write()`.
let old_t = ptr::read(t);
let new_t =
panic::catch_unwind(panic::AssertUnwindSafe(|| f(old_t))).unwrap_or_else(|err| {
// Set `t` to some valid but possible meaningless value,
// and pass the fatal error further.
ptr::write(t, T::dummy());
panic::resume_unwind(err);
});
ptr::write(t, new_t);
}
} }
// No `noop_` prefix because there isn't a corresponding method in `MutVisitor`. // No `noop_` prefix because there isn't a corresponding method in `MutVisitor`.