From afb817054c7e95ef1cef879030062b67d5a2d5e3 Mon Sep 17 00:00:00 2001 From: David Tolnay Date: Sat, 14 Nov 2020 13:54:45 -0800 Subject: [PATCH] Move likely/unlikely argument outside of invisible unsafe block The previous `likely!`/`unlikely!` macros were unsound because it permits the caller's expr to contain arbitrary unsafe code. pub fn huh() -> bool { likely!(std::ptr::read(&() as *const () as *const bool)) } Before: compiles cleanly. After: error[E0133]: call to unsafe function is unsafe and requires unsafe function or block | 70 | likely!(std::ptr::read(&() as *const () as *const bool)) | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ call to unsafe function | = note: consult the function's documentation for information on how to avoid undefined behavior --- compiler/rustc_data_structures/src/lib.rs | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/compiler/rustc_data_structures/src/lib.rs b/compiler/rustc_data_structures/src/lib.rs index 7669b78834c..50a3c85e98a 100644 --- a/compiler/rustc_data_structures/src/lib.rs +++ b/compiler/rustc_data_structures/src/lib.rs @@ -47,9 +47,9 @@ pub fn cold_path R, R>(f: F) -> R { #[macro_export] macro_rules! likely { ($e:expr) => { - #[allow(unused_unsafe)] - { - unsafe { std::intrinsics::likely($e) } + match $e { + #[allow(unused_unsafe)] + e => unsafe { std::intrinsics::likely(e) }, } }; } @@ -57,9 +57,9 @@ macro_rules! likely { #[macro_export] macro_rules! unlikely { ($e:expr) => { - #[allow(unused_unsafe)] - { - unsafe { std::intrinsics::unlikely($e) } + match $e { + #[allow(unused_unsafe)] + e => unsafe { std::intrinsics::unlikely(e) }, } }; }