std: Use read_unaligned for reading DWARF · model-checking/verify-rust-std@d59f862 (original) (raw)

Original file line number Diff line number Diff line change
@@ -17,32 +17,30 @@ pub struct DwarfReader {
17 17 pub ptr: *const u8,
18 18 }
19 19
20 -#[repr(C, packed)]
21 -struct Unaligned<T>(T);
22 -
20 +#[deny(unsafe_op_in_unsafe_fn)]
23 21 impl DwarfReader {
24 22 pub fn new(ptr: *const u8) -> DwarfReader {
25 23 DwarfReader { ptr }
26 24 }
27 25
28 -// DWARF streams are packed, so e.g., a u32 would not necessarily be aligned
29 -// on a 4-byte boundary. This may cause problems on platforms with strict
30 -// alignment requirements. By wrapping data in a "packed" struct, we are
31 -// telling the backend to generate "misalignment-safe" code.
26 +/// Read a type T and then bump the pointer by that amount.
27 + ///
28 + /// DWARF streams are "packed", so all types must be read at align 1.
32 29 pub unsafe fn read<T: Copy>(&mut self) -> T {
33 -let Unaligned(result) = *(self.ptr as *const Unaligned<T>);
34 -self.ptr = self.ptr.add(mem::size_of::<T>());
35 - result
30 +unsafe {
31 +let result = self.ptr.cast::<T>().read_unaligned();
32 +self.ptr = self.ptr.byte_add(mem::size_of::<T>());
33 + result
34 +}
36 35 }
37 36
38 -// ULEB128 and SLEB128 encodings are defined in Section 7.6 - "Variable
39 -// Length Data".
37 +/// ULEB128 and SLEB128 encodings are defined in Section 7.6 - "Variable Length Data".
40 38 pub unsafe fn read_uleb128(&mut self) -> u64 {
41 39 let mut shift: usize = 0;
42 40 let mut result: u64 = 0;
43 41 let mut byte: u8;
44 42 loop {
45 - byte = self.read::<u8>();
43 + byte = unsafe { self.read::<u8>() };
46 44 result |= ((byte & 0x7F) as u64) << shift;
47 45 shift += 7;
48 46 if byte & 0x80 == 0 {
@@ -57,7 +55,7 @@ impl DwarfReader {
57 55 let mut result: u64 = 0;
58 56 let mut byte: u8;
59 57 loop {
60 - byte = self.read::<u8>();
58 + byte = unsafe { self.read::<u8>() };
61 59 result |= ((byte & 0x7F) as u64) << shift;
62 60 shift += 7;
63 61 if byte & 0x80 == 0 {