|
3 | 3 | //! Numeric traits and functions for the built-in numeric types. |
4 | 4 |
|
5 | 5 | #![stable(feature = "rust1", since = "1.0.0")] |
| 6 | +#![deny(unsafe_op_in_unsafe_fn)] |
6 | 7 |
|
7 | 8 | use crate::convert::Infallible; |
8 | 9 | use crate::fmt; |
@@ -74,7 +75,8 @@ assert_eq!(size_of::<Option<core::num::", stringify!($Ty), ">>(), size_of::<", s |
74 | 75 | #[rustc_const_stable(feature = "nonzero", since = "1.34.0")] |
75 | 76 | #[inline] |
76 | 77 | pub const unsafe fn new_unchecked(n: $Int) -> Self { |
77 | | - Self(n) |
| 78 | + // SAFETY: this is guaranteed to be safe by the caller. |
| 79 | + unsafe { Self(n) } |
78 | 80 | } |
79 | 81 |
|
80 | 82 | /// Creates a non-zero if the given value is not zero. |
@@ -762,7 +764,9 @@ cannot occur. This results in undefined behavior when `self + rhs > ", stringify |
762 | 764 | without modifying the original"] |
763 | 765 | #[inline] |
764 | 766 | pub unsafe fn unchecked_add(self, rhs: Self) -> Self { |
765 | | - intrinsics::unchecked_add(self, rhs) |
| 767 | + // SAFETY: the caller must uphold the safety contract for |
| 768 | + // `unchecked_add`. |
| 769 | + unsafe { intrinsics::unchecked_add(self, rhs) } |
766 | 770 | } |
767 | 771 | } |
768 | 772 |
|
@@ -804,7 +808,9 @@ cannot occur. This results in undefined behavior when `self - rhs > ", stringify |
804 | 808 | without modifying the original"] |
805 | 809 | #[inline] |
806 | 810 | pub unsafe fn unchecked_sub(self, rhs: Self) -> Self { |
807 | | - intrinsics::unchecked_sub(self, rhs) |
| 811 | + // SAFETY: the caller must uphold the safety contract for |
| 812 | + // `unchecked_sub`. |
| 813 | + unsafe { intrinsics::unchecked_sub(self, rhs) } |
808 | 814 | } |
809 | 815 | } |
810 | 816 |
|
@@ -846,7 +852,9 @@ cannot occur. This results in undefined behavior when `self * rhs > ", stringify |
846 | 852 | without modifying the original"] |
847 | 853 | #[inline] |
848 | 854 | pub unsafe fn unchecked_mul(self, rhs: Self) -> Self { |
849 | | - intrinsics::unchecked_mul(self, rhs) |
| 855 | + // SAFETY: the caller must uphold the safety contract for |
| 856 | + // `unchecked_mul`. |
| 857 | + unsafe { intrinsics::unchecked_mul(self, rhs) } |
850 | 858 | } |
851 | 859 | } |
852 | 860 |
|
@@ -2998,7 +3006,9 @@ cannot occur. This results in undefined behavior when `self + rhs > ", stringify |
2998 | 3006 | without modifying the original"] |
2999 | 3007 | #[inline] |
3000 | 3008 | pub unsafe fn unchecked_add(self, rhs: Self) -> Self { |
3001 | | - intrinsics::unchecked_add(self, rhs) |
| 3009 | + // SAFETY: the caller must uphold the safety contract for |
| 3010 | + // `unchecked_add`. |
| 3011 | + unsafe { intrinsics::unchecked_add(self, rhs) } |
3002 | 3012 | } |
3003 | 3013 | } |
3004 | 3014 |
|
@@ -3038,7 +3048,9 @@ cannot occur. This results in undefined behavior when `self - rhs > ", stringify |
3038 | 3048 | without modifying the original"] |
3039 | 3049 | #[inline] |
3040 | 3050 | pub unsafe fn unchecked_sub(self, rhs: Self) -> Self { |
3041 | | - intrinsics::unchecked_sub(self, rhs) |
| 3051 | + // SAFETY: the caller must uphold the safety contract for |
| 3052 | + // `unchecked_sub`. |
| 3053 | + unsafe { intrinsics::unchecked_sub(self, rhs) } |
3042 | 3054 | } |
3043 | 3055 | } |
3044 | 3056 |
|
@@ -3078,7 +3090,9 @@ cannot occur. This results in undefined behavior when `self * rhs > ", stringify |
3078 | 3090 | without modifying the original"] |
3079 | 3091 | #[inline] |
3080 | 3092 | pub unsafe fn unchecked_mul(self, rhs: Self) -> Self { |
3081 | | - intrinsics::unchecked_mul(self, rhs) |
| 3093 | + // SAFETY: the caller must uphold the safety contract for |
| 3094 | + // `unchecked_mul`. |
| 3095 | + unsafe { intrinsics::unchecked_mul(self, rhs) } |
3082 | 3096 | } |
3083 | 3097 | } |
3084 | 3098 |
|
|
0 commit comments