diff --git a/core/src/num/niche_types.rs b/core/src/num/niche_types.rs index 096713c318f8d..47ff4254e533b 100644 --- a/core/src/num/niche_types.rs +++ b/core/src/num/niche_types.rs @@ -32,6 +32,16 @@ macro_rules! define_valid_range_type { }; impl $name { + #[inline] + pub const fn new(val: $int) -> Option { + if (val as $uint) >= ($low as $uint) && (val as $uint) <= ($high as $uint) { + // SAFETY: just checked the inclusive range + Some(unsafe { $name(val) }) + } else { + None + } + } + /// Constructs an instance of this type from the underlying integer /// primitive without checking whether its zero. /// diff --git a/std/src/os/fd/owned.rs b/std/src/os/fd/owned.rs index 1e814eca3c1a5..5cec11ecccf1c 100644 --- a/std/src/os/fd/owned.rs +++ b/std/src/os/fd/owned.rs @@ -67,13 +67,11 @@ impl BorrowedFd<'_> { /// The resource pointed to by `fd` must remain open for the duration of /// the returned `BorrowedFd`, and it must not have the value `-1`. #[inline] + #[track_caller] #[rustc_const_stable(feature = "io_safety", since = "1.63.0")] #[stable(feature = "io_safety", since = "1.63.0")] pub const unsafe fn borrow_raw(fd: RawFd) -> Self { - assert!(fd != u32::MAX as RawFd); - // SAFETY: we just asserted that the value is in the valid range and isn't `-1` (the only value bigger than `0xFF_FF_FF_FE` unsigned) - let fd = unsafe { ValidRawFd::new_unchecked(fd) }; - Self { fd, _phantom: PhantomData } + Self { fd: ValidRawFd::new(fd).expect("fd != -1"), _phantom: PhantomData } } } @@ -154,11 +152,9 @@ impl FromRawFd for OwnedFd { /// /// [io-safety]: io#io-safety #[inline] + #[track_caller] unsafe fn from_raw_fd(fd: RawFd) -> Self { - assert_ne!(fd, u32::MAX as RawFd); - // SAFETY: we just asserted that the value is in the valid range and isn't `-1` (the only value bigger than `0xFF_FF_FF_FE` unsigned) - let fd = unsafe { ValidRawFd::new_unchecked(fd) }; - Self { fd } + Self { fd: ValidRawFd::new(fd).expect("fd != -1") } } } diff --git a/std/src/os/solid/io.rs b/std/src/os/solid/io.rs index ca58a900c4451..c23d842b238b8 100644 --- a/std/src/os/solid/io.rs +++ b/std/src/os/solid/io.rs @@ -101,12 +101,9 @@ impl BorrowedFd<'_> { /// the returned `BorrowedFd`, and it must not have the value /// `SOLID_NET_INVALID_FD`. #[inline] + #[track_caller] pub const unsafe fn borrow_raw(fd: RawFd) -> Self { - assert!(fd != -1 as RawFd); - // SAFETY: we just asserted that the value is in the valid range and - // isn't `-1` (the only value bigger than `0xFF_FF_FF_FE` unsigned) - let fd = unsafe { ValidRawFd::new_unchecked(fd) }; - Self { fd, _phantom: PhantomData } + Self { fd: ValidRawFd::new(fd).expect("fd != -1"), _phantom: PhantomData } } } @@ -156,12 +153,9 @@ impl FromRawFd for OwnedFd { /// The resource pointed to by `fd` must be open and suitable for assuming /// ownership. The resource must not require any cleanup other than `close`. #[inline] + #[track_caller] unsafe fn from_raw_fd(fd: RawFd) -> Self { - assert_ne!(fd, -1 as RawFd); - // SAFETY: we just asserted that the value is in the valid range and - // isn't `-1` (the only value bigger than `0xFF_FF_FF_FE` unsigned) - let fd = unsafe { ValidRawFd::new_unchecked(fd) }; - Self { fd } + Self { fd: ValidRawFd::new(fd).expect("fd != -1") } } } diff --git a/std/src/os/windows/io/socket.rs b/std/src/os/windows/io/socket.rs index 6e13a8b502a73..2bc6ce222ae5c 100644 --- a/std/src/os/windows/io/socket.rs +++ b/std/src/os/windows/io/socket.rs @@ -58,12 +58,11 @@ impl BorrowedSocket<'_> { /// the returned `BorrowedSocket`, and it must not have the value /// `INVALID_SOCKET`. #[inline] + #[track_caller] #[rustc_const_stable(feature = "io_safety", since = "1.63.0")] #[stable(feature = "io_safety", since = "1.63.0")] pub const unsafe fn borrow_raw(socket: RawSocket) -> Self { - assert!(socket != sys::c::INVALID_SOCKET as RawSocket); - let socket = unsafe { ValidRawSocket::new_unchecked(socket) }; - Self { socket, _phantom: PhantomData } + Self { socket: ValidRawSocket::new(socket).expect("socket != -1"), _phantom: PhantomData } } } @@ -185,10 +184,9 @@ impl IntoRawSocket for OwnedSocket { #[stable(feature = "io_safety", since = "1.63.0")] impl FromRawSocket for OwnedSocket { #[inline] + #[track_caller] unsafe fn from_raw_socket(socket: RawSocket) -> Self { - debug_assert_ne!(socket, sys::c::INVALID_SOCKET as RawSocket); - let socket = unsafe { ValidRawSocket::new_unchecked(socket) }; - Self { socket } + Self { socket: ValidRawSocket::new(socket).expect("socket != -1") } } } diff --git a/std/src/sys/pal/solid/fs.rs b/std/src/sys/pal/solid/fs.rs index fa2e470d6b601..cc424141ea80c 100644 --- a/std/src/sys/pal/solid/fs.rs +++ b/std/src/sys/pal/solid/fs.rs @@ -22,12 +22,9 @@ struct FileDesc { impl FileDesc { #[inline] + #[track_caller] fn new(fd: c_int) -> FileDesc { - assert_ne!(fd, -1i32); - // Safety: we just asserted that the value is in the valid range and - // isn't `-1` (the only value bigger than `0xFF_FF_FF_FE` unsigned) - let fd = unsafe { CIntNotMinusOne::new_unchecked(fd) }; - FileDesc { fd } + FileDesc { fd: CIntNotMinusOne::new(fd).expect("fd != -1") } } #[inline]