diff --git a/core/src/slice/sort/select.rs b/core/src/slice/sort/select.rs index e0c1085916e5e..6212def30416b 100644 --- a/core/src/slice/sort/select.rs +++ b/core/src/slice/sort/select.rs @@ -92,7 +92,10 @@ fn partition_at_index_loop<'a, T, F>( // slice. Partition the slice into elements equal to and elements greater than the pivot. // This case is usually hit when the slice contains many duplicate elements. if let Some(p) = ancestor_pivot { - if !is_less(p, unsafe { v.get_unchecked(pivot_pos) }) { + // SAFETY: choose_pivot promises to return a valid pivot position. + let pivot = unsafe { v.get_unchecked(pivot_pos) }; + + if !is_less(p, pivot) { let num_lt = partition(v, pivot_pos, &mut |a, b| !is_less(b, a)); // Continue sorting elements greater than the pivot. We know that `mid` contains diff --git a/core/src/slice/sort/shared/smallsort.rs b/core/src/slice/sort/shared/smallsort.rs index 8dbd45a389ca3..6e4424310e80f 100644 --- a/core/src/slice/sort/shared/smallsort.rs +++ b/core/src/slice/sort/shared/smallsort.rs @@ -177,6 +177,8 @@ fn small_sort_fallback bool>(v: &mut [T], is_less: &mut F fn small_sort_general bool>(v: &mut [T], is_less: &mut F) { let mut stack_array = MaybeUninit::<[T; SMALL_SORT_GENERAL_SCRATCH_LEN]>::uninit(); + // SAFETY: The memory is backed by `stack_array`, and the operation is safe as long as the len + // is the same. let scratch = unsafe { slice::from_raw_parts_mut( stack_array.as_mut_ptr() as *mut MaybeUninit, @@ -327,8 +329,9 @@ where } // SAFETY: The right side of `v` based on `len_div_2` is guaranteed in-bounds. - region = - unsafe { &mut *ptr::slice_from_raw_parts_mut(v_base.add(len_div_2), len - len_div_2) }; + unsafe { + region = &mut *ptr::slice_from_raw_parts_mut(v_base.add(len_div_2), len - len_div_2) + }; } // SAFETY: We checked that T is Freeze and thus observation safe. @@ -812,14 +815,6 @@ pub(crate) const fn has_efficient_in_place_swap() -> bool { mem::size_of::() <= 8 // mem::size_of::() } -#[test] -fn type_info() { - assert!(has_efficient_in_place_swap::()); - assert!(has_efficient_in_place_swap::()); - assert!(!has_efficient_in_place_swap::()); - assert!(!has_efficient_in_place_swap::()); -} - /// SAFETY: Only used for run-time optimization heuristic. #[rustc_unsafe_specialization_marker] trait CopyMarker {} diff --git a/core/src/slice/sort/stable/quicksort.rs b/core/src/slice/sort/stable/quicksort.rs index b6d6d3ec8ea73..e1734ce8d8b46 100644 --- a/core/src/slice/sort/stable/quicksort.rs +++ b/core/src/slice/sort/stable/quicksort.rs @@ -256,12 +256,3 @@ const fn has_direct_interior_mutability() -> bool { // Otherwise a type like Mutex>> could lead to double free. !T::is_freeze() } - -#[test] -fn freeze_check() { - assert!(!has_direct_interior_mutability::()); - assert!(!has_direct_interior_mutability::<[u128; 2]>()); - - assert!(has_direct_interior_mutability::>()); - assert!(has_direct_interior_mutability::>()); -} diff --git a/core/src/slice/sort/unstable/quicksort.rs b/core/src/slice/sort/unstable/quicksort.rs index c3b4339d70477..533b5b0eec767 100644 --- a/core/src/slice/sort/unstable/quicksort.rs +++ b/core/src/slice/sort/unstable/quicksort.rs @@ -325,6 +325,8 @@ struct GapGuard { impl Drop for GapGuard { fn drop(&mut self) { + // SAFETY: `self` MUST be constructed in a way that makes copying the gap value into + // `self.pos` sound. unsafe { ptr::copy_nonoverlapping(&*self.value, self.pos, 1); } @@ -340,6 +342,8 @@ struct GapGuardRaw { impl Drop for GapGuardRaw { fn drop(&mut self) { + // SAFETY: `self` MUST be constructed in a way that makes copying the gap value into + // `self.pos` sound. unsafe { ptr::copy_nonoverlapping(self.value, self.pos, 1); } diff --git a/core/tests/slice.rs b/core/tests/slice.rs index 3870fcb5f0f5f..1fe92afb6bb41 100644 --- a/core/tests/slice.rs +++ b/core/tests/slice.rs @@ -1803,7 +1803,6 @@ fn brute_force_rotate_test_1() { #[test] #[cfg(not(target_arch = "wasm32"))] fn sort_unstable() { - // use core::cmp::Ordering::{Equal, Greater, Less}; use rand::Rng; // Miri is too slow (but still need to `chain` to make the types match)