Unrolled build for rust-lang#134606

rust-timer · web-flow · commit 9f7b2389d7ce · 2024-12-27T10:47:40.000-05:00
Rollup merge of rust-lang#134606 - RalfJung:ptr-copy-docs, r=Mark-Simulacrum ptr::copy: fix docs for the overlapping case Fixes rust-lang/unsafe-code-guidelines#549 As discussed in that issue, it doesn't make any sense for `copy` to read a byte via `src` after it was already written via `dst`. The entire point of this method is that is copies correctly even if they overlap, and that requires always reading any given location before writing it. Cc `@rust-lang/opsem`
diff --git a/compiler/rustc_const_eval/src/interpret/memory.rs b/compiler/rustc_const_eval/src/interpret/memory.rs
@@ -1359,6 +1359,8 @@ impl<'tcx, M: Machine<'tcx>> InterpCx<'tcx, M> {
         let src_alloc = self.get_alloc_raw(src_alloc_id)?;
         let src_range = alloc_range(src_offset, size);
         assert!(!self.memory.validation_in_progress, "we can't be copying during validation");
+        // For the overlapping case, it is crucial that we trigger the read hook
+        // before the write hook -- the aliasing model cares about the order.
         M::before_memory_read(
             tcx,
             &self.machine,
diff --git a/library/core/src/intrinsics/mod.rs b/library/core/src/intrinsics/mod.rs
@@ -4364,13 +4364,11 @@ pub const unsafe fn copy_nonoverlapping<T>(src: *const T, dst: *mut T, count: us
 ///
 /// Behavior is undefined if any of the following conditions are violated:
 ///
-/// * `src` must be [valid] for reads of `count * size_of::<T>()` bytes, and must remain valid even
-///   when `dst` is written for `count * size_of::<T>()` bytes. (This means if the memory ranges
-///   overlap, the two pointers must not be subject to aliasing restrictions relative to each
-///   other.)
+/// * `src` must be [valid] for reads of `count * size_of::<T>()` bytes.
 ///
 /// * `dst` must be [valid] for writes of `count * size_of::<T>()` bytes, and must remain valid even
-///   when `src` is read for `count * size_of::<T>()` bytes.
+///   when `src` is read for `count * size_of::<T>()` bytes. (This means if the memory ranges
+///   overlap, the `dst` pointer must not be invalidated by `src` reads.)
 ///
 /// * Both `src` and `dst` must be properly aligned.
 ///
