Add assumptions that the pointer is non-null

author James Miller <james@aatch.net>

Tue, 20 Jan 2015 20:35:24 +0000 (09:35 +1300)

committer James Miller <james@aatch.net>

Tue, 20 Jan 2015 20:35:24 +0000 (09:35 +1300)
author James Miller <james@aatch.net>
Tue, 20 Jan 2015 20:35:24 +0000 (09:35 +1300)
committer James Miller <james@aatch.net>
Tue, 20 Jan 2015 20:35:24 +0000 (09:35 +1300)
diff --git a/src/liballoc/rc.rs b/src/liballoc/rc.rs

index 0f2a11cc1dbac555ec8d255c2b1d583f942ee34c..837d709e882092b36d809cb13c338f714f832b35 100644 (file)
--- a/src/liballoc/rc.rs
+++ b/src/liballoc/rc.rs
@@ -933,12 +933,26 @@ fn weak(&self) -> uint { self.inner().weak.get() }
  
  impl<T> RcBoxPtr<T> for Rc<T> {
      #[inline(always)]
-    fn inner(&self) -> &RcBox<T> { unsafe { &(**self._ptr) } }
+    fn inner(&self) -> &RcBox<T> {
+        unsafe {
+            // Safe to assume this here, as if it weren't true, we'd be breaking
+            // the contract anyway
+            assume(!self._ptr.is_null());
+            &(**self._ptr)
+        }
+    }
  }
  
  impl<T> RcBoxPtr<T> for Weak<T> {
      #[inline(always)]
-    fn inner(&self) -> &RcBox<T> { unsafe { &(**self._ptr) } }
+    fn inner(&self) -> &RcBox<T> {
+        unsafe {
+            // Safe to assume this here, as if it weren't true, we'd be breaking
+            // the contract anyway
+            assume(!self._ptr.is_null());
+            &(**self._ptr)
+        }
+    }
  }
  
  #[cfg(test)]
author	James Miller <james@aatch.net>
	Tue, 20 Jan 2015 20:35:24 +0000 (09:35 +1300)
committer	James Miller <james@aatch.net>
	Tue, 20 Jan 2015 20:35:24 +0000 (09:35 +1300)