Skip to content

Commit 8ab516b

Browse files
pascaldekloepascaldekloe
committed
codereview @tgross35 & @ChrisDenton on pull request #135265 
1 parent 36cea6c commit 8ab516b

File tree

1 file changed

+16
-12
lines changed

1 file changed

+16
-12
lines changed

library/core/src/fmt/num.rs

Lines changed: 16 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
//! Integer and floating-point number formatting
22
3-
use crate::mem::MaybeUninit;
3+
use crate::mem::{MaybeUninit, size_of};
44
use crate::num::fmt as numfmt;
55
use crate::ops::{Div, Rem, Sub};
66
use crate::{fmt, ptr, slice, str};
@@ -244,15 +244,17 @@ macro_rules! impl_Display {
244244

245245
// Format per four digits from the lookup table.
246246
// Four digits need a 16-bit $unsigned or wider.
247-
while const { Self::MAX as u128 > 999 } && remain > 999.try_into().unwrap() {
248-
// SAFETY: All of the decimals fit in buf due to MAX_DEC_N.
247+
while size_of::<Self>() > 1 && remain > 999.try_into().unwrap() {
248+
// SAFETY: All of the decimals fit in buf due to MAX_DEC_N
249+
// and the while condition ensures at least 4 more decimals.
249250
unsafe { core::hint::assert_unchecked(offset >= 4) }
250251
// SAFETY: The offset counts down from its initial buf.len()
251-
// without underflow due to the previous assertion.
252+
// without underflow due to the previous precondition.
252253
unsafe { core::hint::assert_unchecked(offset <= buf.len()) }
253254
offset -= 4;
254255

255-
let scale: Self = 100_00.try_into().unwrap();
256+
// pull two pairs
257+
let scale: Self = 1_00_00.try_into().unwrap();
256258
let quad = remain % scale;
257259
remain /= scale;
258260
let pair1 = (quad / 100) as usize;
@@ -265,10 +267,11 @@ macro_rules! impl_Display {
265267

266268
// Format per two digits from the lookup table.
267269
if remain > 9 {
268-
// SAFETY: All of the decimals fit in buf due to MAX_DEC_N.
270+
// SAFETY: All of the decimals fit in buf due to MAX_DEC_N
271+
// and the while condition ensures at least 2 more decimals.
269272
unsafe { core::hint::assert_unchecked(offset >= 2) }
270273
// SAFETY: The offset counts down from its initial buf.len()
271-
// without underflow due to the previous assertion.
274+
// without underflow due to the previous precondition.
272275
unsafe { core::hint::assert_unchecked(offset <= buf.len()) }
273276
offset -= 2;
274277

@@ -280,10 +283,11 @@ macro_rules! impl_Display {
280283

281284
// Format the last remaining digit, if any.
282285
if remain != 0 || self == 0 {
283-
// SAFETY: All of the decimals fit in buf due to MAX_DEC_N.
286+
// SAFETY: All of the decimals fit in buf due to MAX_DEC_N
287+
// and the if condition ensures (at least) 1 more decimals.
284288
unsafe { core::hint::assert_unchecked(offset >= 1) }
285289
// SAFETY: The offset counts down from its initial buf.len()
286-
// without underflow due to the previous assertion.
290+
// without underflow due to the previous precondition.
287291
unsafe { core::hint::assert_unchecked(offset <= buf.len()) }
288292
offset -= 1;
289293

@@ -294,10 +298,10 @@ macro_rules! impl_Display {
294298
// not used: remain = 0;
295299
}
296300

297-
// SAFETY: All buf content since offset is set with bytes form
298-
// the lookup table, which consists of valid ASCII exclusively.
301+
// SAFETY: All buf content since offset is set.
302+
let written = unsafe { buf.get_unchecked(offset..) };
303+
// SAFETY: Writes use ASCII from the lookup table exclusively.
299304
f.pad_integral(is_nonnegative, "", unsafe {
300-
let written = buf.get_unchecked(offset..);
301305
str::from_utf8_unchecked(slice::from_raw_parts(
302306
MaybeUninit::slice_as_ptr(written),
303307
written.len(),

0 commit comments

Comments
 (0)