rusticl/kernel: mark can_remove_var as unsafe and document it

author Karol Herbst <git@karolherbst.de>

Thu, 3 Aug 2023 13:17:41 +0000 (15:17 +0200)

committer Marge Bot <emma+marge@anholt.net>

Fri, 4 Aug 2023 12:55:33 +0000 (12:55 +0000)
author Karol Herbst <git@karolherbst.de>
Thu, 3 Aug 2023 13:17:41 +0000 (15:17 +0200)
committer Marge Bot <emma+marge@anholt.net>
Fri, 4 Aug 2023 12:55:33 +0000 (12:55 +0000)
diff --git a/src/gallium/frontends/rusticl/core/kernel.rs b/src/gallium/frontends/rusticl/core/kernel.rs

index 867dc90..ff077b2 100644 (file)
--- a/src/gallium/frontends/rusticl/core/kernel.rs
+++ b/src/gallium/frontends/rusticl/core/kernel.rs
@@ -377,12 +377,18 @@ fn opt_nir(nir: &mut NirShader, dev: &Device) {
      } {}
  }
  
-extern "C" fn can_remove_var(var: *mut nir_variable, _: *mut c_void) -> bool {
+/// # Safety
+///
+/// Only safe to call when `var` is a valid pointer to a valid [`nir_variable`]
+unsafe extern "C" fn can_remove_var(var: *mut nir_variable, _: *mut c_void) -> bool {
+    // SAFETY: It is the caller's responsibility to provide a valid and aligned pointer
+    let var_type = unsafe { (*var).type_ };
+    // SAFETY: `nir_variable`'s type invariant guarantees that the `type_` field is valid and
+    // properly aligned.
      unsafe {
-        let var = var.as_ref().unwrap();
-        !glsl_type_is_image(var.type_)
-            && !glsl_type_is_texture(var.type_)
-            && !glsl_type_is_sampler(var.type_)
+        !glsl_type_is_image(var_type)
+            && !glsl_type_is_texture(var_type)
+            && !glsl_type_is_sampler(var_type)
      }
  }
author	Karol Herbst <git@karolherbst.de>
	Thu, 3 Aug 2023 13:17:41 +0000 (15:17 +0200)
committer	Marge Bot <emma+marge@anholt.net>
	Fri, 4 Aug 2023 12:55:33 +0000 (12:55 +0000)