UB-check for alignment of ptr to Box::from_raw{,_in}

Author: hkBst

library/alloc/src/boxed.rs

@@ -182,6 +182,7 @@
 //! [valid]: ptr#safety
 
 #![stable(feature = "rust1", since = "1.0.0")]
+#![feature(ub_checks)]
 
 use core::borrow::{Borrow, BorrowMut};
 #[cfg(not(no_global_oom_handling))]
@@ -200,6 +201,7 @@ use core::ops::{
 use core::pin::{Pin, PinCoerceUnsized};
 use core::ptr::{self, NonNull, Unique};
 use core::task::{Context, Poll};
+use core::ub_checks::assert_pointer_is_aligned_and_not_null;
 
 #[cfg(not(no_global_oom_handling))]
 use crate::alloc::handle_alloc_error;
@@ -1017,7 +1019,7 @@ impl<T: ?Sized> Box<T> {
     /// resulting `Box`. Specifically, the `Box` destructor will call
     /// the destructor of `T` and free the allocated memory. For this
     /// to be safe, the memory must have been allocated in accordance
-    /// with the [memory layout] used by `Box` .
+    /// with the [memory layout] used by `Box`.
     ///
     /// # Safety
     ///
@@ -1056,8 +1058,9 @@ impl<T: ?Sized> Box<T> {
     #[stable(feature = "box_raw", since = "1.4.0")]
     #[inline]
     #[must_use = "call `drop(Box::from_raw(ptr))` if you intend to drop the `Box`"]
-    pub unsafe fn from_raw(raw: *mut T) -> Self {
-        unsafe { Self::from_raw_in(raw, Global) }
+    pub unsafe fn from_raw(ptr: *mut T) -> Self {
+        assert_pointer_is_aligned_and_not_null!("Box::from_raw", ptr, align_of::<T>(), T::IS_ZST);
+        unsafe { Self::from_raw_in(ptr, Global) }
     }
 
     /// Constructs a box from a `NonNull` pointer.
@@ -1111,6 +1114,12 @@ impl<T: ?Sized> Box<T> {
     #[inline]
     #[must_use = "call `drop(Box::from_non_null(ptr))` if you intend to drop the `Box`"]
     pub unsafe fn from_non_null(ptr: NonNull<T>) -> Self {
+        assert_pointer_is_aligned_and_not_null!(
+            "Box::from_non_null",
+            ptr,
+            align_of::<T>(),
+            T::IS_ZST
+        );
         unsafe { Self::from_raw(ptr.as_ptr()) }
     }
 }
@@ -1166,8 +1175,14 @@ impl<T: ?Sized, A: Allocator> Box<T, A> {
     #[unstable(feature = "allocator_api", issue = "32838")]
     #[rustc_const_unstable(feature = "const_box", issue = "92521")]
     #[inline]
-    pub const unsafe fn from_raw_in(raw: *mut T, alloc: A) -> Self {
-        Box(unsafe { Unique::new_unchecked(raw) }, alloc)
+    pub const unsafe fn from_raw_in(ptr: *mut T, alloc: A) -> Self {
+        assert_pointer_is_aligned_and_not_null!(
+            "Box::from_raw_in",
+            ptr,
+            align_of::<T>(),
+            T::IS_ZST
+        );
+        Box(unsafe { Unique::new_unchecked(ptr) }, alloc)
     }
 
     /// Constructs a box from a `NonNull` pointer in the given allocator.

library/core/src/ub_checks.rs

@@ -129,6 +129,19 @@ pub(crate) const fn maybe_is_aligned_and_not_null(
     )
 }
 
+/// Specialized version of `assert_unsafe_precondition` for checking that a pointer is properly aligned and not null
+#[macro_export]
+#[unstable(feature = "ub_checks", issue = "none")]
+macro_rules! assert_pointer_is_aligned_and_not_null {
+    ($function_name: literal, $ptr: expr, $align: expr, $is_zst: expr) => {
+        assert_unsafe_precondition!(
+            check_language_ub,
+            concat!($function_name, " requires that its pointer argument is properly aligned and not null"),
+            () => ub_checks::maybe_is_aligned_and_not_null(ptr as *const (), $align, $is_zst)
+        );
+    }
+}
+
 #[inline]
 pub(crate) const fn is_valid_allocation_size(size: usize, len: usize) -> bool {
     let max_len = if size == 0 { usize::MAX } else { isize::MAX as usize / size };