Function creusot_contracts::std::ptr::write_volatile
1.9.0 · source · pub unsafe fn write_volatile<T>(dst: *mut T, src: T)
Expand description
Performs a volatile write of a memory location with the given value without reading or dropping the old value.
Volatile operations are intended to act on I/O memory, and are guaranteed to not be elided or reordered by the compiler across other volatile operations.
write_volatile
does not drop the contents of dst
. This is safe, but it
could leak allocations or resources, so care should be taken not to overwrite
an object that should be dropped.
Additionally, it does not drop src
. Semantically, src
is moved into the
location pointed to by dst
.
§Notes
Rust does not currently have a rigorously and formally defined memory model, so the precise semantics of what “volatile” means here is subject to change over time. That being said, the semantics will almost always end up pretty similar to C11’s definition of volatile.
The compiler shouldn’t change the relative order or number of volatile
memory operations. However, volatile memory operations on zero-sized types
(e.g., if a zero-sized type is passed to write_volatile
) are noops
and may be ignored.
§Safety
Behavior is undefined if any of the following conditions are violated:
-
dst
must be valid for writes. -
dst
must be properly aligned.
Note that even if T
has size 0
, the pointer must be non-null and properly aligned.
Just like in C, whether an operation is volatile has no bearing whatsoever
on questions involving concurrent access from multiple threads. Volatile
accesses behave exactly like non-atomic accesses in that regard. In particular,
a race between a write_volatile
and any other operation (reading or writing)
on the same location is undefined behavior.
§Examples
Basic usage:
let mut x = 0;
let y = &mut x as *mut i32;
let z = 12;
unsafe {
std::ptr::write_volatile(y, z);
assert_eq!(std::ptr::read_volatile(y), 12);
}