diff options
| author | Matthias Krüger <matthias.krueger@famsik.de> | 2024-03-13 20:01:58 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-03-13 20:01:58 +0100 |
| commit | 89c3fa92d41d194676e9edefdb72e7a5a5e730ab (patch) | |
| tree | a6ca1bfeb4ee24be82c9a831dd7695ba7e7a1b3b /compiler/rustc_codegen_llvm/src | |
| parent | 5c2aa6dc6f78ce8cd65dd526ed8a84d2be425c1e (diff) | |
| parent | 216df4a8e6358a515ba95fb1a92864d1b94c37f3 (diff) | |
| download | rust-89c3fa92d41d194676e9edefdb72e7a5a5e730ab.tar.gz rust-89c3fa92d41d194676e9edefdb72e7a5a5e730ab.zip | |
Rollup merge of #122438 - jswrenn:check-referent-size, r=compiler-errors
Safe Transmute: Require that source referent is smaller than destination
`BikeshedIntrinsicFrom` currently models transmute-via-union; i.e., it attempts to provide a `where` bound for this function:
```rust
pub unsafe fn transmute_via_union<Src, Dst>(src: Src) -> Dst {
use core::mem::*;
#[repr(C)]
union Transmute<T, U> {
src: ManuallyDrop<T>,
dst: ManuallyDrop<U>,
}
let transmute = Transmute { src: ManuallyDrop::new(src) };
// SAFETY: The caller must guarantee that the transmutation is safe.
let dst = transmute.dst;
ManuallyDrop::into_inner(dst)
}
```
A quirk of this model is that it admits padding extensions in value-to-value transmutation: The destination type can be bigger than the source type, so long as the excess consists of uninitialized bytes. However, this isn't permissible for reference-to-reference transmutations (introduced in #110662) — extra referent bytes cannot come from thin air.
This PR patches our analysis for reference-to-reference transmutations to require that the destination referent is no larger than the source referent.
r? `@compiler-errors`
Diffstat (limited to 'compiler/rustc_codegen_llvm/src')
0 files changed, 0 insertions, 0 deletions