mirror of
https://github.com/rust-lang/rust.git
synced 2025-10-04 11:17:04 +00:00
fcff8f7f5a
The underlying implementation of `LLVMCreateConstantRangeAttribute` assumes that each of `LowerWords` and `UpperWords` points to enough u64 values to define an integer of the specified bit-length, and will encounter UB if that is not the case. Our safe wrapper function always passes pointers to `[u64; 2]` arrays, regardless of the bit-length specified. That's fine in practice, because scalar primitives never exceed 128 bits, but it is technically a soundness hole in a safe function. We can close the soundness hole by explicitly asserting `size_bits <= 128`. This is effectively just a stricter version of the existing check that the value must be small enough to fit in `c_uint`.
This directory currently contains some LLVM support code. This will generally be sent upstream to LLVM in time; for now it lives here. NOTE: the LLVM C++ ABI is subject to between-version breakage and must *never* be exposed to Rust. To allow for easy auditing of that, all Rust-exposed types must be typedef-ed as "LLVMXyz", or "LLVMRustXyz" if they were defined here. Functions that return a failure status and leave the error in the LLVM last error should return an LLVMRustResult rather than an int or anything to avoid confusion. When translating enums, add a single `Other` variant as the first one to allow for new variants to be added. It should abort when used as an input. All other types must not be typedef-ed as such.