Merge pull request #388 from Niki4tap/ffi-dont-use-transmute

Discourage the use of transmute to construct invalid values
pull/391/head
Eric Huss 2 years ago committed by GitHub
commit 8ca2612680
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

@ -659,7 +659,8 @@ Certain Rust types are defined to never be `null`. This includes references (`&T
`&mut T`), boxes (`Box<T>`), and function pointers (`extern "abi" fn()`). When `&mut T`), boxes (`Box<T>`), and function pointers (`extern "abi" fn()`). When
interfacing with C, pointers that might be `null` are often used, which would seem to interfacing with C, pointers that might be `null` are often used, which would seem to
require some messy `transmute`s and/or unsafe code to handle conversions to/from Rust types. require some messy `transmute`s and/or unsafe code to handle conversions to/from Rust types.
However, the language provides a workaround. However, trying to construct/work with these invalid values **is undefined behavior**,
so you should use the following workaround instead.
As a special case, an `enum` is eligible for the "nullable pointer optimization" if it contains As a special case, an `enum` is eligible for the "nullable pointer optimization" if it contains
exactly two variants, one of which contains no data and the other contains a field of one of the exactly two variants, one of which contains no data and the other contains a field of one of the

Loading…
Cancel
Save