use unions instead of transmute and add const safety comments

author Trevor Spiteri <tspiteri@ieee.org>

Wed, 26 Feb 2020 10:59:37 +0000 (11:59 +0100)

committer Trevor Spiteri <tspiteri@ieee.org>

Wed, 26 Feb 2020 10:59:37 +0000 (11:59 +0100)
author Trevor Spiteri <tspiteri@ieee.org>
Wed, 26 Feb 2020 10:59:37 +0000 (11:59 +0100)
committer Trevor Spiteri <tspiteri@ieee.org>
Wed, 26 Feb 2020 10:59:37 +0000 (11:59 +0100)
diff --git a/src/libcore/num/mod.rs b/src/libcore/num/mod.rs

index 22897680567e28228985ceb9b8506bc3fd8e6eaa..b64abc319360eb27b903631dca70977a4996c33a 100644 (file)
--- a/src/libcore/num/mod.rs
+++ b/src/libcore/num/mod.rs
@@ -2251,12 +2251,19 @@ pub const fn is_negative(self) -> bool { self < 0 }
  ```"),
              #[stable(feature = "int_to_from_bytes", since = "1.32.0")]
              #[rustc_const_stable(feature = "const_int_conversion", since = "1.43.0")]
-            #[allow_internal_unstable(const_transmute)]
+            // SAFETY: const sound because integers are plain old datatypes so we can always
+            // transmute them to arrays of bytes
+            #[allow_internal_unstable(const_fn_union)]
              #[inline]
              pub const fn to_ne_bytes(self) -> [u8; mem::size_of::<Self>()] {
+                #[repr(C)]
+                union Bytes {
+                    val: $SelfT,
+                    bytes: [u8; mem::size_of::<$SelfT>()],
+                }
                  // SAFETY: integers are plain old datatypes so we can always transmute them to
                  // arrays of bytes
-                unsafe { mem::transmute(self) }
+                unsafe { Bytes { val: self }.bytes }
              }
          }
  
@@ -2362,11 +2369,18 @@ fn read_ne_", stringify!($SelfT), "(input: &mut &[u8]) -> ", stringify!($SelfT),
  ```"),
              #[stable(feature = "int_to_from_bytes", since = "1.32.0")]
              #[rustc_const_stable(feature = "const_int_conversion", since = "1.43.0")]
-            #[allow_internal_unstable(const_transmute)]
+            // SAFETY: const sound because integers are plain old datatypes so we can always
+            // transmute to them
+            #[allow_internal_unstable(const_fn_union)]
              #[inline]
              pub const fn from_ne_bytes(bytes: [u8; mem::size_of::<Self>()]) -> Self {
+                #[repr(C)]
+                union Bytes {
+                    val: $SelfT,
+                    bytes: [u8; mem::size_of::<$SelfT>()],
+                }
                  // SAFETY: integers are plain old datatypes so we can always transmute to them
-                unsafe { mem::transmute(bytes) }
+                unsafe { Bytes { bytes }.val }
              }
          }
      }
@@ -4190,12 +4204,19 @@ pub const fn wrapping_next_power_of_two(self) -> Self {
  ```"),
              #[stable(feature = "int_to_from_bytes", since = "1.32.0")]
              #[rustc_const_stable(feature = "const_int_conversion", since = "1.43.0")]
-            #[allow_internal_unstable(const_transmute)]
+            // SAFETY: const sound because integers are plain old datatypes so we can always
+            // transmute them to arrays of bytes
+            #[allow_internal_unstable(const_fn_union)]
              #[inline]
              pub const fn to_ne_bytes(self) -> [u8; mem::size_of::<Self>()] {
+                #[repr(C)]
+                union Bytes {
+                    val: $SelfT,
+                    bytes: [u8; mem::size_of::<$SelfT>()],
+                }
                  // SAFETY: integers are plain old datatypes so we can always transmute them to
                  // arrays of bytes
-                unsafe { mem::transmute(self) }
+                unsafe { Bytes { val: self }.bytes }
              }
          }
  
@@ -4301,11 +4322,18 @@ fn read_ne_", stringify!($SelfT), "(input: &mut &[u8]) -> ", stringify!($SelfT),
  ```"),
              #[stable(feature = "int_to_from_bytes", since = "1.32.0")]
              #[rustc_const_stable(feature = "const_int_conversion", since = "1.43.0")]
-            #[allow_internal_unstable(const_transmute)]
+            // SAFETY: const sound because integers are plain old datatypes so we can always
+            // transmute to them
+            #[allow_internal_unstable(const_fn_union)]
              #[inline]
              pub const fn from_ne_bytes(bytes: [u8; mem::size_of::<Self>()]) -> Self {
+                #[repr(C)]
+                union Bytes {
+                    val: $SelfT,
+                    bytes: [u8; mem::size_of::<$SelfT>()],
+                }
                  // SAFETY: integers are plain old datatypes so we can always transmute to them
-                unsafe { mem::transmute(bytes) }
+                unsafe { Bytes { bytes }.val }
              }
          }
      }
author	Trevor Spiteri <tspiteri@ieee.org>
	Wed, 26 Feb 2020 10:59:37 +0000 (11:59 +0100)
committer	Trevor Spiteri <tspiteri@ieee.org>
	Wed, 26 Feb 2020 10:59:37 +0000 (11:59 +0100)