@@ -3553,12 +3553,17 @@ where
35533553 // We panic if creating this type with all 0x01 bytes would
35543554 // cause LLVM UB.
35553555 //
3556- // Therefore, in order for us to not panic,
3557- // * the alignment of the pointer must be 1
3558- // (or we would have an unaligned pointer)
3556+ // Therefore, in order for us to not panic, it must either be a
3557+ // reference to [T] where T has align 1 (where we don't statically know
3558+ // the size, so we don't emit any dereferenceable), or a reference to str
3559+ // which acts much like a [u8].
35593560 //
3560- // * the statically known size of the pointee must be 0.
3561- // (or we would emit dereferenceable)
3561+ // We *do* need to panic for &dyn Trait, even though the layout of dyn Trait is
3562+ // size 0 align 1, because &dyn Trait holds a reference to a non-zero sized type,
3563+ // which also must be aligned.
3564+ //
3565+ // This even applies to *const dyn Trait, which holds a reference and therefore
3566+ // must be valid, so 1-initialization is not okay there.
35623567 //
35633568 // If this bypass didn't exist, old versions of `hyper` with no semver compatible
35643569 // fix (0.11, 0.12, 0.13) would panic, as they make uninit &[u8] and &str.
0 commit comments