digama0
commented
1 year ago References to Sized types are guaranteed to have the ABI of a pointer, so this is a guaranteed layout. Even if it was a transmute from Predecessors to Predecessors it would still be sound because it is the same type, the layout of any type is the same as itself. (In this case it's not quite the same type because of the lifetimes, but rust also guarantees that the layout of a type does not depend on lifetimes, or else lifetime erasure would not be sound.)
shinmao
https://github.com/digama0/mm0/blob/98496badaf6464e56ed7b4204e7d54b85667cb01/mm0-rs/components/mmcc/src/types/mir.rs#L966-L974 The unsound transmute lies in the
compute_predecessorswhich provides reference type conversion. I found that the definition ofPredecessorsisstructofrepr(Rust)in the behind. https://github.com/digama0/mm0/blob/98496badaf6464e56ed7b4204e7d54b85667cb01/mm0-rs/components/mmcc/src/types/mod.rs#L39-L41repr(Rust)is unspecified representation that we can't guarantee the layout of thestruct. Here, suggest to addrepr(C)to the struct to make the layout stable.