This function
pub fn foo(x: Box<i32>) { drop(x); }
compiles to
define void @_ZN10playground3foo17h15d47dec4ef032baE(i32* noalias align 4 dereferenceable(4)) unnamed_addr #1 !dbg !148 {
start:
%x = alloca i32*, align 8
store i32* %0, i32** %x, align 8
call void @llvm.dbg.declare(metadata i32** %x, metadata !150, metadata !DIExpression()), !dbg !151
%1 = load i32*, i32** %x, align 8, !dbg !152, !nonnull !4
; call core::mem::drop
call void @_ZN4core3mem4drop17had227526e86e8e2bE(i32* noalias align 4 dereferenceable(4) %1), !dbg !153
br label %bb1, !dbg !153
bb1: ; preds = %start
ret void, !dbg !154
}
Notice the dereferenceable attribute! Under current LLVM semantics, this means "dereferenceable for the entire duration of this function body". That is, clearly, not accurate.
This issue is closely related to #55005, but affects all Box instead of just a few uses of references, so I felt it is a separate discussion.
I propose we remove the dereferencable attribute from Box for now. It seems like the situation might improve with future LLVM versions, but we should first make things sound.
Thanks to @HadrienG2 for pointing this out. Cc @rust-lang/wg-unsafe-code-guidelines
This function
compiles to
Notice the
dereferenceableattribute! Under current LLVM semantics, this means "dereferenceable for the entire duration of this function body". That is, clearly, not accurate.This issue is closely related to #55005, but affects all
Boxinstead of just a few uses of references, so I felt it is a separate discussion.I propose we remove the
dereferencableattribute fromBoxfor now. It seems like the situation might improve with future LLVM versions, but we should first make things sound.Thanks to @HadrienG2 for pointing this out. Cc @rust-lang/wg-unsafe-code-guidelines