Fix shift-overflow in const-generic bitfield accessors#3374
Merged
Conversation
`cargo clippy -- -D warnings` was failing on stable with a collapsible_match lint in ObjCInterface::from_ty: a nested `if` inside a `CXCursor_ObjCClassRef` match arm should be expressed as a match guard. Collapse it as suggested. No behaviour change. Co-authored-by: Copilot <[email protected]>
When BIT_WIDTH equals the native word size (e.g. a 64-bit field on a 64-bit target), `(1usize << BIT_WIDTH) - 1` shifted by the full width of usize, panicking in debug builds and producing a wrong mask in release. Affected `get_const`, `set_const`, `raw_get_const` and `raw_set_const`. Guard the value mask with `BIT_WIDTH < usize::BITS` and compute the runtime `set`. Add a regression test exercising width = 64. Co-authored-by: Copilot <[email protected]>
The upper-bound check in get/set/raw_get/raw_set and their const-generic siblings used floor division: `(bit_offset + bit_width) / 8 <= len`. The byte-loop touches indices up to `start_byte + bytes_needed - 1 = ceil((bit_offset + bit_width) / 8) - 1`, so the correct check is `(bit_offset + bit_width + 7) / 8 <= len`. Codegen never produces values that would fail the tighter assert, so this is a hardening of the safety check rather than a runtime fix. Regenerate the matching expectations. Co-authored-by: Copilot <[email protected]>
emilio
reviewed
May 16, 2026
emilio
approved these changes
May 16, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
When BIT_WIDTH equals the native word size (e.g. a 64-bit field on a 64-bit target),
(1usize << BIT_WIDTH) - 1shifted by the full width of usize, panicking in debug builds and producing a wrong mask in release. Affectedget_const,set_const,raw_get_constandraw_set_const.Guard the value mask with
BIT_WIDTH < usize::BITSand compute the runtimeset. Add a regression test exercising width = 64.