Comments (6)
Under the current memory model,
Your comment and the lint are misleading. There is no accepted memory model. And the lint message is pointing to code which does not create an allocation, so at best the lint has grabbed the wrong span. If this lint is supposed to engage in provenance-based reasoning, it would need to indicate that. Otherwise it is simply buggy.
from rust.
Under the memory model checked by Miri by default, a &mut u8
is not permitted to access more than the one byte it points to, even if you got it from a larger object. Reborrowing to a reference type shrinks the allowed access range. Use array[offset..(offset + 8)].as_mut_ptr()
instead to obtain a pointer that is valid to write to the correct region. array[offset..].as_mut_ptr()
would also be valid, as that region contains the correct bytes, but it's less precise about its intent.
@rustbot label -regression-from-stable-to-stable -C-bug -I-prioritize +C-discussion
from rust.
Miri also agrees that the code as written contains undefined behavior, in the top right of the page select "Tools > Miri" to run and you'll see that it says that there's undefined behavior.
https://play.rust-lang.org/?version=stable&mode=debug&edition=2021&gist=e2d5ba429bbd2fb8401599c04d046213
The important bit from the error message is that the code is trying to access alloc1270[0x0..0x8]
(the intended 8 bytes), but the pointer does not have permission for that range, only [0x0..0x1]
(the first byte).
from rust.
I think that the invalid_reference_casting
lint's wording should be changed though, "backing allocation" is not precise and does not correctly describe what it's detecting. cc #118983
@rustbot label +A-diagnostics +D-papercut
from rust.
True, "the current" is not quite right. "The memory model currently checked by Miri by default" is perhaps a better wording for what I wanted to say, I will edit my comment.
Agreed that the lint is definitely sketchy wording at best, and I'm suspicious of its implementation given the incorrect wording.
from rust.
And the lint message is pointing to code which does not create an allocation, so at best the lint has grabbed the wrong span. If this lint is supposed to engage in provenance-based reasoning, it would need to indicate that. Otherwise it is simply buggy.
The lint is not supposed to engage in "provenance-based reasoning", it is just supposed to peel all the reference/raw pointer casting until it finds an allocation, and then it should compare the size of type and report an error if the target is bigger than the source. Nothing else, nothing more.
I tried describing the intent of the change in #118983 (comment).
So as @saethlin correctly mentions it, nothing in this code creates an "allocation", so I think the lint shouldn't have fired here. (whenever there is actual UB or not is irrelevant here)
from rust.
Related Issues (20)
- Tracking Issue for externally implementable items
- error: internal compiler error: ...: opaque types got hidden types registered from within subtype predicate
- `print-type-size` somtimes prints incorrect output HOT 1
- Compiling this code caused the compiler to block
- Segmentation fault installing rust on clean Ubuntu 24.04 amd64
- Poor interaction between NLL-borrowck, async, and c_variadic's `...` desugaring (`VaListImpl<'_>`)
- ICE : called `Option::unwrap()` on a `None` value in compiler/rustc_hir_typeck/src/method/confirm.rs HOT 2
- `&T -> *const T` or `&mut T -> *mut T` should be considered a use of inner fields HOT 2
- Remark `TMP`, `TEMP` and `USERPROFILE` env vars can influence `env::temp_dir` on Windows HOT 1
- Add SIMD operations that use f16 and f128 HOT 4
- Warn for `cfg!(target_* = "whatever")` usage in build scripts HOT 1
- UTF_16BE encode decode result does not match HOT 2
- Error when `fn` keyword is missing could be more explicit HOT 3
- How to enable rust-lld on stable? HOT 3
- Failure to recognize `&String` as equivalent to `&str` HOT 2
- need to show help for `adding an explicit lifetime bound`.
- ICE: `this path really should be doomed`
- Tracking issue for migrating from Glacier to compiletest ICE/crash tracking HOT 3
- `check_type_length_limit` is broken HOT 2
- `rust-analyzer` shows compile error E0023 but `cargo check`/clippy/build/run do not
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from rust.