Skip to content

Statics' symbol names are susceptible to drift #9431

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
alexcrichton opened this issue Sep 23, 2013 · 4 comments
Closed

Statics' symbol names are susceptible to drift #9431

alexcrichton opened this issue Sep 23, 2013 · 4 comments

Comments

@alexcrichton
Copy link
Member

Let's say you're a library author. You just published the following library file under the name libbar:

// bar.rs
pub fn foo<T>() -> int {
    static a: int = 4;  
    return a;           
}

Some innocent programmer then comes along and uses this file. They write the following program

// foo.rs
extern mod bar;       

fn main() {           
    bar::foo::<int>();
}

Being a responsible library developer, you then realize that your library has a security flaw, so you update it to:

// updated bar.rs
fn fix_the_bug() {}             

pub fn foo<T>() -> int {
    static a: int = 4;  
    return a;           
}

You realize that this change is ABI-compatible with your previous library version, so being a responsible library developer, you push out an updated version of your new library.

As a responsible application developer, the client using your library then updates their copy, only to result in the following terrible-ness. (this shell session assumes that I'm both the library and application developer).

// let's compile libbar for the first time
$ ./x86_64-apple-darwin/stage2/bin/rustc --lib bar.rs
warning: missing crate link meta `name`, using `bar` as default
warning: missing crate link meta `vers`, using `0.0` as default
warning: no debug symbols in executable (-arch x86_64)

// Now let's compile our application, link it against libbar, and run it
$ ./x86_64-apple-darwin/stage2/bin/rustc foo.rs -L.
warning: no debug symbols in executable (-arch x86_64)
$ ./foo

// Awesome! now let's update libbar (with the bugfix), and recompile
$ ./x86_64-apple-darwin/stage2/bin/rustc --lib bar.rs
warning: missing crate link meta `name`, using `bar` as default
warning: missing crate link meta `vers`, using `0.0` as default
warning: no debug symbols in executable (-arch x86_64)

// The library didn't move, and it didn't change name, we shouldn't
// have to recompile foo here.
$ ./foo
dyld: Symbol not found: __ZN3foo1a19hff345045bc2f6a3eaj4v0.0E
  Referenced from: /Users/alex/code/rust3/./foo
  Expected in: /Users/alex/code/rust3/./libbar-15fb3a718ea23983-0.0.dylib
 in /Users/alex/code/rust3/./foo
zsh: trace trap  ./foo

The reason for this is that 1da4488 introduced the idea of a "pretty name" for statics which uses the node_id as the "unique tidbit" of information for a static in order to guarantee that they all have different names. This is very undesirable, and this should definitely be fixed.

Nominating for production-ready, and possibly the priority tag.

All credit for finding this goes to @cmr's eagle eyes.
@alexcrichton
Copy link
Member Author

Actually this may not be a problem at all. If you don't recompile the application foo, then it will never see an update to the foo function inside of libbar. If it returned something like 4, and then the library author updated it to 5, then unless you recompile foo it will always return 4.

This is akin to someone updating header files, but you never recompile your application. You'll never pick up the updates...

@emberian
Copy link
Member

@alexcrichton why wouldn't it see the update? Is it because it is a generic and thus monomorphized using the metadata?

@alexcrichton
Copy link
Member Author

Generic functions don't have compiled versions in libraries, they only have instantiations inside crates that actually use them.

@alexcrichton
Copy link
Member Author

Closing as a dupe of #2419

flip1995 pushed a commit to flip1995/rust that referenced this issue Sep 9, 2022
Fix range_{plus,minus}_one bad suggestions
a6d8afd 
Fixes rust-lang#9431.

The current `range_plus_one` and `range_minus_one` suggestions
are completely incorrect when macros are involved.

This commit resolves this by disabling the lints for any range
expression that is expanded from a macro. The reasons for this
are that it is very difficult to create a correct suggestion in
this case and that false negatives are less important for
pedantic lints.
flip1995 pushed a commit to flip1995/rust that referenced this issue Sep 9, 2022
@bors
Auto merge of rust-lang#9446 - mikerite:fix-9431-2, r=giraffate
b52fb52 
Fix `range_{plus,minus}_one` bad suggestions

Fixes rust-lang#9431.

The current `range_plus_one` and `range_minus_one` suggestions are completely incorrect when macros are involved.

This commit resolves this by disabling the lints for any range expression that is expanded from a macro. The reasons for this are that it is very difficult to create a correct suggestion in this case and that false negatives are less important for pedantic lints.

changelog: Fix `range_{plus,minus}_one` bad suggestions
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@alexcrichton @emberian