enable fuzzy_provenance_casts lint in liballoc and libstd #104647
Conversation
rustbot
added
S-waiting-on-review
|
Hey! It looks like you've submitted a new PR for the library teams! If this PR contains changes to any Examples of
|
| @@ -184,7 +185,7 @@ unsafe fn read_encoded_pointer( | |||
| }; | |||
|
|
|||
| if encoding & DW_EH_PE_indirect != 0 { | |||
| result = *(result as *const usize); | |||
| result = *ptr::from_exposed_addr::<usize>(result); | |||
There was a problem hiding this comment.
I hope this can only happen if we previously had the DW_EH_PE_pcrel case above and exposed the pointer...
There was a problem hiding this comment.
Who knows, but given that as *const usize is essentially semantically equivalent to from_exposed_addr::<usize>(...), this shouldn't add additional UB or anything if that's not how it is.
There was a problem hiding this comment.
This could add UB only if the code relied on the round_up stuff above also exposing the pointer. But that did look like a slam-dunk case for with_addr so I went with that. (Actually it would be an awesome case for map_addr except that it would need ? inside the closure so of course that doesn't work...)
There was a problem hiding this comment.
This could add UB only if the code relied on the round_up stuff above also exposing the pointer
That would be incredibly goofy and surprising, so I'm going to assume it's not the case.
| @@ -47,6 +47,7 @@ | |||
| #![feature(strict_provenance)] | |||
| #![feature(once_cell)] | |||
| #![feature(drain_keep_rest)] | |||
| #![deny(fuzzy_provenance_casts)] | |||
There was a problem hiding this comment.
A little surprised this is the only lint we turn on in the liballoc tests, but I'll look into that later.
There was a problem hiding this comment.
Yeah me too... I briefly tried denying unsafe_op_in_unsafe_fn and got too many red lines to pursue this further right now. ;)
|
@bors r+ rollup |
bors
added
S-waiting-on-bors
|
Ah, wait, this might cause platform-specific failures. So maybe rollup=always is too optimistic. @bors rollup=maybe |
Yeah. I did check builds on Linux, Android, macOS, Windows targets (which did find some more cases) but there are tons of targets left untested -- this should probably be |
|
⌛ Testing commit 7f5addd with merge 5d1ad57001036df80dc2d48130ba9a461b4a81a6... |
|
💔 Test failed - checks-actions |
bors
added
S-waiting-on-review
This comment has been minimized.
This comment has been minimized.
|
@bors r=thomcc |
bors
added
S-waiting-on-bors
|
The job Click to see the possible cause of the failure (guessed by this bot) |
|
Flaky rustdoc test? Cc @rust-lang/rustdoc |
|
Yeah, flaky rustdoc test. Nothing you changed here could've affected it. #93784 |
…r=thomcc enable fuzzy_provenance_casts lint in liballoc and libstd r? `@thomcc`
…r=thomcc enable fuzzy_provenance_casts lint in liballoc and libstd r? ``@thomcc``
…r=thomcc enable fuzzy_provenance_casts lint in liballoc and libstd r? ```@thomcc```
…earth Rollup of 6 pull requests Successful merges: - rust-lang#103488 (Allow opaque types in trait impl headers and rely on coherence to reject unsound cases) - rust-lang#104359 (Refactor must_use lint into two parts) - rust-lang#104612 (Lower return type outside async block creation) - rust-lang#104621 (Fix --extern library finding errors) - rust-lang#104647 (enable fuzzy_provenance_casts lint in liballoc and libstd) - rust-lang#104750 (Bump `fd-lock` in `bootstrap` again) Failed merges: - rust-lang#104732 (Refactor `ty::ClosureKind` related stuff) r? `@ghost` `@rustbot` modify labels: rollup
…safe_fn, r=Mark-Simulacrum Add `#![deny(unsafe_op_in_unsafe_fn)]` in liballoc tests In rust-lang#104647 (comment) it was mentioned that liballoc tests should probably have this enabled (we have it pretty much everywhere else in the stdlib), so I added it. This will probably conflict with rust-lang#104647 so I'll rebase after that lands.
…safe_fn, r=Mark-Simulacrum Add `#![deny(unsafe_op_in_unsafe_fn)]` in liballoc tests In rust-lang#104647 (comment) it was mentioned that liballoc tests should probably have this enabled (we have it pretty much everywhere else in the stdlib), so I added it. This will probably conflict with rust-lang#104647 so I'll rebase after that lands.
…safe_fn, r=Mark-Simulacrum Add `#![deny(unsafe_op_in_unsafe_fn)]` in liballoc tests In rust-lang#104647 (comment) it was mentioned that liballoc tests should probably have this enabled (we have it pretty much everywhere else in the stdlib), so I added it. This will probably conflict with rust-lang#104647 so I'll rebase after that lands.
…safe_fn, r=Mark-Simulacrum Add `#![deny(unsafe_op_in_unsafe_fn)]` in liballoc tests In rust-lang#104647 (comment) it was mentioned that liballoc tests should probably have this enabled (we have it pretty much everywhere else in the stdlib), so I added it. This will probably conflict with rust-lang#104647 so I'll rebase after that lands.
…r=Mark-Simulacrum Add `#![deny(unsafe_op_in_unsafe_fn)]` in liballoc tests In rust-lang/rust#104647 (comment) it was mentioned that liballoc tests should probably have this enabled (we have it pretty much everywhere else in the stdlib), so I added it. This will probably conflict with rust-lang/rust#104647 so I'll rebase after that lands.
r? @thomcc