cast the entire slice to a raw pointer, not just the first element #80
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
RalfJung
commented
May 28, 2019
| @@ -357,7 +357,8 @@ impl<T> RawTable<T> { | |||
| pub fn new() -> Self { | |||
| Self { | |||
| data: NonNull::dangling(), | |||
| ctrl: NonNull::from(&Group::static_empty()[0]), | |||
| // Be careful to cast the entire slice to a raw pointer. | |||
| ctrl: unsafe { NonNull::new_unchecked(Group::static_empty().as_ptr() as *mut u8) }, | |||
There was a problem hiding this comment.
Btw, the mut cast here is actually meaningful -- the rest of the code must be careful not to write to this! But I suppose that's already the case, this is a shared global static after all.
|
@bors r+ |
|
📌 Commit 2693d12 has been approved by |
bors
added a commit
that referenced
this pull request
May 28, 2019
cast the entire slice to a raw pointer, not just the first element A strict reading of pointer provenance implies that when a `&T` gets cast to `*const T`, you may only use the raw pointer to access that `T`, not its neighbors. That's what Miri currently implements, though it is less strict around statics (which is why this one does not currently cause a Miri failure -- I'd like to make Miri more strict though). Cc rust-lang/unsafe-code-guidelines#134
|
☀️ Test successful - checks-travis |
|
What is needed to get this updated in rustc? |
|
I need to publish a new version of the crate and Cargo.lock needs to be updated in rustc. |
|
I published v0.3.1 with this change. |
|
Thanks a lot! |
Centril
added a commit
to Centril/rust
that referenced
this pull request
May 30, 2019
bump hashbrown Bump hashbrown to a version that includes rust-lang/hashbrown#80.
bors
added a commit
to rust-lang/rust
that referenced
this pull request
Jun 1, 2019
Bump hashbrown to 0.4.0 Fixes #61357 This also includes rust-lang/hashbrown#80.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
A strict reading of pointer provenance implies that when a
&Tgets cast to*const T, you may only use the raw pointer to access thatT, not its neighbors. That's what Miri currently implements, though it is less strict around statics (which is why this one does not currently cause a Miri failure -- I'd like to make Miri more strict though).Cc rust-lang/unsafe-code-guidelines#134