-
Notifications
You must be signed in to change notification settings - Fork 13.6k
Open
Labels
A-docsArea: Documentation for any part of the project, including the compiler, standard library, and toolsArea: Documentation for any part of the project, including the compiler, standard library, and toolsC-bugCategory: This is a bug.Category: This is a bug.T-opsemRelevant to the opsem teamRelevant to the opsem team
Description
During stabilization, we changed the documentation of exposed provenance from saying that memory outside the AM "is always exposed" to "is always accessible". Based on a conversation I just had, I believe the new documentation to be wrong, because it suggests that this program is permitted:
use std::ptr;
fn main() {
// Create a byte we "magically" know the address of (by capturing it)
// Another way to stash or know a valid-to-write address would make a better demo.
let mut byte = 0u8;
let magic_addr = &mut byte as *mut u8 as usize;
let func = |r: &mut u8| {
*r = 123;
unsafe {
// The docs say:
// memory which is outside the control of the Rust abstract machine
// (MMIO registers, for example) is always considered to be accessible
// with an exposed provenance
// So this address should be accessible, according to the docs.
// But the access here is a clear violation of the noalias attribute.
dbg!(*ptr::with_exposed_provenance::<u8>(magic_addr))
}
};
let ptr = ptr::with_exposed_provenance_mut::<u8>(magic_addr);
unsafe {
func(&mut *ptr);
}
}
The current documentation can be traced to this part of the stabilization PR discussion: #130350 (comment)
I am writing this up as I am heading to bed, so please just correct me if I seem wrong. cc @rust-lang/opsem
Metadata
Metadata
Assignees
Labels
A-docsArea: Documentation for any part of the project, including the compiler, standard library, and toolsArea: Documentation for any part of the project, including the compiler, standard library, and toolsC-bugCategory: This is a bug.Category: This is a bug.T-opsemRelevant to the opsem teamRelevant to the opsem team