diff options
| author | 许杰友 Jieyou Xu (Joe) <39484203+jieyouxu@users.noreply.github.com> | 2025-03-16 09:40:06 +0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-03-16 09:40:06 +0800 |
| commit | 7112951caac8991dd6e8bcd42934386cbef01871 (patch) | |
| tree | bfb8c7de146e1ea03556668ff0e10bd1420a2ff6 /compiler/rustc_llvm/llvm-wrapper/RustWrapper.cpp | |
| parent | 8210b84aaf77a9de1e8fd00f404068c487d07531 (diff) | |
| parent | fa183ad8275db2523eac80ce2b2a2acb961064ee (diff) | |
| download | rust-7112951caac8991dd6e8bcd42934386cbef01871.tar.gz rust-7112951caac8991dd6e8bcd42934386cbef01871.zip | |
Rollup merge of #138303 - DiuDiu777:rc-fix, r=Mark-Simulacrum
Fix Ptr inconsistency in {Rc,Arc}
### PR Description
This pr aims to address the problem discussed on [zulip](https://rust-lang.zulipchat.com/#narrow/channel/219381-t-libs/topic/Inconsistency.20in.20.7BRc.2CArc.7D's.20ptr.20requirements/with/504259637).
### Problem Clarification
As this post presents, the `{Rc, Arc}::{in/de-crement_strong_count_/in}` do not limit the layout of the memory that `ptr` points to, while internally `Rc::from_raw_in` is called directly.
UB doesn't just appear when the strong count is decremented to zero. Miri also detects the UB of `out-of-bounds pointer use` when increment strong count is called on a pointer with an incorrect layout(shown as below).
```rust
use std::rc::Rc;
#[repr(align(8))]
struct Aligned8(u64);
#[repr(align(16))]
struct Aligned16(u64);
fn main() {
let rc: Rc<Aligned8> = Rc::new(Aligned8(42));
let raw_ptr = Rc::into_raw(rc);
unsafe {
Rc::increment_strong_count(raw_ptr as *const Aligned16);
}
}
```
Miri output:
```
error: Undefined Behavior: out-of-bounds pointer use: expected a pointer to 32 bytes of memory, but got alloc954 which is only 24 bytes from the end of the allocation
```
Diffstat (limited to 'compiler/rustc_llvm/llvm-wrapper/RustWrapper.cpp')
0 files changed, 0 insertions, 0 deletions