Lint on some incorrect uses of mem::zeroed / mem::uninitialized by RalfJung · Pull Request #63346 · rust-lang/rust

RalfJung · 2019-08-07T08:14:24Z

Cc #62825 and https://internals.rust-lang.org/t/make-mem-uninitialized-and-mem-zeroed-panic-for-some-types-where-0-is-a-niche/10605

This does not yet handle NonNull/NonZero*, but it is a start.

I also improved some doc issues I hit on the way, and added a useful helper to TyS.

EDIT: I added the relnotes label mostly as a proposal -- I think this is worth mentioning, but leave the decision up to the release team.

rust-highfive · 2019-08-07T08:14:28Z

r? @varkor

(rust_highfive has picked a reviewer for you, use r? to override)

RalfJung · 2019-08-07T08:15:33Z

src/librustc_lint/builtin.rs

 }
+
+declare_lint! {
+    pub INVALID_VALUE,


I used the "validity" terminology here. Does that seem okay?

src/librustc/ty/mod.rs

RalfJung · 2019-08-07T09:54:17Z

@bjorn3 deleted a comment

Please don't do that. GH has a "hide comment" feature and "resolve discussion" which helps not to clutter the main thread. But don't delete comments after other people replied, and really don't delete other people's comments.

bjorn3 · 2019-08-07T09:58:01Z

But don't delete comments after other people replied, and really don't delete other people's comments.

I though I removed it before someone commented. I think your comment got deleted because I deleted mine.

GH has a "hide comment" feature

Will use it in the future.

jethrogb · 2019-08-07T19:56:58Z

src/librustc_lint/builtin.rs

+                // FIXME: *Only for `mem::uninitialized`*, we could also warn for `bool`,
+                //        `char`, and any multivariant enum.
+                // Conservative fallback.
+                _ => true,


Can you check for types with rustc_layout_scalar_valid_range_start here?

In the future this should probably check for that attribute, yes.

RalfJung · 2019-08-08T18:06:25Z

Would be nice if this could land before beta cutoff (Tuesday), so that we get these lints on stable.

eddyb · 2019-08-09T13:13:33Z

@bors r+

bors · 2019-08-09T13:13:34Z

📌 Commit 6c7d84d has been approved by eddyb

Lint on some incorrect uses of mem::zeroed / mem::uninitialized Cc rust-lang#62825 and https://internals.rust-lang.org/t/make-mem-uninitialized-and-mem-zeroed-panic-for-some-types-where-0-is-a-niche/10605 This does not yet handle `NonNull`/`NonZero*`, but it is a start. I also improved some doc issues I hit on the way, and added a useful helper to `TyS`.

RalfJung · 2019-08-09T20:03:54Z

Looks like this breaks clippy tests.

@bors r-

RalfJung · 2019-08-09T20:22:22Z

Blocked on clippy PR: rust-lang/rust-clippy#4368

deprecate invalid_ref lint This fixes the `invalid_ref` lint test to no longer fail when rust-lang/rust#63346 lands. I also fixed the lint itself, because its wording made no sense: there is no "reference to zeroed/uninitialized memory" here. changelog: none

RalfJung · 2019-08-11T12:50:33Z

@bors p=1

Would be good to get that lint into the beta together with #63343

Lint on some incorrect uses of mem::zeroed / mem::uninitialized Cc rust-lang#62825 and https://internals.rust-lang.org/t/make-mem-uninitialized-and-mem-zeroed-panic-for-some-types-where-0-is-a-niche/10605 This does not yet handle `NonNull`/`NonZero*`, but it is a start. I also improved some doc issues I hit on the way, and added a useful helper to `TyS`. EDIT: I added the relnotes label mostly as a proposal -- I think this is worth mentioning, but leave the decision up to the release team.

@ghost

Rollup of 8 pull requests Successful merges: - #61969 (Add #[repr(transparent)] for several types) - #62108 (Use sharded maps for queries) - #63149 (resolve: Populate external modules in more automatic and lazy way) - #63346 (Lint on some incorrect uses of mem::zeroed / mem::uninitialized) - #63433 (Miri shouldn't look at types) - #63440 (rename RUST_CTFE_BACKTRACE to RUSTC_CTFE_BACKTRACE) - #63442 (Add an example to show how to insert item to a sorted vec) - #63459 (syntax: account for CVarArgs being in the argument list.) Failed merges: r? @ghost

bors · 2019-08-11T19:15:17Z

⌛ Testing commit 0930747 with merge a8f340856b1b16c2d3ce9bb2c40b604947cf7ea6...

Lint on some incorrect uses of mem::zeroed / mem::uninitialized Cc rust-lang#62825 and https://internals.rust-lang.org/t/make-mem-uninitialized-and-mem-zeroed-panic-for-some-types-where-0-is-a-niche/10605 This does not yet handle `NonNull`/`NonZero*`, but it is a start. I also improved some doc issues I hit on the way, and added a useful helper to `TyS`. EDIT: I added the relnotes label mostly as a proposal -- I think this is worth mentioning, but leave the decision up to the release team.

Mark-Simulacrum · 2019-08-11T19:19:28Z

@bors retry prioritizing rollup that includes this PR

@ghost

Rollup of 8 pull requests Successful merges: - #61969 (Add #[repr(transparent)] for several types) - #63346 (Lint on some incorrect uses of mem::zeroed / mem::uninitialized) - #63433 (Miri shouldn't look at types) - #63440 (rename RUST_CTFE_BACKTRACE to RUSTC_CTFE_BACKTRACE) - #63441 (Derive Debug for CrateInfo) - #63442 (Add an example to show how to insert item to a sorted vec) - #63453 (rustdoc: general cleanup) - #63464 (Copy ty::Instance instead of passing by reference) Failed merges: r? @ghost

bors · 2019-08-11T22:52:52Z

⌛ Testing commit 0930747 with merge 00ee1b4...

Pkgsrc changes: * Adapt to the move of the implementation of random numbers. * Remove patch which is no longer relevant (Signals.inc) * Cross-build currently fails due to the still unresolved rust-lang/rust#62558, so bootstrap kits for 1.38.0 have to be built natively, and will follow shortly. * Bump bootstrap requirements to 1.37.0 except for armv7-unknown-netbsd-eabihf which I've neither managed to cross-build nor build natively. Upstream changes: Version 1.38.0 (2019-09-26) ========================== Language -------- - [The `#[global_allocator]` attribute can now be used in submodules.][62735] - [The `#[deprecated]` attribute can now be used on macros.][62042] Compiler -------- - [Added pipelined compilation support to `rustc`.][62766] This will improve compilation times in some cases. For further information please refer to the [_"Evaluating pipelined rustc compilation"_][pipeline-internals] thread. - [Added tier 3\* support for the `aarch64-uwp-windows-msvc`, `i686-uwp-windows-gnu`, `i686-uwp-windows-msvc`, `x86_64-uwp-windows-gnu`, and `x86_64-uwp-windows-msvc` targets.][60260] - [Added tier 3 support for the `armv7-unknown-linux-gnueabi` and `armv7-unknown-linux-musleabi` targets.][63107] - [Added tier 3 support for the `hexagon-unknown-linux-musl` target.][62814] - [Added tier 3 support for the `riscv32i-unknown-none-elf` target.][62784] \* Refer to Rust's [platform support page][forge-platform-support] for more information on Rust's tiered platform support. Libraries --------- - [`ascii::EscapeDefault` now implements `Clone` and `Display`.][63421] - [Derive macros for prelude traits (e.g. `Clone`, `Debug`, `Hash`) are now available at the same path as the trait.][63056] (e.g. The `Clone` derive macro is available at `std::clone::Clone`). This also makes all built-in macros available in `std`/`core` root. e.g. `std::include_bytes!`. - [`str::Chars` now implements `Debug`.][63000] - [`slice::{concat, connect, join}` now accepts `&[T]` in addition to `&T`.][62528] - [`*const T` and `*mut T` now implement `marker::Unpin`.][62583] - [`Arc<[T]>` and `Rc<[T]>` now implement `FromIterator<T>`.][61953] - [Added euclidean remainder and division operations (`div_euclid`, `rem_euclid`) to all numeric primitives.][61884] Additionally `checked`, `overflowing`, and `wrapping` versions are available for all integer primitives. - [`thread::AccessError` now implements `Clone`, `Copy`, `Eq`, `Error`, and `PartialEq`.][61491] - [`iter::{StepBy, Peekable, Take}` now implement `DoubleEndedIterator`.][61457] Stabilized APIs --------------- - [`<*const T>::cast`] - [`<*mut T>::cast`] - [`Duration::as_secs_f32`] - [`Duration::as_secs_f64`] - [`Duration::div_duration_f32`] - [`Duration::div_duration_f64`] - [`Duration::div_f32`] - [`Duration::div_f64`] - [`Duration::from_secs_f32`] - [`Duration::from_secs_f64`] - [`Duration::mul_f32`] - [`Duration::mul_f64`] - [`any::type_name`] Cargo ----- - [Added pipelined compilation support to `cargo`.][cargo/7143] - [You can now pass the `--features` option multiple times to enable multiple features.][cargo/7084] Misc ---- - [`rustc` will now warn about some incorrect uses of `mem::{uninitialized, zeroed}` that are known to cause undefined behaviour.][63346] Compatibility Notes ------------------- - Unfortunately the [`x86_64-unknown-uefi` platform can not be built][62785] with rustc 1.39.0. - The [`armv7-unknown-linux-gnueabihf` platform is also known to have issues][62896] for certain crates such as libc. [60260]: rust-lang/rust#60260 [61457]: rust-lang/rust#61457 [61491]: rust-lang/rust#61491 [61884]: rust-lang/rust#61884 [61953]: rust-lang/rust#61953 [62042]: rust-lang/rust#62042 [62528]: rust-lang/rust#62528 [62583]: rust-lang/rust#62583 [62735]: rust-lang/rust#62735 [62766]: rust-lang/rust#62766 [62784]: rust-lang/rust#62784 [62785]: rust-lang/rust#62785 [62814]: rust-lang/rust#62814 [62896]: rust-lang/rust#62896 [63000]: rust-lang/rust#63000 [63056]: rust-lang/rust#63056 [63107]: rust-lang/rust#63107 [63346]: rust-lang/rust#63346 [63421]: rust-lang/rust#63421 [cargo/7084]: rust-lang/cargo#7084 [cargo/7143]: rust-lang/cargo#7143 [`<*const T>::cast`]: https://doc.rust-lang.org/std/primitive.pointer.html#method.cast [`<*mut T>::cast`]: https://doc.rust-lang.org/std/primitive.pointer.html#method.cast [`Duration::as_secs_f32`]: https://doc.rust-lang.org/std/time/struct.Duration.html#method.as_secs_f32 [`Duration::as_secs_f64`]: https://doc.rust-lang.org/std/time/struct.Duration.html#method.as_secs_f64 [`Duration::div_duration_f32`]: https://doc.rust-lang.org/std/time/struct.Duration.html#method.div_duration_f32 [`Duration::div_duration_f64`]: https://doc.rust-lang.org/std/time/struct.Duration.html#method.div_duration_f64 [`Duration::div_f32`]: https://doc.rust-lang.org/std/time/struct.Duration.html#method.div_f32 [`Duration::div_f64`]: https://doc.rust-lang.org/std/time/struct.Duration.html#method.div_f64 [`Duration::from_secs_f32`]: https://doc.rust-lang.org/std/time/struct.Duration.html#method.from_secs_f32 [`Duration::from_secs_f64`]: https://doc.rust-lang.org/std/time/struct.Duration.html#method.from_secs_f64 [`Duration::mul_f32`]: https://doc.rust-lang.org/std/time/struct.Duration.html#method.mul_f32 [`Duration::mul_f64`]: https://doc.rust-lang.org/std/time/struct.Duration.html#method.mul_f64 [`any::type_name`]: https://doc.rust-lang.org/std/any/fn.type_name.html [forge-platform-support]: https://forge.rust-lang.org/platform-support.html [pipeline-internals]: https://internals.rust-lang.org/t/evaluating-pipelined-rustc-compilation/10199

implement zeroed and uninitialized with MaybeUninit This is the second attempt of doing such a change (first PR: rust-lang#62150). The last change [got reverted](rust-lang#63343) because it [caused](rust-lang#62825) some [issues](rust-lang#52898 (comment)) in [code that incorrectly used these functions](AltF02/x11-rs#99). Since then, the [problematic code has been fixed](AltF02/x11-rs#101), and rustc [gained a lint](rust-lang#63346) that is able to detect many misuses of these functions statically and a [dynamic check that panics](rust-lang#66059) instead of causing UB for some incorrect uses. Fixes rust-lang#62825

rust-highfive assigned varkor Aug 7, 2019

rust-highfive added the S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. label Aug 7, 2019

RalfJung commented Aug 7, 2019

View reviewed changes

This was referenced Aug 7, 2019

re-land #62150 (Implement mem::{zeroed,uninitialized} in terms of MaybeUninit) #62825

Closed

Separate DefIds for variants and their constructors #59382

Merged

petrochenkov reviewed Aug 7, 2019

View reviewed changes

src/librustc/ty/mod.rs Outdated Show resolved Hide resolved

This comment has been minimized.

Sign in to view

rust-lang deleted a comment from RalfJung Aug 7, 2019

jethrogb reviewed Aug 7, 2019

View reviewed changes

eddyb approved these changes Aug 9, 2019

View reviewed changes

bors added S-waiting-on-bors Status: Waiting on bors to run and complete tests. Bors will change the label on completion. and removed S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. labels Aug 9, 2019

Centril mentioned this pull request Aug 9, 2019

Rollup of 5 pull requests #63412

Closed

bors added S-waiting-on-author Status: This is awaiting some action (such as code changes or more information) from the author. and removed S-waiting-on-bors Status: Waiting on bors to run and complete tests. Bors will change the label on completion. labels Aug 9, 2019

RalfJung mentioned this pull request Aug 9, 2019

deprecate invalid_ref lint rust-lang/rust-clippy#4368

Merged

RalfJung added S-blocked Status: Blocked on something else such as an RFC or other implementation work. and removed S-waiting-on-author Status: This is awaiting some action (such as code changes or more information) from the author. labels Aug 9, 2019

Mark-Simulacrum mentioned this pull request Aug 11, 2019

Rollup of 8 pull requests #63465

Closed

Mark-Simulacrum mentioned this pull request Aug 11, 2019

Rollup of 8 pull requests #63471

Merged

varkor assigned eddyb and unassigned varkor Aug 11, 2019

bors merged commit 0930747 into rust-lang:master Aug 11, 2019

RalfJung deleted the zeroed-lint branch August 12, 2019 06:30

RalfJung mentioned this pull request Aug 26, 2019

causes UB by calling mem::zeroed on any type Diggsey/rust-field-offset#2

Closed

RalfJung mentioned this pull request Mar 11, 2020

implement zeroed and uninitialized with MaybeUninit #69922

Merged

RalfJung mentioned this pull request Jun 21, 2020

attempted to leave type (enum) uninitialized, which is invalid #73573

Closed

Uh oh!

Conversation

RalfJung commented Aug 7, 2019 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

rust-highfive commented Aug 7, 2019

Uh oh!

RalfJung Aug 7, 2019

Choose a reason for hiding this comment

Uh oh!

Uh oh!

This comment has been minimized.

RalfJung commented Aug 7, 2019

Uh oh!

bjorn3 commented Aug 7, 2019

Uh oh!

jethrogb Aug 7, 2019

Choose a reason for hiding this comment

Uh oh!

RalfJung Aug 7, 2019

Choose a reason for hiding this comment

Uh oh!

RalfJung commented Aug 8, 2019

Uh oh!

eddyb commented Aug 9, 2019

Uh oh!

bors commented Aug 9, 2019

Uh oh!

RalfJung commented Aug 9, 2019 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

RalfJung commented Aug 9, 2019

Uh oh!

RalfJung commented Aug 11, 2019 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

bors commented Aug 11, 2019

Uh oh!

Mark-Simulacrum commented Aug 11, 2019

Uh oh!

bors commented Aug 11, 2019

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

9 participants

RalfJung commented Aug 7, 2019 •

edited

Loading

RalfJung commented Aug 9, 2019 •

edited

Loading

RalfJung commented Aug 11, 2019 •

edited

Loading