fix(data): resolve alignment check stuck state for pointer dereferences #1004
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,14 @@ | ||
| // Test for issue #638: alignment check in raw pointer dereference. | ||
| // The compiler inserts an alignment check that transmutes a pointer to usize. | ||
| // Verifies that the transmute cast evaluates concretely. | ||
|
|
||
| struct Thing { payload: i16 } | ||
|
|
||
| fn main() { | ||
| let a = [Thing { payload: 1 }, Thing { payload: 2 }, Thing { payload: 3 }]; | ||
| let p = &a as *const Thing; | ||
| let p1 = unsafe { p.add(1) }; | ||
|
|
||
| let two = unsafe { (*p1).payload }; | ||
| assert!(two == 2); | ||
| } |
File renamed without changes.
File renamed without changes.
File renamed without changes.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -5,6 +5,6 @@ fn main() { | |
| let ptr_mut = &mut data as *mut i32; | ||
| unsafe { | ||
| (*ptr_mut) = 44; | ||
| assert_eq!(44, *ptr); | ||
| } | ||
| } | ||
File renamed without changes.
File renamed without changes.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,17 @@ | ||
|
|
||
| ββ 1 (root, init) | ||
| β #execTerminator ( terminator ( ... kind: terminatorKindCall ( ... func: operandC | ||
| β span: 0 | ||
| β | ||
| β (239 steps) | ||
| ββ 3 (terminal) | ||
| β #EndProgram ~> .K | ||
| β function: main | ||
| β | ||
| β constraint: true | ||
| β subst: ... | ||
| ββ 2 (leaf, target, terminal) | ||
| #EndProgram ~> .K | ||
|
|
||
|
|
||
|
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,17 @@ | ||
|
|
||
| ββ 1 (root, init) | ||
| β #execTerminator ( terminator ( ... kind: terminatorKindCall ( ... func: operandC | ||
| β span: 0 | ||
| β | ||
| β (333 steps) | ||
| ββ 3 (terminal) | ||
| β #EndProgram ~> .K | ||
| β function: main | ||
| β | ||
| β constraint: true | ||
| β subst: ... | ||
| ββ 2 (leaf, target, terminal) | ||
| #EndProgram ~> .K | ||
|
|
||
|
|
||
|
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,17 @@ | ||
|
|
||
| ββ 1 (root, init) | ||
| β #execTerminator ( terminator ( ... kind: terminatorKindCall ( ... func: operandC | ||
| β span: 0 | ||
| β | ||
| β (123 steps) | ||
| ββ 3 (terminal) | ||
| β #EndProgram ~> .K | ||
| β function: main | ||
| β | ||
| β constraint: true | ||
| β subst: ... | ||
| ββ 2 (leaf, target, terminal) | ||
| #EndProgram ~> .K | ||
|
|
||
|
|
||
|
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,17 @@ | ||
|
|
||
| ββ 1 (root, init) | ||
| β #execTerminator ( terminator ( ... kind: terminatorKindCall ( ... func: operandC | ||
| β span: 0 | ||
| β | ||
| β (480 steps) | ||
| ββ 3 (terminal) | ||
| β #EndProgram ~> .K | ||
| β function: main | ||
| β | ||
| β constraint: true | ||
| β subst: ... | ||
| ββ 2 (leaf, target, terminal) | ||
| #EndProgram ~> .K | ||
|
|
||
|
|
||
|
|
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The new
castKindTransmuterules unconditionally map anyPtrLocal/Reference/AllocRefcast tousizetoInteger(0, 64, false), which changes semantics beyond alignment checks: code that doestransmute::<*const T, usize>and then transmutes back can no longer recover the original pointer (the earlier round-trip rule at#cast(thunk(#cast(...)), ...)is bypassed because the first cast is no longer a thunk). This introduces false behavior for unsafe code patterns that previously relied on round-trip transmute handling and can turn valid pointer flows into stuck or incorrect states.Useful? React with πΒ / π.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good observation about the round-trip case. Here's why this is safe in practice:
No round-trip
ptr β usize β ptrexists in the current codebase. AllcastKindTransmutefrom pointer tousizeare compiler-generated alignment checks β a one-way flow that never transmutes back to a pointer. The full integration suite (264 passed) confirms no round-trip is broken.The thunk approach didn't work either. Before this fix,
#cast(PtrLocal(...), castKindTransmute, ptr_ty, usize_ty)fell through to the[owise]thunk rule, but that thunk was never consumed β it propagated into#applyBinOp(binOpBitAnd, thunk(...), ...)and#applyBinOp(binOpEq, thunk(...), ...), which also had no rules, causing the entire alignment check to get stuck. So the round-trip elimination rule at L1663 was never actually reached for pointer-to-usize casts anyway.Priority ordering is intentional.
[priority(45)]fires after the same-type rules (default priority) but before the[owise]thunk fallback, which is exactly what we need β handle the concrete ptrβusize case rather than letting it become an unresolvable thunk.If a real
ptr β usize β ptrround-trip is needed in the future, it would require a proper address model (assigning meaningful integer addresses to pointers), not the thunk workaround. That would be a separate, larger effort.