Can access invalid memory and cause sigsegv using safe Rust #31852
Comments
|
Oh, and rustc version: |
|
After reducing this, it looks like the bug is that the compiler accepts this: trait Foo {
fn foo<T>(&self, t: T);
}
impl Foo for i32 {
fn foo<T: 'static>(&self, t: T) {
}
}
fn foo(a: i32, not_static: &i32) {
a.foo(not_static);
} The |
|
In your code specifically @ruud-v-a the |
|
triage: I-nominated This seems familiar as in we've had it reported before, but... I thought we fixed it with a bunch of well-formededness RFCs? Seems good to get visibility though! cc @rust-lang/compiler |
alexcrichton
added
the
T-compiler
|
Aha! and @nikomatsakis pointed out on IRC that this is #18937, so I'll just close in favor of that. Thanks for the report though @ruud-v-a! |
When working on a crate I discovered the following issue. I did not succeed in making a minimal example that reproduces on play.rust-lang.org, so let me just link to the actual code:
git clone -b rust-bug https://github.com/ruud-v-a/rxcd rxcargo test this_causes_sigsegv -- --nocaptureunsafeblocks in the crate.Note how this prints the contents of some memory that the function shouldn’t be able to access, and then terminates with sigsegv.
An observation: with reexports it is possible to reexport a type on which a method is defined that returns a type that is not reexported. In a sense this allows returning anonymous types. In the documentation these types are named but they do not link to a documentation page, and if you name them explicitly the compiler complains because they are not public. I am not sure whether this is a bug or feature.
Related (what initially made me suspicious): this function mutates a variable that was borrowed mutably by a closure.
The text was updated successfully, but these errors were encountered: