[strict provenance] make the compiler's tagged_ptr stuff conform #95493
Labels
A-strict-provenance
Area: Strict provenance for raw pointers
T-compiler
Relevant to the compiler team, which will review and decide on the PR/issue.
Comments
Gankra
added
T-compiler
|
Fixed by #110243 ? |
|
Yes seems like it. :) @WaffleLapkin do you know other places in the compiler that are still using "fuzzy provenance casts"? |
|
@RalfJung There are still rust/compiler/rustc_middle/src/ty/mod.rs Line 846 in 92ad4b4 I swear I was meaning to fix them... Maybe I forgot to open a PR? Will try to dig for it/write a new one. Either way besides those two I don't remember and can't find any int2ptr casts in the compiler. Closing this as fixed by #110243. |
|
@WaffleLapkin are we tracking those last two somewhere? |
|
@RalfJung not to my knowledge, I can open an issue though |
|
For the record I've opened #119217 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This issue is part of the Strict Provenance Experiment - #95228
tagged_ptr and everything that uses it is entirely provenance crimes
rust/compiler/rustc_data_structures/src/tagged_ptr.rs
Lines 52 to 60 in bb5c437
This is the precise point in updating std+compiler to conform to strict-provenance that I ran out of energy and just started marking the compiler as WONTFIX for the MVP. I believe @eddyb started working on this, but got a bit sidetracked because they ran into the fact that we're shifting pointers down so that we can high-bit-tag instead of low-bit-tag, and while this isn't per-se a problem for strict-provenance, it wasn't obviously portable to CHERI, which sucks.
Since then it's been clarified that e.g. Morello (CHERI on ARM) actually has allowances for high-bit tagging and pointer shifting, so it's possible that the code can just be changed to properly use pointers and
with_addrand friends.The text was updated successfully, but these errors were encountered: