-
Notifications
You must be signed in to change notification settings - Fork 60
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
What are the exact semantics of pointer comparison? #239
Comments
This is a somewhat interesting example: extern crate libc;
use std::mem;
pub fn test(ext: bool) -> bool { unsafe {
let x = libc::malloc(mem::size_of::<i32>()) as *mut i32;
*x = 0;
if ext { libc::free(x as *mut _); }
let y = libc::malloc(mem::size_of::<i32>()) as *mut i32;
*y = 0;
return x == y;
} } It gets optimized to |
Also see this LLVM bug. |
The optimization from #239 (comment) is based on the assumption that LLVM is allowed to substitute its own allocation function and guarantee particular outcome of the comparison. Those kind of optimizations are also applicable to Rust allocation functions, since rustc explicitly opt ins for this behaviour for |
Right. But it is unclear to me howto actually make that formally precise. Like, how could we implement support for custom allocators in Miri in a way that it detects UB when the allocator works in a way that breaks the above optimization? |
I updated the OP to also link to various issues about function pointer and vtable equality. |
I entirely forgot that |
Pointer comparison is complicated. However, for better or worse, Rust lets you safely compare any raw pointers, so we need to assign this some reasonable semantics. I wanted a place to centrally track all questions related to this, so here we go. (I never know whether to open such issues here in the UCG repo, or over in the rustc repo.)
There are two ways in which pointer comparison is "interesting": provenance, and objects without a guaranteed stable address.
Provenance
Does provenance affect whether pointers are equal? One major concern here is figuring out the semantics of pointer comparison in LLVM, and then likely we have no choice but to inherit that. Some data points:
malloc
can always compare inequal even if they are physically equal. This directly contradicts Eli's statement above.I am trying to figure out if LLVM optimizations clearly indicate one or the other choice; so far that has been inconclusive.
Unstable objects
Functions, vtables, and consts do not have a unique stable address, also leading to interesting problems.
function address equality
vtable equality
const address equality
The text was updated successfully, but these errors were encountered: