miri: Miri should catch uses of slice::from_raw_parts on uninitialized memory

[example]

let layout = Layout::array::<u8>(10).unwrap();
let ptr = alloc(layout);
slice::from_raw_parts_mut(ptr, 10);
dealloc(ptr, layout);

This would have prevented an actual issue I had where I accidentally used slice::from_raw_parts instead of ptr::slice_from_raw_parts from a version-aware import.

More generally, this is the “create reference to uninitialized memory” catch, but since these two methods have now-stable sound alternatives, it’d be nice for miri to catch incorrect usage and point at the correct raw pointer version.

About this issue

  • Original URL
  • State: open
  • Created 4 years ago
  • Comments: 16 (8 by maintainers)

Most upvoted comments

calloc zeroes the provided memory, so it’s guaranteed that the memory is initialized to 0, so creating a reference is fine.

Since you’ve specified MAP_ANONYMOUS, mmap initializes the contents of the memory to zero. Like calloc, this means that accessing the memory via reference is fine, because it’s initizlied.

(Note that you’ve not specified prot, so mmap defaults to prot=PROT_NONE, and the page may not be accessed. This does violate the rules of references, and obviously the read for the equality check.)

+2
CAD97 on Dec 11, 2021

I think Miri is flagging an unrelated aliasing problem in that code.

+1
RalfJung on Dec 9, 2021

You should use &[MaybeUninit<u8>] instead. &[u8] requires all u8 elements to be initialized.

+1
bjorn3 on Jul 13, 2020
Read more comments on GitHub
← miri: Miri hangs in spin loops forever
miri: ```no_std``` issues with implementing ```panic_handler``` →