Noratrieb/blog
1
0
Fork 0
mirror of https://github.com/Noratrieb/blog.git synced 2026-01-14 12:35:00 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

deploy: 7bc3d1cfbb

Browse source
This commit is contained in:
Nilstrieb 2022-07-22 14:40:23 +00:00
parent bd20f8a3bc
commit e6effff870
5 changed files with 11 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

4
index.xml
View file

@ -111,8 +111,8 @@ that is implemented in Miri. For an excellent introduction, see this part of the
and only the pointers that have their tag in the stack are allowed to access it. Tags can be pushed and popped from the stack through various operations, for example borrowing.</p>
<p>In the code example above, we get a nice little hint where the tag was created. When we created a reference (that was then
coerced into a raw pointer) from our box, it got a new tag called <code><3314></code>. Then, when we moved the box into the function,
something happened: The tag was invalidated and popped off the borrow stack. That’s because box invalidates all tags when it’s
moved. The tag was popped off the borrow stack and we tried to read from it anyways - undefined behaviour happened!</p>
something happened: The tag was popped off the borrow stack and therefore invalidated. That’s because box invalidates all tags
when it’s moved. The tag was popped off the borrow stack and we tried to read with it anyways - undefined behaviour happened!</p>
<p>And that’s how our code wasn’t a miscompilation, but undefined behaviour. Quite surprising, isn’t it?</p>
<h1 id="noalias-nothanks">noalias, nothanks</h1>
<p>Many people, myself included, don’t think that this is a good thing.</p>

6
posts/box-is-a-unique-type/index.html
View file

@ -1,6 +1,6 @@
<!doctype html><html lang=en><head><title>Box Is a Unique Type :: nilstriebs blog</title><meta charset=utf-8><meta name=viewport content="width=device-width,initial-scale=1"><meta name=description content="About better aliasing semantics for `Box`"><meta name=keywords content="box,noalias"><meta name=robots content="noodp"><link rel=canonical href=/posts/box-is-a-unique-type/><link rel=stylesheet href=/assets/style.css><link rel=apple-touch-icon href=/img/apple-touch-icon-192x192.png><link rel="shortcut icon" href=/img/favicon/orange.png><meta name=twitter:card content="summary"><meta property="og:locale" content="en"><meta property="og:type" content="article"><meta property="og:title" content="Box Is a Unique Type"><meta property="og:description" content="About better aliasing semantics for `Box`"><meta property="og:url" content="/posts/box-is-a-unique-type/"><meta property="og:site_name" content="nilstriebs blog"><meta property="og:image" content="/"><meta property="og:image:width" content="2048"><meta property="og:image:height" content="1024"><meta property="article:published_time" content="2022-07-22 00:00:00 +0000 UTC"></head><body class=orange><div class="container center headings--one-size"><header class=header><div class=header__inner><div class=header__logo><a href=/><div class=logo>nilstriebs blog</div></a></div></div></header><div class=content><div class=post><h1 class=post-title><a href=/posts/box-is-a-unique-type/>Box Is a Unique Type</a></h1><div class=post-meta><span class=post-date>2022-07-22</span>
<span class=post-author>:: Nilstrieb</span>
<span class=post-reading-time>:: 10 min read (2107 words)</span></div><span class=post-tags>#<a href=/tags/rust/>rust</a>&nbsp;
<span class=post-reading-time>:: 10 min read (2108 words)</span></div><span class=post-tags>#<a href=/tags/rust/>rust</a>&nbsp;
#<a href=/tags/unsafe-code/>unsafe code</a>&nbsp;</span><div class=post-content><div><p>We have all used <code>Box&lt;T></code> before in our Rust code. It&rsquo;s a glorious type, with great ergonomics
and flexibitility. We can use it to put our values on the heap, but it can do even more
than that!</p><div class=highlight><pre tabindex=0 style=color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4><code class=language-rust data-lang=rust><span style=display:flex><span><span style=color:#66d9ef>struct</span> <span style=color:#a6e22e>Fields</span> {
@ -88,8 +88,8 @@ borrow stack of the byte that was accessed. This is something about stacked borr
that is implemented in Miri. For an excellent introduction, see this part of the great book <a href=https://rust-unofficial.github.io/too-many-lists/fifth-stacked-borrows.html>Learning Rust With Entirely Too Many Linked Lists</a>.</p><p>In short: each pointer has a unique tag attached to it. Each byte in memory has its own &lsquo;borrow stack&rsquo; of these tags,
and only the pointers that have their tag in the stack are allowed to access it. Tags can be pushed and popped from the stack through various operations, for example borrowing.</p><p>In the code example above, we get a nice little hint where the tag was created. When we created a reference (that was then
coerced into a raw pointer) from our box, it got a new tag called <code>&lt;3314></code>. Then, when we moved the box into the function,
something happened: The tag was invalidated and popped off the borrow stack. That&rsquo;s because box invalidates all tags when it&rsquo;s
moved. The tag was popped off the borrow stack and we tried to read from it anyways - undefined behaviour happened!</p><p>And that&rsquo;s how our code wasn&rsquo;t a miscompilation, but undefined behaviour. Quite surprising, isn&rsquo;t it?</p><h1 id=noalias-nothanks>noalias, nothanks<a href=#noalias-nothanks class=hanchor arialabel=Anchor>&#8983;</a></h1><p>Many people, myself included, don&rsquo;t think that this is a good thing.</p><p>First of all, it introduces more UB that could have been defined behaviour instead. This is true for almost all UB, but usually,
something happened: The tag was popped off the borrow stack and therefore invalidated. That&rsquo;s because box invalidates all tags
when it&rsquo;s moved. The tag was popped off the borrow stack and we tried to read with it anyways - undefined behaviour happened!</p><p>And that&rsquo;s how our code wasn&rsquo;t a miscompilation, but undefined behaviour. Quite surprising, isn&rsquo;t it?</p><h1 id=noalias-nothanks>noalias, nothanks<a href=#noalias-nothanks class=hanchor arialabel=Anchor>&#8983;</a></h1><p>Many people, myself included, don&rsquo;t think that this is a good thing.</p><p>First of all, it introduces more UB that could have been defined behaviour instead. This is true for almost all UB, but usually,
there is something gained from the UB that justifies it. We will look at this later. But allowing such behaviour is fairly easy:
If box didn&rsquo;t invalidate pointers on move and instead behaved like a normal raw pointer, the code above would be sound.</p><p>But more importantly, this is not behaviour generally expected by users. While it can be argued that box is like a <code>T</code>, but on
the heap, and therefore moving it should invalidate pointers, since moving <code>T</code> definitely has to invalidate pointers to it,

4
posts/index.xml
View file

@ -111,8 +111,8 @@ that is implemented in Miri. For an excellent introduction, see this part of the
and only the pointers that have their tag in the stack are allowed to access it. Tags can be pushed and popped from the stack through various operations, for example borrowing.&lt;/p>
&lt;p>In the code example above, we get a nice little hint where the tag was created. When we created a reference (that was then
coerced into a raw pointer) from our box, it got a new tag called &lt;code>&amp;lt;3314&amp;gt;&lt;/code>. Then, when we moved the box into the function,
something happened: The tag was invalidated and popped off the borrow stack. That&amp;rsquo;s because box invalidates all tags when it&amp;rsquo;s
moved. The tag was popped off the borrow stack and we tried to read from it anyways - undefined behaviour happened!&lt;/p>
something happened: The tag was popped off the borrow stack and therefore invalidated. That&amp;rsquo;s because box invalidates all tags
when it&amp;rsquo;s moved. The tag was popped off the borrow stack and we tried to read with it anyways - undefined behaviour happened!&lt;/p>
&lt;p>And that&amp;rsquo;s how our code wasn&amp;rsquo;t a miscompilation, but undefined behaviour. Quite surprising, isn&amp;rsquo;t it?&lt;/p>
&lt;h1 id="noalias-nothanks">noalias, nothanks&lt;/h1>
&lt;p>Many people, myself included, don&amp;rsquo;t think that this is a good thing.&lt;/p>

4
tags/rust/index.xml
View file

@ -111,8 +111,8 @@ that is implemented in Miri. For an excellent introduction, see this part of the
and only the pointers that have their tag in the stack are allowed to access it. Tags can be pushed and popped from the stack through various operations, for example borrowing.&lt;/p>
&lt;p>In the code example above, we get a nice little hint where the tag was created. When we created a reference (that was then
coerced into a raw pointer) from our box, it got a new tag called &lt;code>&amp;lt;3314&amp;gt;&lt;/code>. Then, when we moved the box into the function,
something happened: The tag was invalidated and popped off the borrow stack. That&amp;rsquo;s because box invalidates all tags when it&amp;rsquo;s
moved. The tag was popped off the borrow stack and we tried to read from it anyways - undefined behaviour happened!&lt;/p>
something happened: The tag was popped off the borrow stack and therefore invalidated. That&amp;rsquo;s because box invalidates all tags
when it&amp;rsquo;s moved. The tag was popped off the borrow stack and we tried to read with it anyways - undefined behaviour happened!&lt;/p>
&lt;p>And that&amp;rsquo;s how our code wasn&amp;rsquo;t a miscompilation, but undefined behaviour. Quite surprising, isn&amp;rsquo;t it?&lt;/p>
&lt;h1 id="noalias-nothanks">noalias, nothanks&lt;/h1>
&lt;p>Many people, myself included, don&amp;rsquo;t think that this is a good thing.&lt;/p>

4
tags/unsafe-code/index.xml
View file

@ -111,8 +111,8 @@ that is implemented in Miri. For an excellent introduction, see this part of the
and only the pointers that have their tag in the stack are allowed to access it. Tags can be pushed and popped from the stack through various operations, for example borrowing.&lt;/p>
&lt;p>In the code example above, we get a nice little hint where the tag was created. When we created a reference (that was then
coerced into a raw pointer) from our box, it got a new tag called &lt;code>&amp;lt;3314&amp;gt;&lt;/code>. Then, when we moved the box into the function,
something happened: The tag was invalidated and popped off the borrow stack. That&amp;rsquo;s because box invalidates all tags when it&amp;rsquo;s
moved. The tag was popped off the borrow stack and we tried to read from it anyways - undefined behaviour happened!&lt;/p>
something happened: The tag was popped off the borrow stack and therefore invalidated. That&amp;rsquo;s because box invalidates all tags
when it&amp;rsquo;s moved. The tag was popped off the borrow stack and we tried to read with it anyways - undefined behaviour happened!&lt;/p>
&lt;p>And that&amp;rsquo;s how our code wasn&amp;rsquo;t a miscompilation, but undefined behaviour. Quite surprising, isn&amp;rsquo;t it?&lt;/p>
&lt;h1 id="noalias-nothanks">noalias, nothanks&lt;/h1>
&lt;p>Many people, myself included, don&amp;rsquo;t think that this is a good thing.&lt;/p>