Rollup merge of #118983 - Urgau:invalid_ref_casting-bigger-layout, r=oli-obk

matthiaskrgr · web-flow · commit e45bd1989efc · 2024-02-12T23:18:52.000+01:00
Warn on references casting to bigger memory layout This PR extends the [`invalid_reference_casting`](https://doc.rust-lang.org/rustc/lints/listing/deny-by-default.html#invalid-reference-casting) lint (*deny-by-default*) which currently lint on `&T -> &mut T` casting to also lint on `&(mut) A -> &(mut) B` where `size_of::<B>() > size_of::<A>()` (bigger memory layout requirement). The goal is to detect such cases: ```rust let u8_ref: &u8 = &0u8; let u64_ref: &u64 = unsafe { &*(u8_ref as *const u8 as *const u64) }; //~^ ERROR casting references to a bigger memory layout is undefined behavior let mat3 = Mat3 { a: Vec3(0i32, 0, 0), b: Vec3(0, 0, 0), c: Vec3(0, 0, 0) }; let mat3 = unsafe { &*(&mat3 as *const _ as *const [[i64; 3]; 3]) }; //~^ ERROR casting references to a bigger memory layout is undefined behavior ``` This is added to help people who write unsafe code, especially when people have matrix struct that they cast to simple array of arrays. EDIT: One caveat, due to the [`&Header`](rust-lang/unsafe-code-guidelines#256) uncertainty the lint only fires when it can find the underline allocation. ~~I have manually tested all the new expressions that warn against Miri, and they all report immediate UB.~~ r? ``@est31``
diff --git a/tests/fail/unaligned_pointers/unaligned_ref_addr_of.rs b/tests/fail/unaligned_pointers/unaligned_ref_addr_of.rs
@@ -1,6 +1,8 @@
 // This should fail even without Stacked Borrows.
 //@compile-flags: -Zmiri-disable-stacked-borrows -Cdebug-assertions=no
 
+#![allow(invalid_reference_casting)] // for u16 -> u32
+
 fn main() {
     // Try many times as this might work by chance.
     for _ in 0..20 {
