Skip to content

Representation of DSTs and fat pointers #315

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
3 tasks
danielsn opened this issue Jul 8, 2021 · 3 comments
Closed
3 tasks

Representation of DSTs and fat pointers #315

danielsn opened this issue Jul 8, 2021 · 3 comments
Assignees
@celinval
Labels
[C] Internal Tracks some internal work. I.e.: Users should not be affected.
Milestone
Soundness

Comments

@danielsn
Copy link
Contributor

danielsn commented Jul 8, 2021

Rust allows user-defined objects to contain a single dynamically sized field, similar to how C supports flexible arrays as the final field of a struct. Although this feature is not conceptually complicated, its implementation involves many corner cases.

Likelihood:

We have repeatedly run into cases where new RMC tests failed due to unexpected corner-cases involving dynamically sized objects. We have solved all known issues, but the rate of bug discovery in this area to date suggests that there are additional latent bugs.

Mitigation:

  • The CBMC type-system has been effective in detecting issues caused by incorrectly handling dynamically sized objects.

Path to soundness:

  • Develop a detailed doc formally specifying how Rust handles dynamically sized types.
  • A full audit of the responsible code, ideally with a member of the Rust compiler team
@danielsn danielsn added this to the Soundness milestone Jul 8, 2021
@zhassan-aws
Copy link
Contributor

Mostly mitigated other than #327

@zhassan-aws zhassan-aws changed the title Soundness: representation of DSTs and fat pointers Representation of DSTs and fat pointers Apr 19, 2022
@tedinski tedinski added the [C] Internal Tracks some internal work. I.e.: Users should not be affected. label Nov 14, 2022
@celinval
Copy link
Contributor

@zhassan-aws can we close this one now?

@zhassan-aws
Copy link
Contributor

Yes

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@celinval celinval

Labels
[C] Internal Tracks some internal work. I.e.: Users should not be affected.
Projects
None yet
Milestone
Soundness
Development

No branches or pull requests
5 participants
@tedinski @feliperodri @danielsn @celinval @zhassan-aws