ryan-summers
commented
4 months ago Not only that, but the pointer provenance of the sitcm pointer only permits us to technically write 4 bytes (because the static mut __sitcm: u32.
Closed jordens closed 4 months ago
ryan-summers
commented
4 months ago Not only that, but the pointer provenance of the sitcm pointer only permits us to technically write 4 bytes (because the static mut __sitcm: u32.
ryan-summers
commented
4 months ago Ref https://github.com/rust-embedded/wg/issues/771, it might be the case that pointer provenance is not actually an issue
jordens
commented
4 months ago Way back I had argued that this is like an FFI interface where one crates slices from addresses and lengths in a similar way without virtual machine knowing much about them.
I.e. specifically the src slice must be fine to create like this. How else would one do it?
And if the src slice is fine (initialized, doesn't break aliasing rules), so is the dst slice.
jordens
commented
4 months ago Closing as "not a problem".
https://github.com/quartiq/stabilizer/blob/3ef00cbd92b9ee57b19026ba7abb3791e88be339/src/hardware/setup.rs#L183
That destination slice is uninitialized, thus insta-UB. Needs to be
MaybeUninit.