search

ziglang / zig

General-purpose programming language and toolchain for maintaining robust, optimal, and reusable software.
https://ziglang.org
MIT License
33.67k stars 2.47k forks source link

enumerate all kinds of undefined behavior, even that which cannot be safety-checked #1966

Open andrewrk opened 5 years ago

andrewrk commented 5 years ago

The language reference should have a comprehensive list of every of possible undefined behavior that is possible, with a description of either how safety checks work for it, and under what circumstances the safety check will catch the problem or not, or the docs should explain why there cannot be safety checking for this particular kind of undefined behavior.

With this it will be obvious how close (or distant) zig is from a safe language.

Mouvedia commented 4 years ago

Most undefined behavior that cannot be detected at compile-time can be detected at runtime.

So you are saying that we need to add a no-safety sub section in https://ziglang.org/documentation/master/#Undefined-Behavior that will be continuously populated? Do you have examples of such cases? e.g. from existing github issues

hiroakitakada commented 4 years ago

So you are saying that we need to add a no-safety sub section in https://ziglang.org/documentation/master/#Undefined-Behavior that will be continuously populated?

I believe that the subsection listing all no-safety behavior should be added.

Do you have examples of such cases? e.g. from existing github issues

3180 is already mentioned above. Other examples are unsafe language constructs and builtin functions including (but, not limited to) the followings.

perillo commented 1 year ago

Here is an undefined behavior caused by incorrectly using @qualCast. The UB is currently unchecked (zig version 0.11.0-dev.6306+693b12f8e, stage3 built following the wiki):

comptime

const std = @import("std");
const s = "hello";

pub fn main() void {
    comptime {
        var s2 = @qualCast(*[5:0]u8, s);
        s2[0] = 'H';
    }
}
$ zig run comptime_qual-cast-ub.zig
Segmentation fault at address 0x2086bf
/tmp/zigtmp/comptime_qual-cast-ub.zig:5:5: 0x20b544 in main (comptime_qual-cast-ub)
    comptime {
    ^
/home/manlio/src/contrib/zig/github.com/perillo/zig/lib/std/start.zig:606:22: 0x20aa70 in posixCallMainAndExit (comptime_qual-cast-ub)
            root.main();
                     ^
/home/manlio/src/contrib/zig/github.com/perillo/zig/lib/std/start.zig:376:5: 0x20a521 in _start (comptime_qual-cast-ub)
    @call(.never_inline, posixCallMainAndExit, .{});
    ^
zsh: IOT instruction (core dumped)  ~/src/contrib/zig/github.com/perillo/zig/build/stage3/bin/zig run

runtime

const std = @import("std");
const debug = std.debug;
const s = "hello";

pub fn main() void {
    var s2 = @qualCast(*[5:0]u8, s);
    s2[0] = 'H';

    std.debug.print("s[0]: {c}\n", .{s[0]});
}
$ zig run runtime_qual-cast-ub.zig
Segmentation fault at address 0x2086bf
/tmp/zigtmp/comptime_qual-cast-ub.zig:5:5: 0x20b544 in main (comptime_qual-cast-ub)
    comptime {
    ^
/home/manlio/src/contrib/zig/github.com/perillo/zig/lib/std/start.zig:606:22: 0x20aa70 in posixCallMainAndExit (comptime_qual-cast-ub)
            root.main();
                     ^
/home/manlio/src/contrib/zig/github.com/perillo/zig/lib/std/start.zig:376:5: 0x20a521 in _start (comptime_qual-cast-ub)
    @call(.never_inline, posixCallMainAndExit, .{});
    ^
zsh: IOT instruction (core dumped)  ~/src/contrib/zig/github.com/perillo/zig/build/stage3/bin/zig run