unsafe_op_in_unsafe_fn
not triggered for raw pointer dereferencing inside addr_of
/addr_of_mut
#112504
Labels
A-diagnostics
Area: Messages for errors, warnings, and lints
T-compiler
Relevant to the compiler team, which will review and decide on the PR/issue.
Code
Current output
Desired output
Rationale and extra context
When removing the
unsafe
keywords in the function declarations of the sample code, the compiler emits the errors found in the “desired output” box (except for the note on theunsafe_op_in_unsafe_fn
lint). Hence, I was expecting the operations to be unsafe.1 However, withforbid(unsafe_op_in_unsafe_fn)
and the functions markedunsafe
, no errors are emitted at all.Other cases
No response
Anything else?
Note that the
unsafe_op_in_unsafe_fn
lint is not entirely broken for theexpr
ofaddr_of!(expr)
. The following snippet emits an error for calling an unsafe function (but not for dereferencing the raw pointer):Playground
Note furthermore that inlining the
addr_of!()
/addr_of_mut!()
macros (using#![feature(raw_ref_op)]
) result in the expected behavior:Playground
Footnotes
I’m not a hundred percent sure about this point as we effectively perform pointer arithmetic only. Conceptually, I would like to understand
addr_of!((*ptr).field)
as not actually dereferencingptr
. But the docs explicitly state that “theexpr
inaddr_of!(expr)
is still subject to all the usual rules. In particular,addr_of!(*ptr::null())
is Undefined Behavior because it dereferences a null pointer.” ↩The text was updated successfully, but these errors were encountered: