Should drop_in_place imply dereferencability?

[JakobDegen]

The following code is currently DB as reported by Miri:

#[repr(transparent)]
struct LoudDrop(u8);

impl Drop for LoudDrop {
    fn drop(&mut self) {
        println!("{}", self.0);
    }
}

#[repr(C)]
struct PartiallyDrop(LoudDrop, u8);

pub fn main() {
    let mut x = LoudDrop(0);
    let p = std::ptr::addr_of_mut!(x).cast::<PartiallyDrop>();
    
    unsafe {
        core::ptr::drop_in_place(p);   
    }
}

Should it be?

[JakobDegen]

(I've checked and the LLVM IR we currently emit for this does not have UB)

[RalfJung]

If the example had comments, not every reader would have to reverse engineer what the question is about. ;)
The point is that at the drop_in_place, p points to x, a LoudDrop, but at type PartiallyDrop it is (partially) dangling beyond the end of x.

I think @pcwalton also recently asked to treat the drop_in_place argument more like a reference for aliasing purposes, and I am inclined to agree. Probably the generated drop_in_place shim should start with a reborrow (and retag) of the argument as a mutable reference?

[pcwalton]

Treating drop_in_place as &mut would be great. BTW I plan to add dereferenceable and align attributes to it, which are needed to trigger argument promotion, which helps a lot with removing memcpys.

[pcwalton]

By the way, https://doc.rust-lang.org/std/ptr/fn.drop_in_place.html#safety already says that to_drop must be valid or UB will result, which seems to imply dereferenceable, no? (It doesn't say valid for how many bytes, but I assume it has to mean valid for the entire size of the type, or else that isn't a very useful definition of "valid", as it otherwise would only mean the 1 byte the pointer is pointing at is valid…)

[JakobDegen]

That seems like a reasonable reading of the documentation. We'll still want to check how much of the ecosystem actually complies with this though (sorry, didn't get the branch up yesterday)

[RalfJung]

Yeah, on the library API front we are probably good, we just haven't made this into language UB yet, at least not in Miri.