Skip to content

Integer-to-pointer casts #52

New issue
New issue
Open
Open
Integer-to-pointer casts#52
@mkroening

Description

@mkroening
mkroening
opened on Mar 22, 2026

Running cargo +nightly clippy --all-targets -- -Wfuzzy_provenance_casts gives:

warning: strict provenance disallows casting integer `usize` to pointer `*mut u8`
   --> src/lib.rs:966:62
    |
966 |             assert2::assert!(let Ok(_) = Uart16550::new_mmio(0x1000 as *mut _, 1));
    |                                                              ^^^^^^^^^^^^^^^^
    |
    = help: if you can't comply with strict provenance and don't have a pointer with the correct provenance you can use `std::ptr::with_exposed_provenance()` instead
    = note: requested on the command line with `-W fuzzy-provenance-casts`
help: use `.with_addr()` to adjust a valid pointer in the same allocation, to this address
    |
966 -             assert2::assert!(let Ok(_) = Uart16550::new_mmio(0x1000 as *mut _, 1));
966 +             assert2::assert!(let Ok(_) = Uart16550::new_mmio((...).with_addr(0x1000), 1));
    |

Running cargo +nightly miri test gives:

test tests::constructors ... warning: integer-to-pointer cast
   --> src/lib.rs:968:62
    |
968 |             assert2::assert!(let Ok(_) = Uart16550::new_mmio(0x1000 as *mut _, 1));
    |                                                              ^^^^^^^^^^^^^^^^ integer-to-pointer cast
    |
    = help: this program is using integer-to-pointer casts or (equivalently) `ptr::with_exposed_provenance`, which means that Miri might miss pointer bugs in this program
    = help: see https://doc.rust-lang.org/nightly/std/ptr/fn.with_exposed_provenance.html for more details on that operation
    = help: to ensure that Miri does not miss bugs in your program, use Strict Provenance APIs (https://doc.rust-lang.org/nightly/std/ptr/index.html#strict-provenance, https://crates.io/crates/sptr) instead
    = help: you can then set `MIRIFLAGS=-Zmiri-strict-provenance` to ensure you are not relying on `with_exposed_provenance` semantics
    = help: alternatively, `MIRIFLAGS=-Zmiri-permissive-provenance` disables this warning
    = note: this is on thread `tests::constructors`
    = note: stack backtrace:
            0: tests::constructors
                at src/lib.rs:968:62: 968:78
            1: tests::constructors::{closure#0}
                at src/lib.rs:955:22: 955:22

It might make sense to either make the examples use existing pointers or be explicit about external provenance:

let ptr = ptr::with_exposed_provenance_mut::<u8>(0x1000);
unsafe { Uart16550::new_mmio(ptr, 1) }

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions