Unsafe 1 @WaffleLapkin @BoxyUwU @m-ou-se

Warning: this quiz is still "work-in-progress", some questions might not have good explanations (or any at all), formatting/structure/titles/etc are not final, and so on. You might want to return here on a later date.

Note: the question is whether the code, as executed, is UB or whether it is sound. When the snippet has UB, explain exactly where it is UB and why.

#![allow(deref_nullptr)]

fn main() {
    // 1.  UB?
    unsafe {
        _ = *std::ptr::null::<u32>();
    }
}
#![allow(deref_nullptr, unused_parens)]

fn main() {
    // 2.  UB?
    unsafe {
        _ = (*std::ptr::null::<u32>());
    }
}
#![allow(deref_nullptr, unused_braces)]

fn main() {
    // 3.  UB?
    unsafe {
        _ = { *std::ptr::null::<u32>() };
    }
}
#![allow(deref_nullptr)]

fn main() {
    // 4.  UB?
    _ = unsafe { *std::ptr::null::<u32>() };
}
Solution

Examples 1 and 2 are fine, while 3 and 4 are UB:

error: Undefined Behavior: memory access failed: null pointer is a dangling pointer (it has no provenance)
 --> examples/unsafe_1_3.rs:6:15
  |
6 |         _ = { *std::ptr::null::<u32>() };
  |               ^^^^^^^^^^^^^^^^^^^^^^^^ memory access failed: null pointer is a dangling pointer (it has no provenance)
  |
  = help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
  = help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information
  = note: BACKTRACE:
  = note: inside `main` at examples/unsafe_1_3.rs:6:15: 6:39

note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace

error: aborting due to 1 previous error


error: Undefined Behavior: memory access failed: null pointer is a dangling pointer (it has no provenance)
 --> examples/unsafe_1_4.rs:5:18
  |
5 |     _ = unsafe { *std::ptr::null::<u32>() };
  |                  ^^^^^^^^^^^^^^^^^^^^^^^^ memory access failed: null pointer is a dangling pointer (it has no provenance)
  |
  = help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
  = help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information
  = note: BACKTRACE:
  = note: inside `main` at examples/unsafe_1_4.rs:5:18: 5:42

note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace

error: aborting due to 1 previous error

Loading a value from a null pointer is undefined behavior in Rust. However, dereferencing a pointer does not always cause a load.

In examples 1 and 2 dereference produces a place which is immediately discarded by the assignment to _ (note that parenthesis do not affect anything other than precedence of operators).

In examples 3 and 4 the place created by the dereference is coerced to a value, because it is returned from a block (note that normal and unsafe blocks behave the same) which causes UB.