C2Rust Emits Unsafe Reference To Packed Field Causing Rust Error E0793

May 9, 2025 by ADMIN 71 views

Introduction

C2Rust is a tool that translates C code to Rust, making it easier to integrate C libraries into Rust projects. However, C2Rust has a known issue where it incorrectly emits a reference to a field inside a #pragma pack(1) struct, resulting in an unsafe and invalid reference in Rust. This triggers the Rust compiler error E0793, as references to potentially unaligned fields are undefined behavior in Rust.

C Code Example

The following C code demonstrates the issue:

#include <stdlib.h>
#pragma pack(push, 1)
struct S {
    int x;
};
#pragma pack(pop)

int func() {
    struct S* s = malloc(sizeof(struct S));
    return &s->x == &s->x;
}

int main(){
    return 0;
}

In this code, the struct S is packed with a size of 1 byte using the #pragma pack(1) directive. The func() function allocates memory for a struct S and checks if the address of the x field is equal to itself.

Translated Rust Code

The C code is translated to Rust using C2Rust, resulting in the following code:

#[derive(Copy, Clone)]
#[repr(C, packed)]
pub struct S {
    pub x: libc::c_int,
}
#[no_mangle]
pub unsafe extern "C" fn func() -> libc::c_int {
    let mut s: *mut S = malloc(::core::mem::size_of::<S>() as libc::c_ulong) as *mut S;
    return (&mut (*s).x as *mut libc::c_int == &mut (*s).x as *mut libc::c_int)
        as libc::c_int;
}

In this translated code, the struct S is also packed with a size of 1 byte using the #[repr(C, packed)] attribute. The func() function allocates memory for a struct S and checks if the address of the x field is equal to itself.

Rust Build Error

When compiling the translated Rust code, the following error is produced:

error[E0793]: reference to packed field is unaligned
  --> src/runner.rs:22:13
   |
22 |     return (&mut (*s).x as *mut libc::c_int == &mut (*s).x as *mut libc::c_int)
   |             ^^^^^^^^^^^
   |
   = note: packed structs are only aligned by one byte, and many modern architectures penalize unaligned field accesses
   = note: creating a misaligned reference is undefined behavior (even if that reference is never dereferenced)
   = help: copy the field contents to a local variable, or replace the reference with a raw pointer and use `read_unaligned`/`write_unaligned` (loads and stores via `*p` must be properly aligned even when using raw pointers)

error[E0793]: reference to packed field is unaligned
  --> src/runner.rs:22:48
   |
22 |     return (&mut (*s).x as *mut libc::c_int == &mut (*s).x as *mut::c_int)
   |                                                ^^^^^^^^^^^
   |
   = note: packed structs are only aligned by one byte, and many modern architectures penalize unaligned field accesses
   = note: creating a misaligned reference is undefined behavior (even if that reference is never dereferenced)
   = help: copy the field contents to a local variable, or replace the reference with a raw pointer and use `read_unaligned`/`write_unaligned` (loads and stores via `*p` must be properly aligned even when using raw pointers)

For more information about this error, try `rustc --explain E0793`.

The error message indicates that the reference to the packed field x is unaligned, which is undefined behavior in Rust.

Solution

To fix the issue, we need to modify the translated Rust code to avoid creating a misaligned reference. One possible solution is to copy the field contents to a local variable, as suggested by the error message:

#[derive(Copy, Clone)]
#[repr(C, packed)]
pub struct S {
    pub x: libc::c_int,
}
#[no_mangle]
pub unsafe extern "C" fn func() -> libc::c_int {
    let mut s: *mut S = malloc(::core::mem::size_of::<S>() as libc::c_ulong) as *mut S;
    let x = (*s).x;
    return (&x as *const libc::c_int == &x as *const libc::c_int)
        as libc::c_int;
}

In this modified code, we copy the contents of the x field to a local variable x, and then compare the addresses of x and itself. This avoids creating a misaligned reference and fixes the error.

Conclusion

Q: What is C2Rust and why is it used?

A: C2Rust is a tool that translates C code to Rust, making it easier to integrate C libraries into Rust projects. It is used to convert C code into Rust code, allowing developers to use C libraries in their Rust projects.

Q: What is the issue with C2Rust and packed fields?

A: C2Rust incorrectly emits a reference to a field inside a #pragma pack(1) struct, resulting in an unsafe and invalid reference in Rust. This triggers the Rust compiler error E0793, as references to potentially unaligned fields are undefined behavior in Rust.

Q: What is the error message E0793?

A: The error message E0793 indicates that the reference to a packed field is unaligned, which is undefined behavior in Rust. The error message provides suggestions for fixing the issue, such as copying the field contents to a local variable or replacing the reference with a raw pointer and using read_unaligned/write_unaligned.

Q: How can I fix the error E0793?

A: To fix the error E0793, you need to modify the translated Rust code to avoid creating a misaligned reference. One possible solution is to copy the field contents to a local variable, as suggested by the error message. You can also replace the reference with a raw pointer and use read_unaligned/write_unaligned.

Q: What are the implications of using C2Rust with packed fields?

A: Using C2Rust with packed fields can lead to undefined behavior in Rust, resulting in errors like E0793. This can cause issues with the correctness and safety of your Rust code. It is essential to be aware of this issue and take steps to fix it.

Q: How can I avoid this issue in the future?

A: To avoid this issue in the future, you can use the #[repr(C, packed)] attribute with caution and ensure that you are aware of the implications of using packed fields. You can also use the read_unaligned/write_unaligned functions to access packed fields safely.

Q: Is there a workaround for this issue?

A: Yes, there is a workaround for this issue. You can use the #[repr(C, packed)] attribute with caution and ensure that you are aware of the implications of using packed fields. You can also use the read_unaligned/write_unaligned functions to access packed fields safely.

Q: Can I use C2Rust with packed fields in production code?

A: It is not recommended to use C2Rust with packed fields in production code without proper testing and validation. The issue with C2Rust and packed fields can lead to undefined behavior in Rust, resulting in errors like E0793. It is essential to be aware of this issue and take steps to fix it before using C2Rust with packed fields in production code.

Conclusion

In conclusion, C2Rust emits an unsafe reference to a packed field, resulting in a Rust compiler error E0793. To fix the issue, you need to modify the translated Rust code to avoid creating a misaligned reference. By following this solution, you can fix the error and ensure that your Rust code is safe and correct.