dnrops
/
rust
mirror of https://github.com/rust-lang/rust.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

don't UB on dangling ptr deref, instead check inbounds on projections

This commit is contained in:
Ralf Jung 2023-08-01 17:11:00 +02:00
parent a48396984a
commit b1ebf002c3
102 changed files with 531 additions and 469 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
compiler/rustc_const_eval/messages.ftl
View File

@ -61,7 +61,6 @@ const_eval_deref_coercion_non_const =
.target_note = deref defined here
const_eval_deref_function_pointer =
accessing {$allocation} which contains a function
const_eval_deref_test = dereferencing pointer failed
const_eval_deref_vtable_pointer =
accessing {$allocation} which contains a vtable
const_eval_different_allocations =

1
compiler/rustc_const_eval/src/errors.rs
View File

@ -459,7 +459,6 @@ fn bad_pointer_message(msg: CheckInAllocMsg, handler: &Handler) -> String {
use crate::fluent_generated::*;
let msg = match msg {
CheckInAllocMsg::DerefTest => const_eval_deref_test,
CheckInAllocMsg::MemoryAccessTest => const_eval_memory_access_test,
CheckInAllocMsg::PointerArithmeticTest => const_eval_pointer_arithmetic_test,
CheckInAllocMsg::OffsetFromTest => const_eval_offset_from_test,

2
compiler/rustc_const_eval/src/interpret/intern.rs
View File

@ -161,7 +161,7 @@ impl<'rt, 'mir, 'tcx: 'mir, M: CompileTimeMachine<'mir, 'tcx, const_eval::Memory
#[inline(always)]
fn ecx(&self) -> &InterpCx<'mir, 'tcx, M> {
&self.ecx
self.ecx
}
fn visit_value(&mut self, mplace: &MPlaceTy<'tcx>) -> InterpResult<'tcx> {

10
compiler/rustc_const_eval/src/interpret/intrinsics.rs
View File

@ -571,16 +571,8 @@ impl<'mir, 'tcx: 'mir, M: Machine<'mir, 'tcx>> InterpCx<'mir, 'tcx, M> {
pub fn ptr_offset_inbounds(
&self,
ptr: Pointer<Option<M::Provenance>>,
pointee_ty: Ty<'tcx>,
offset_count: i64,
offset_bytes: i64,
) -> InterpResult<'tcx, Pointer<Option<M::Provenance>>> {
// We cannot overflow i64 as a type's size must be <= isize::MAX.
let pointee_size = i64::try_from(self.layout_of(pointee_ty)?.size.bytes()).unwrap();
// The computed offset, in bytes, must not overflow an isize.
// `checked_mul` enforces a too small bound, but no actual allocation can be big enough for
// the difference to be noticeable.
let offset_bytes =
offset_count.checked_mul(pointee_size).ok_or(err_ub!(PointerArithOverflow))?;
// The offset being in bounds cannot rely on "wrapping around" the address space.
// So, first rule out overflows in the pointer arithmetic.
let offset_ptr = ptr.signed_offset(offset_bytes, self)?;

1
compiler/rustc_const_eval/src/interpret/machine.rs
View File

@ -436,6 +436,7 @@ pub trait Machine<'mir, 'tcx: 'mir>: Sized {
place: &PlaceTy<'tcx, Self::Provenance>,
) -> InterpResult<'tcx> {
// Without an aliasing model, all we can do is put `Uninit` into the place.
// Conveniently this also ensures that the place actually points to suitable memory.
ecx.write_uninit(place)
}

12
compiler/rustc_const_eval/src/interpret/operand.rs
View File

@ -219,6 +219,17 @@ impl<'tcx, Prov: Provenance> ImmTy<'tcx, Prov> {
/// given layout.
// Not called `offset` to avoid confusion with the trait method.
fn offset_(&self, offset: Size, layout: TyAndLayout<'tcx>, cx: &impl HasDataLayout) -> Self {
debug_assert!(layout.is_sized(), "unsized immediates are not a thing");
// `ImmTy` have already been checked to be in-bounds, so we can just check directly if this
// remains in-bounds. This cannot actually be violated since projections are type-checked
// and bounds-checked.
assert!(
offset + layout.size <= self.layout.size,
"attempting to project to field at offset {} with size {} into immediate with layout {:#?}",
offset.bytes(),
layout.size.bytes(),
self.layout,
);
// This makes several assumptions about what layouts we will encounter; we match what
// codegen does as good as we can (see `extract_field` in `rustc_codegen_ssa/src/mir/operand.rs`).
let inner_val: Immediate<_> = match (**self, self.layout.abi) {
@ -387,7 +398,6 @@ impl<'tcx, Prov: Provenance> Projectable<'tcx, Prov> for OpTy<'tcx, Prov> {
match self.as_mplace_or_imm() {
Left(mplace) => Ok(mplace.offset_with_meta(offset, meta, layout, ecx)?.into()),
Right(imm) => {
debug_assert!(layout.is_sized(), "unsized immediates are not a thing");
assert_matches!(meta, MemPlaceMeta::None); // no place to store metadata here
// Every part of an uninit is uninit.
Ok(imm.offset_(offset, layout, ecx).into())

12
compiler/rustc_const_eval/src/interpret/operator.rs
View File

@ -1,7 +1,7 @@
use rustc_apfloat::{Float, FloatConvert};
use rustc_middle::mir;
use rustc_middle::mir::interpret::{InterpResult, Scalar};
use rustc_middle::ty::layout::TyAndLayout;
use rustc_middle::ty::layout::{LayoutOf, TyAndLayout};
use rustc_middle::ty::{self, FloatTy, Ty};
use rustc_span::symbol::sym;
use rustc_target::abi::Abi;
@ -337,7 +337,15 @@ impl<'mir, 'tcx: 'mir, M: Machine<'mir, 'tcx>> InterpCx<'mir, 'tcx, M> {
let offset_count = right.to_scalar().to_target_isize(self)?;
let pointee_ty = left.layout.ty.builtin_deref(true).unwrap().ty;
let offset_ptr = self.ptr_offset_inbounds(ptr, pointee_ty, offset_count)?;
// We cannot overflow i64 as a type's size must be <= isize::MAX.
let pointee_size = i64::try_from(self.layout_of(pointee_ty)?.size.bytes()).unwrap();
// The computed offset, in bytes, must not overflow an isize.
// `checked_mul` enforces a too small bound, but no actual allocation can be big enough for
// the difference to be noticeable.
let offset_bytes =
offset_count.checked_mul(pointee_size).ok_or(err_ub!(PointerArithOverflow))?;
let offset_ptr = self.ptr_offset_inbounds(ptr, offset_bytes)?;
Ok((
ImmTy::from_scalar(Scalar::from_maybe_pointer(offset_ptr, self), left.layout),
false,

48
compiler/rustc_const_eval/src/interpret/place.rs
View File

@ -15,9 +15,9 @@ use rustc_middle::ty::Ty;
use rustc_target::abi::{Abi, Align, FieldIdx, HasDataLayout, Size, FIRST_VARIANT};
use super::{
alloc_range, mir_assign_valid_types, AllocId, AllocRef, AllocRefMut, CheckInAllocMsg, ImmTy,
Immediate, InterpCx, InterpResult, Machine, MemoryKind, OpTy, Operand, Pointer,
PointerArithmetic, Projectable, Provenance, Readable, Scalar,
alloc_range, mir_assign_valid_types, AllocId, AllocRef, AllocRefMut, ImmTy, Immediate,
InterpCx, InterpResult, Machine, MemoryKind, OpTy, Operand, Pointer, PointerArithmetic,
Projectable, Provenance, Readable, Scalar,
};
#[derive(Copy, Clone, Hash, PartialEq, Eq, Debug)]
@ -88,17 +88,22 @@ impl<Prov: Provenance> MemPlace<Prov> {
#[inline]
// Not called `offset_with_meta` to avoid confusion with the trait method.
fn offset_with_meta_<'tcx>(
fn offset_with_meta_<'mir, 'tcx, M: Machine<'mir, 'tcx, Provenance = Prov>>(
self,
offset: Size,
meta: MemPlaceMeta<Prov>,
cx: &impl HasDataLayout,
ecx: &InterpCx<'mir, 'tcx, M>,
) -> InterpResult<'tcx, Self> {
debug_assert!(
!meta.has_meta() || self.meta.has_meta(),
"cannot use `offset_with_meta` to add metadata to a place"
);
Ok(MemPlace { ptr: self.ptr.offset(offset, cx)?, meta })
if offset > ecx.data_layout().max_size_of_val() {
throw_ub!(PointerArithOverflow);
}
let offset: i64 = offset.bytes().try_into().unwrap();
let ptr = ecx.ptr_offset_inbounds(self.ptr, offset)?;
Ok(MemPlace { ptr, meta })
}
}
@ -310,15 +315,18 @@ impl<'tcx, Prov: Provenance> Projectable<'tcx, Prov> for PlaceTy<'tcx, Prov> {
Right((frame, local, old_offset)) => {
debug_assert!(layout.is_sized(), "unsized locals should live in memory");
assert_matches!(meta, MemPlaceMeta::None); // we couldn't store it anyway...
let new_offset = ecx
.data_layout()
.offset(old_offset.unwrap_or(Size::ZERO).bytes(), offset.bytes())?;
// `Place::Local` are always in-bounds of their surrounding local, so we can just
// check directly if this remains in-bounds. This cannot actually be violated since
// projections are type-checked and bounds-checked.
assert!(offset + layout.size <= self.layout.size);
let new_offset = Size::from_bytes(
ecx.data_layout()
.offset(old_offset.unwrap_or(Size::ZERO).bytes(), offset.bytes())?,
);
PlaceTy {
place: Place::Local {
frame,
local,
offset: Some(Size::from_bytes(new_offset)),
},
place: Place::Local { frame, local, offset: Some(new_offset) },
align: self.align.restrict_for_offset(offset),
layout,
}
@ -464,7 +472,6 @@ where
}
let mplace = self.ref_to_mplace(&val)?;
self.check_mplace(&mplace)?;
Ok(mplace)
}
@ -494,17 +501,6 @@ where
self.get_ptr_alloc_mut(mplace.ptr(), size, mplace.align)
}
/// Check if this mplace is dereferenceable and sufficiently aligned.
pub fn check_mplace(&self, mplace: &MPlaceTy<'tcx, M::Provenance>) -> InterpResult<'tcx> {
let (size, _align) = self
.size_and_align_of_mplace(&mplace)?
.unwrap_or((mplace.layout.size, mplace.layout.align.abi));
// Due to packed places, only `mplace.align` matters.
let align = if M::enforce_alignment(self) { mplace.align } else { Align::ONE };
self.check_ptr_access_align(mplace.ptr(), size, align, CheckInAllocMsg::DerefTest)?;
Ok(())
}
/// Converts a repr(simd) place into a place where `place_index` accesses the SIMD elements.
/// Also returns the number of elements.
pub fn mplace_to_simd(

2
compiler/rustc_const_eval/src/interpret/projection.rs
View File

@ -58,7 +58,6 @@ pub trait Projectable<'tcx, Prov: Provenance>: Sized + std::fmt::Debug {
ecx: &InterpCx<'mir, 'tcx, M>,
) -> InterpResult<'tcx, Self>;
#[inline]
fn offset<'mir, M: Machine<'mir, 'tcx, Provenance = Prov>>(
&self,
offset: Size,
@ -69,7 +68,6 @@ pub trait Projectable<'tcx, Prov: Provenance>: Sized + std::fmt::Debug {
self.offset_with_meta(offset, MemPlaceMeta::None, layout, ecx)
}
#[inline]
fn transmute<'mir, M: Machine<'mir, 'tcx, Provenance = Prov>>(
&self,
layout: TyAndLayout<'tcx>,

9
compiler/rustc_const_eval/src/interpret/terminator.rs
View File

@ -1,6 +1,5 @@
use std::borrow::Cow;
use either::Either;
use rustc_ast::ast::InlineAsmOptions;
use rustc_middle::{
mir,
@ -729,13 +728,7 @@ impl<'mir, 'tcx: 'mir, M: Machine<'mir, 'tcx>> InterpCx<'mir, 'tcx, M> {
callee_ty: callee_fn_abi.ret.layout.ty
});
}
// Ensure the return place is aligned and dereferenceable, and protect it for
// in-place return value passing.
if let Either::Left(mplace) = destination.as_mplace_or_local() {
self.check_mplace(&mplace)?;
} else {
// Nothing to do for locals, they are always properly allocated and aligned.
}
// Protect return place for in-place return value passing.
M::protect_in_place_function_argument(self, destination)?;
// Don't forget to mark "initially live" locals as live.

4
compiler/rustc_const_eval/src/interpret/validity.rs
View File

@ -355,7 +355,7 @@ impl<'rt, 'mir, 'tcx: 'mir, M: Machine<'mir, 'tcx>> ValidityVisitor<'rt, 'mir, '
value: &OpTy<'tcx, M::Provenance>,
ptr_kind: PointerKind,
) -> InterpResult<'tcx> {
// Not using `deref_pointer` since we do the dereferenceable check ourselves below.
// Not using `deref_pointer` since we want to use our `read_immediate` wrapper.
let place = self.ecx.ref_to_mplace(&self.read_immediate(value, ptr_kind.into())?)?;
// Handle wide pointers.
// Check metadata early, for better diagnostics
@ -645,7 +645,7 @@ impl<'rt, 'mir, 'tcx: 'mir, M: Machine<'mir, 'tcx>> ValueVisitor<'mir, 'tcx, M>
#[inline(always)]
fn ecx(&self) -> &InterpCx<'mir, 'tcx, M> {
&self.ecx
self.ecx
}
fn read_discriminant(

2
compiler/rustc_middle/src/mir/interpret/error.rs
View File

@ -218,8 +218,6 @@ pub enum InvalidProgramInfo<'tcx> {
/// Details of why a pointer had to be in-bounds.
#[derive(Debug, Copy, Clone, TyEncodable, TyDecodable, HashStable)]
pub enum CheckInAllocMsg {
/// We are dereferencing a pointer (i.e., creating a place).
DerefTest,
/// We are access memory.
MemoryAccessTest,
/// We are doing pointer arithmetic.

17
src/tools/miri/src/helpers.rs
View File

@ -700,23 +700,6 @@ pub trait EvalContextExt<'mir, 'tcx: 'mir>: crate::MiriInterpCxExt<'mir, 'tcx> {
let mplace = MPlaceTy::from_aligned_ptr(ptr, layout);
this.check_mplace(&mplace)?;
Ok(mplace)
}
/// Deref' a pointer *without* checking that the place is dereferenceable.
fn deref_pointer_unchecked(
&self,
val: &ImmTy<'tcx, Provenance>,
layout: TyAndLayout<'tcx>,
) -> InterpResult<'tcx, MPlaceTy<'tcx, Provenance>> {
let this = self.eval_context_ref();
let mut mplace = this.ref_to_mplace(val)?;
mplace.layout = layout;
mplace.align = layout.align.abi;
Ok(mplace)
}

1
src/tools/miri/src/machine.rs
View File

@ -1285,6 +1285,7 @@ impl<'mir, 'tcx> Machine<'mir, 'tcx> for MiriMachine<'mir, 'tcx> {
// We do need to write `uninit` so that even after the call ends, the former contents of
// this place cannot be observed any more. We do the write after retagging so that for
// Tree Borrows, this is considered to activate the new tag.
// Conveniently this also ensures that the place actually points to suitable memory.
ecx.write_uninit(&protected_place)?;
// Now we throw away the protected place, ensuring its tag is never used again.
Ok(())

5
src/tools/miri/src/shims/unix/linux/sync.rs
View File

@ -85,9 +85,8 @@ pub fn futex<'tcx>(
return Ok(());
}
// `read_timespec` will check the place when it is not null.
let timeout = this.deref_pointer_unchecked(
&this.read_immediate(&args[3])?,
let timeout = this.deref_pointer_as(
&args[3],
this.libc_ty_layout("timespec"),
)?;
let timeout_time = if this.ptr_is_null(timeout.ptr())? {

1
src/tools/miri/tests/compiletest.rs
View File

@ -181,6 +181,7 @@ regexes! {
r"0x[0-9a-fA-F]+[0-9a-fA-F]{2,2}" => "$$HEX",
// erase specific alignments
"alignment [0-9]+" => "alignment ALIGN",
"[0-9]+ byte alignment but found [0-9]+" => "ALIGN byte alignment but found ALIGN",
// erase thread caller ids
r"call [0-9]+" => "call ID",
// erase platform module paths

4
src/tools/miri/tests/fail-dep/shims/mmap_use_after_munmap.stderr
View File

@ -13,11 +13,11 @@ LL | libc::munmap(ptr, 4096);
= note: BACKTRACE:
= note: inside `main` at $DIR/mmap_use_after_munmap.rs:LL:CC
error: Undefined Behavior: dereferencing pointer failed: ALLOC has been freed, so this pointer is dangling
error: Undefined Behavior: memory access failed: ALLOC has been freed, so this pointer is dangling
--> $DIR/mmap_use_after_munmap.rs:LL:CC
|
LL | let _x = *(ptr as *mut u8);
| ^^^^^^^^^^^^^^^^^ dereferencing pointer failed: ALLOC has been freed, so this pointer is dangling
| ^^^^^^^^^^^^^^^^^ memory access failed: ALLOC has been freed, so this pointer is dangling
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information

4
src/tools/miri/tests/fail/alloc/reallocate-change-alloc.stderr
View File

@ -1,8 +1,8 @@
error: Undefined Behavior: dereferencing pointer failed: ALLOC has been freed, so this pointer is dangling
error: Undefined Behavior: memory access failed: ALLOC has been freed, so this pointer is dangling
--> $DIR/reallocate-change-alloc.rs:LL:CC
|
LL | let _z = *x;
| ^^ dereferencing pointer failed: ALLOC has been freed, so this pointer is dangling
| ^^ memory access failed: ALLOC has been freed, so this pointer is dangling
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information

4
src/tools/miri/tests/fail/concurrency/thread_local_static_dealloc.stderr
View File

@ -1,8 +1,8 @@
error: Undefined Behavior: dereferencing pointer failed: ALLOC has been freed, so this pointer is dangling
error: Undefined Behavior: memory access failed: ALLOC has been freed, so this pointer is dangling
--> $DIR/thread_local_static_dealloc.rs:LL:CC
|
LL | let _val = *dangling_ptr.0;
| ^^^^^^^^^^^^^^^ dereferencing pointer failed: ALLOC has been freed, so this pointer is dangling
| ^^^^^^^^^^^^^^^ memory access failed: ALLOC has been freed, so this pointer is dangling
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information

12
src/tools/miri/tests/fail/dangling_pointers/dangling_pointer_addr_of.rs
View File

@ -1,12 +0,0 @@
// Make sure we find these even with many checks disabled.
//@compile-flags: -Zmiri-disable-alignment-check -Zmiri-disable-stacked-borrows -Zmiri-disable-validation
use std::ptr;
fn main() {
let p = {
let b = Box::new(42);
&*b as *const i32
};
let x = unsafe { ptr::addr_of!(*p) }; //~ ERROR: has been freed
panic!("this should never print: {:?}", x);
}

26
src/tools/miri/tests/fail/dangling_pointers/dangling_pointer_addr_of.stderr
View File

@ -1,26 +0,0 @@
error: Undefined Behavior: dereferencing pointer failed: ALLOC has been freed, so this pointer is dangling
--> $DIR/dangling_pointer_addr_of.rs:LL:CC
|
LL | let x = unsafe { ptr::addr_of!(*p) };
| ^^^^^^^^^^^^^^^^^ dereferencing pointer failed: ALLOC has been freed, so this pointer is dangling
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information
help: ALLOC was allocated here:
--> $DIR/dangling_pointer_addr_of.rs:LL:CC
|
LL | let b = Box::new(42);
| ^^^^^^^^^^^^
help: ALLOC was deallocated here:
--> $DIR/dangling_pointer_addr_of.rs:LL:CC
|
LL | };
| ^
= note: BACKTRACE (of the first span):
= note: inside `main` at RUSTLIB/core/src/ptr/mod.rs:LL:CC
= note: this error originates in the macro `ptr::addr_of` (in Nightly builds, run with -Z macro-backtrace for more info)
note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace
error: aborting due to previous error

4
src/tools/miri/tests/fail/dangling_pointers/dangling_pointer_deref.stderr
View File

@ -1,8 +1,8 @@
error: Undefined Behavior: dereferencing pointer failed: ALLOC has been freed, so this pointer is dangling
error: Undefined Behavior: memory access failed: ALLOC has been freed, so this pointer is dangling
--> $DIR/dangling_pointer_deref.rs:LL:CC
|
LL | let x = unsafe { *p };
| ^^ dereferencing pointer failed: ALLOC has been freed, so this pointer is dangling
| ^^ memory access failed: ALLOC has been freed, so this pointer is dangling
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information

5
src/tools/miri/tests/fail/dangling_pointers/dangling_pointer_project_underscore.rs
View File

@ -4,10 +4,9 @@
fn main() {
let p = {
let b = Box::new(42);
&*b as *const i32
&*b as *const i32 as *const (u8, u8, u8, u8)
};
unsafe {
let _ = *p; //~ ERROR: has been freed
let _ = (*p).1; //~ ERROR: out-of-bounds pointer arithmetic
}
panic!("this should never print");
}

6
src/tools/miri/tests/fail/dangling_pointers/dangling_pointer_project_underscore.stderr
View File

@ -1,8 +1,8 @@
error: Undefined Behavior: dereferencing pointer failed: ALLOC has been freed, so this pointer is dangling
error: Undefined Behavior: out-of-bounds pointer arithmetic: ALLOC has been freed, so this pointer is dangling
--> $DIR/dangling_pointer_project_underscore.rs:LL:CC
|
LL | let _ = *p;
| ^^ dereferencing pointer failed: ALLOC has been freed, so this pointer is dangling
LL | let _ = (*p).1;
| ^^^^^^ out-of-bounds pointer arithmetic: ALLOC has been freed, so this pointer is dangling
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information

4
src/tools/miri/tests/fail/dangling_pointers/dangling_primitive.stderr
View File

@ -1,8 +1,8 @@
error: Undefined Behavior: dereferencing pointer failed: ALLOC has been freed, so this pointer is dangling
error: Undefined Behavior: memory access failed: ALLOC has been freed, so this pointer is dangling
--> $DIR/dangling_primitive.rs:LL:CC
|
LL | dbg!(*ptr);
| ^^^^^^^^^^ dereferencing pointer failed: ALLOC has been freed, so this pointer is dangling
| ^^^^^^^^^^ memory access failed: ALLOC has been freed, so this pointer is dangling
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information

4
src/tools/miri/tests/fail/dangling_pointers/dangling_zst_deref.stderr
View File

@ -1,8 +1,8 @@
error: Undefined Behavior: dereferencing pointer failed: ALLOC has been freed, so this pointer is dangling
error: Undefined Behavior: memory access failed: ALLOC has been freed, so this pointer is dangling
--> $DIR/dangling_zst_deref.rs:LL:CC
|
LL | let _x = unsafe { *p };
| ^^ dereferencing pointer failed: ALLOC has been freed, so this pointer is dangling
| ^^ memory access failed: ALLOC has been freed, so this pointer is dangling
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information

4
src/tools/miri/tests/fail/dangling_pointers/deref-invalid-ptr.stderr
View File

@ -1,8 +1,8 @@
error: Undefined Behavior: dereferencing pointer failed: 0x10[noalloc] is a dangling pointer (it has no provenance)
error: Undefined Behavior: out-of-bounds pointer use: 0x10[noalloc] is a dangling pointer (it has no provenance)
--> $DIR/deref-invalid-ptr.rs:LL:CC
|
LL | let _y = unsafe { &*x as *const u32 };
| ^^^ dereferencing pointer failed: 0x10[noalloc] is a dangling pointer (it has no provenance)
| ^^^ out-of-bounds pointer use: 0x10[noalloc] is a dangling pointer (it has no provenance)
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information

8
src/tools/miri/tests/fail/dangling_pointers/deref-partially-dangling.rs
View File

@ -1,8 +0,0 @@
// Deref a raw ptr to access a field of a large struct, where the field
// is allocated but not the entire struct is.
fn main() {
let x = (1, 13);
let xptr = &x as *const _ as *const (i32, i32, i32);
let val = unsafe { (*xptr).1 }; //~ ERROR: pointer to 12 bytes starting at offset 0 is out-of-bounds
assert_eq!(val, 13);
}

20
src/tools/miri/tests/fail/dangling_pointers/deref-partially-dangling.stderr
View File

@ -1,20 +0,0 @@
error: Undefined Behavior: dereferencing pointer failed: ALLOC has size 8, so pointer to 12 bytes starting at offset 0 is out-of-bounds
--> $DIR/deref-partially-dangling.rs:LL:CC
|
LL | let val = unsafe { (*xptr).1 };
| ^^^^^^^^^ dereferencing pointer failed: ALLOC has size 8, so pointer to 12 bytes starting at offset 0 is out-of-bounds
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information
help: ALLOC was allocated here:
--> $DIR/deref-partially-dangling.rs:LL:CC
|
LL | let x = (1, 13);
| ^
= note: BACKTRACE (of the first span):
= note: inside `main` at $DIR/deref-partially-dangling.rs:LL:CC
note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace
error: aborting due to previous error

16
src/tools/miri/tests/fail/dangling_pointers/deref_dangling_box.rs Normal file
View File

@ -0,0 +1,16 @@
// Should be caught even without retagging
//@compile-flags: -Zmiri-disable-stacked-borrows
#![feature(strict_provenance)]
use std::ptr::{addr_of_mut, self};
// Deref'ing a dangling raw pointer is fine, but for a dangling box it is not.
// We do this behind a pointer indirection to potentially fool validity checking.
// (This test relies on the `deref_copy` pass that lowers `**ptr` to materialize the intermediate pointer.)
fn main() {
let mut inner = ptr::invalid::<i32>(24);
let outer = addr_of_mut!(inner).cast::<Box<i32>>();
// Now `outer` is a pointer to a dangling reference.
// Deref'ing that should be UB.
let _val = unsafe { addr_of_mut!(**outer) }; //~ERROR: dangling box
}

16
src/tools/miri/tests/fail/dangling_pointers/deref_dangling_box.stderr Normal file
View File

@ -0,0 +1,16 @@
error: Undefined Behavior: constructing invalid value: encountered a dangling box (0x18[noalloc] has no provenance)
--> $DIR/deref_dangling_box.rs:LL:CC
|
LL | let _val = unsafe { addr_of_mut!(**outer) };
| ^^^^^^^^^^^^^^^^^^^^^ constructing invalid value: encountered a dangling box (0x18[noalloc] has no provenance)
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information
= note: BACKTRACE:
= note: inside `main` at RUSTLIB/core/src/ptr/mod.rs:LL:CC
= note: this error originates in the macro `addr_of_mut` (in Nightly builds, run with -Z macro-backtrace for more info)
note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace
error: aborting due to previous error

16
src/tools/miri/tests/fail/dangling_pointers/deref_dangling_ref.rs Normal file
View File

@ -0,0 +1,16 @@
// Should be caught even without retagging
//@compile-flags: -Zmiri-disable-stacked-borrows
#![feature(strict_provenance)]
use std::ptr::{addr_of_mut, self};
// Deref'ing a dangling raw pointer is fine, but for a dangling reference it is not.
// We do this behind a pointer indirection to potentially fool validity checking.
// (This test relies on the `deref_copy` pass that lowers `**ptr` to materialize the intermediate pointer.)
fn main() {
let mut inner = ptr::invalid::<i32>(24);
let outer = addr_of_mut!(inner).cast::<&'static mut i32>();
// Now `outer` is a pointer to a dangling reference.
// Deref'ing that should be UB.
let _val = unsafe { addr_of_mut!(**outer) }; //~ERROR: dangling reference
}

16
src/tools/miri/tests/fail/dangling_pointers/deref_dangling_ref.stderr Normal file
View File

@ -0,0 +1,16 @@
error: Undefined Behavior: constructing invalid value: encountered a dangling reference (0x18[noalloc] has no provenance)
--> $DIR/deref_dangling_ref.rs:LL:CC
|
LL | let _val = unsafe { addr_of_mut!(**outer) };
| ^^^^^^^^^^^^^^^^^^^^^ constructing invalid value: encountered a dangling reference (0x18[noalloc] has no provenance)
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information
= note: BACKTRACE:
= note: inside `main` at RUSTLIB/core/src/ptr/mod.rs:LL:CC
= note: this error originates in the macro `addr_of_mut` (in Nightly builds, run with -Z macro-backtrace for more info)
note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace
error: aborting due to previous error

8
src/tools/miri/tests/fail/dangling_pointers/dyn_size.rs
View File

@ -1,13 +1,13 @@
// should find the bug even without these
//@compile-flags: -Zmiri-disable-validation -Zmiri-disable-stacked-borrows
// should find the bug even without retagging
//@compile-flags: -Zmiri-disable-stacked-borrows
struct SliceWithHead(u8, [u8]);
fn main() {
let buf = [0u32; 1];
// We craft a wide pointer `*const SliceWithHead` such that the unsized tail is only partially allocated.
// That should be UB, as the reference is not fully dereferencable.
// That should lead to UB, as the reference is not fully dereferenceable.
let ptr: *const SliceWithHead = unsafe { std::mem::transmute((&buf, 4usize)) };
// Re-borrow that. This should be UB.
let _ptr = unsafe { &*ptr }; //~ ERROR: pointer to 5 bytes starting at offset 0 is out-of-bounds
let _ptr = unsafe { &*ptr }; //~ ERROR: encountered a dangling reference (going beyond the bounds of its allocation)
}

11
src/tools/miri/tests/fail/dangling_pointers/dyn_size.stderr
View File

@ -1,17 +1,12 @@
error: Undefined Behavior: dereferencing pointer failed: ALLOC has size 4, so pointer to 5 bytes starting at offset 0 is out-of-bounds
error: Undefined Behavior: constructing invalid value: encountered a dangling reference (going beyond the bounds of its allocation)
--> $DIR/dyn_size.rs:LL:CC
|
LL | let _ptr = unsafe { &*ptr };
| ^^^^^ dereferencing pointer failed: ALLOC has size 4, so pointer to 5 bytes starting at offset 0 is out-of-bounds
| ^^^^^ constructing invalid value: encountered a dangling reference (going beyond the bounds of its allocation)
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information
help: ALLOC was allocated here:
--> $DIR/dyn_size.rs:LL:CC
|
LL | let buf = [0u32; 1];
| ^^^
= note: BACKTRACE (of the first span):
= note: BACKTRACE:
= note: inside `main` at $DIR/dyn_size.rs:LL:CC
note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace

4
src/tools/miri/tests/fail/dangling_pointers/maybe_null_pointer_deref_zst.stderr
View File

@ -1,8 +1,8 @@
error: Undefined Behavior: dereferencing pointer failed: ALLOC has size 1, so pointer at offset -2048 is out-of-bounds
error: Undefined Behavior: memory access failed: ALLOC has size 1, so pointer at offset -2048 is out-of-bounds
--> $DIR/maybe_null_pointer_deref_zst.rs:LL:CC
|
LL | let _x: () = unsafe { *ptr };
| ^^^^ dereferencing pointer failed: ALLOC has size 1, so pointer at offset -2048 is out-of-bounds
| ^^^^ memory access failed: ALLOC has size 1, so pointer at offset -2048 is out-of-bounds
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information

4
src/tools/miri/tests/fail/dangling_pointers/maybe_null_pointer_write_zst.stderr
View File

@ -1,8 +1,8 @@
error: Undefined Behavior: dereferencing pointer failed: ALLOC has size 1, so pointer at offset -2048 is out-of-bounds
error: Undefined Behavior: memory access failed: ALLOC has size 1, so pointer at offset -2048 is out-of-bounds
--> $DIR/maybe_null_pointer_write_zst.rs:LL:CC
|
LL | unsafe { *ptr = zst_val };
| ^^^^^^^^^^^^^^ dereferencing pointer failed: ALLOC has size 1, so pointer at offset -2048 is out-of-bounds
| ^^^^^^^^^^^^^^ memory access failed: ALLOC has size 1, so pointer at offset -2048 is out-of-bounds
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information

4
src/tools/miri/tests/fail/dangling_pointers/null_pointer_deref.stderr
View File

@ -1,8 +1,8 @@
error: Undefined Behavior: dereferencing pointer failed: null pointer is a dangling pointer (it has no provenance)
error: Undefined Behavior: memory access failed: null pointer is a dangling pointer (it has no provenance)
--> $DIR/null_pointer_deref.rs:LL:CC
|
LL | let x: i32 = unsafe { *std::ptr::null() };
| ^^^^^^^^^^^^^^^^^ dereferencing pointer failed: null pointer is a dangling pointer (it has no provenance)
| ^^^^^^^^^^^^^^^^^ memory access failed: null pointer is a dangling pointer (it has no provenance)
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information

2
src/tools/miri/tests/fail/dangling_pointers/null_pointer_deref_zst.rs
View File

@ -1,5 +1,5 @@
#[allow(deref_nullptr)]
fn main() {
let x: () = unsafe { *std::ptr::null() }; //~ ERROR: dereferencing pointer failed: null pointer is a dangling pointer
let x: () = unsafe { *std::ptr::null() }; //~ ERROR: memory access failed: null pointer is a dangling pointer
panic!("this should never print: {:?}", x);
}

4
src/tools/miri/tests/fail/dangling_pointers/null_pointer_deref_zst.stderr
View File

@ -1,8 +1,8 @@
error: Undefined Behavior: dereferencing pointer failed: null pointer is a dangling pointer (it has no provenance)
error: Undefined Behavior: memory access failed: null pointer is a dangling pointer (it has no provenance)
--> $DIR/null_pointer_deref_zst.rs:LL:CC
|
LL | let x: () = unsafe { *std::ptr::null() };
| ^^^^^^^^^^^^^^^^^ dereferencing pointer failed: null pointer is a dangling pointer (it has no provenance)
| ^^^^^^^^^^^^^^^^^ memory access failed: null pointer is a dangling pointer (it has no provenance)
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information

4
src/tools/miri/tests/fail/dangling_pointers/null_pointer_write.stderr
View File

@ -1,8 +1,8 @@
error: Undefined Behavior: dereferencing pointer failed: null pointer is a dangling pointer (it has no provenance)
error: Undefined Behavior: memory access failed: null pointer is a dangling pointer (it has no provenance)
--> $DIR/null_pointer_write.rs:LL:CC
|
LL | unsafe { *std::ptr::null_mut() = 0i32 };
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ dereferencing pointer failed: null pointer is a dangling pointer (it has no provenance)
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ memory access failed: null pointer is a dangling pointer (it has no provenance)
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information

2
src/tools/miri/tests/fail/dangling_pointers/null_pointer_write_zst.rs
View File

@ -4,5 +4,5 @@ fn main() {
// Also not assigning directly as that's array initialization, not assignment.
let zst_val = [1u8; 0];
unsafe { std::ptr::null_mut::<[u8; 0]>().write(zst_val) };
//~^ERROR: dereferencing pointer failed: null pointer is a dangling pointer
//~^ERROR: memory access failed: null pointer is a dangling pointer
}

4
src/tools/miri/tests/fail/dangling_pointers/null_pointer_write_zst.stderr
View File

@ -1,8 +1,8 @@
error: Undefined Behavior: dereferencing pointer failed: null pointer is a dangling pointer (it has no provenance)
error: Undefined Behavior: memory access failed: null pointer is a dangling pointer (it has no provenance)
--> $DIR/null_pointer_write_zst.rs:LL:CC
|
LL | unsafe { std::ptr::null_mut::<[u8; 0]>().write(zst_val) };
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ dereferencing pointer failed: null pointer is a dangling pointer (it has no provenance)
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ memory access failed: null pointer is a dangling pointer (it has no provenance)
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information

12
src/tools/miri/tests/fail/dangling_pointers/out_of_bounds_project.rs Normal file
View File

@ -0,0 +1,12 @@
// Make sure we find these even with many checks disabled.
//@compile-flags: -Zmiri-disable-alignment-check -Zmiri-disable-stacked-borrows -Zmiri-disable-validation
use std::ptr::addr_of;
fn main() {
let v = 0u32;
let ptr = addr_of!(v).cast::<(u32, u32, u32)>();
unsafe {
let _field = addr_of!((*ptr).1); // still just in-bounds
let _field = addr_of!((*ptr).2); //~ ERROR: out-of-bounds pointer arithmetic
}
}

21
src/tools/miri/tests/fail/dangling_pointers/out_of_bounds_project.stderr Normal file
View File

@ -0,0 +1,21 @@
error: Undefined Behavior: out-of-bounds pointer arithmetic: ALLOC has size 4, so pointer to 8 bytes starting at offset 0 is out-of-bounds
--> $DIR/out_of_bounds_project.rs:LL:CC
|
LL | let _field = addr_of!((*ptr).2);
| ^^^^^^^^^^^^^^^^^^ out-of-bounds pointer arithmetic: ALLOC has size 4, so pointer to 8 bytes starting at offset 0 is out-of-bounds
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information
help: ALLOC was allocated here:
--> $DIR/out_of_bounds_project.rs:LL:CC
|
LL | let v = 0u32;
| ^
= note: BACKTRACE (of the first span):
= note: inside `main` at RUSTLIB/core/src/ptr/mod.rs:LL:CC
= note: this error originates in the macro `addr_of` (in Nightly builds, run with -Z macro-backtrace for more info)
note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace
error: aborting due to previous error

4
src/tools/miri/tests/fail/dangling_pointers/out_of_bounds_read1.stderr
View File

@ -1,8 +1,8 @@
error: Undefined Behavior: dereferencing pointer failed: ALLOC has size 2, so pointer to 1 byte starting at offset 5 is out-of-bounds
error: Undefined Behavior: memory access failed: ALLOC has size 2, so pointer to 1 byte starting at offset 5 is out-of-bounds
--> $DIR/out_of_bounds_read1.rs:LL:CC
|
LL | let x = unsafe { *v.as_ptr().wrapping_offset(5) };
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ dereferencing pointer failed: ALLOC has size 2, so pointer to 1 byte starting at offset 5 is out-of-bounds
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ memory access failed: ALLOC has size 2, so pointer to 1 byte starting at offset 5 is out-of-bounds
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information

4
src/tools/miri/tests/fail/dangling_pointers/out_of_bounds_read2.stderr
View File

@ -1,8 +1,8 @@
error: Undefined Behavior: dereferencing pointer failed: ALLOC has size 2, so pointer to 1 byte starting at offset 5 is out-of-bounds
error: Undefined Behavior: memory access failed: ALLOC has size 2, so pointer to 1 byte starting at offset 5 is out-of-bounds
--> $DIR/out_of_bounds_read2.rs:LL:CC
|
LL | let x = unsafe { *v.as_ptr().wrapping_offset(5) };
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ dereferencing pointer failed: ALLOC has size 2, so pointer to 1 byte starting at offset 5 is out-of-bounds
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ memory access failed: ALLOC has size 2, so pointer to 1 byte starting at offset 5 is out-of-bounds
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information

4
src/tools/miri/tests/fail/dangling_pointers/stack_temporary.stderr
View File

@ -1,8 +1,8 @@
error: Undefined Behavior: dereferencing pointer failed: ALLOC has been freed, so this pointer is dangling
error: Undefined Behavior: memory access failed: ALLOC has been freed, so this pointer is dangling
--> $DIR/stack_temporary.rs:LL:CC
|
LL | let val = *x;
| ^^ dereferencing pointer failed: ALLOC has been freed, so this pointer is dangling
| ^^ memory access failed: ALLOC has been freed, so this pointer is dangling
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information

4
src/tools/miri/tests/fail/dangling_pointers/storage_dead_dangling.stderr
View File

@ -1,8 +1,8 @@
error: Undefined Behavior: dereferencing pointer failed: $HEX[noalloc] is a dangling pointer (it has no provenance)
error: Undefined Behavior: out-of-bounds pointer use: $HEX[noalloc] is a dangling pointer (it has no provenance)
--> $DIR/storage_dead_dangling.rs:LL:CC
|
LL | let _ = unsafe { &mut *(LEAK as *mut i32) };
| ^^^^^^^^^^^^^^^^^^^^^^^^ dereferencing pointer failed: $HEX[noalloc] is a dangling pointer (it has no provenance)
| ^^^^^^^^^^^^^^^^^^^^^^^^ out-of-bounds pointer use: $HEX[noalloc] is a dangling pointer (it has no provenance)
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information

4
src/tools/miri/tests/fail/dangling_pointers/wild_pointer_deref.stderr
View File

@ -1,8 +1,8 @@
error: Undefined Behavior: dereferencing pointer failed: 0x2c[noalloc] is a dangling pointer (it has no provenance)
error: Undefined Behavior: memory access failed: 0x2c[noalloc] is a dangling pointer (it has no provenance)
--> $DIR/wild_pointer_deref.rs:LL:CC
|
LL | let x = unsafe { *p };
| ^^ dereferencing pointer failed: 0x2c[noalloc] is a dangling pointer (it has no provenance)
| ^^ memory access failed: 0x2c[noalloc] is a dangling pointer (it has no provenance)
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information

4
src/tools/miri/tests/fail/data_race/dealloc_read_race2.stderr
View File

@ -1,8 +1,8 @@
error: Undefined Behavior: dereferencing pointer failed: ALLOC has been freed, so this pointer is dangling
error: Undefined Behavior: memory access failed: ALLOC has been freed, so this pointer is dangling
--> $DIR/dealloc_read_race2.rs:LL:CC
|
LL | *ptr.0
| ^^^^^^ dereferencing pointer failed: ALLOC has been freed, so this pointer is dangling
| ^^^^^^ memory access failed: ALLOC has been freed, so this pointer is dangling
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information

4
src/tools/miri/tests/fail/data_race/dealloc_write_race2.stderr
View File

@ -1,8 +1,8 @@
error: Undefined Behavior: dereferencing pointer failed: ALLOC has been freed, so this pointer is dangling
error: Undefined Behavior: memory access failed: ALLOC has been freed, so this pointer is dangling
--> $DIR/dealloc_write_race2.rs:LL:CC
|
LL | *ptr.0 = 2;
| ^^^^^^^^^^ dereferencing pointer failed: ALLOC has been freed, so this pointer is dangling
| ^^^^^^^^^^ memory access failed: ALLOC has been freed, so this pointer is dangling
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information

4
src/tools/miri/tests/fail/environ-gets-deallocated.stderr
View File

@ -1,8 +1,8 @@
error: Undefined Behavior: dereferencing pointer failed: ALLOC has been freed, so this pointer is dangling
error: Undefined Behavior: memory access failed: ALLOC has been freed, so this pointer is dangling
--> $DIR/environ-gets-deallocated.rs:LL:CC
|
LL | let _y = unsafe { *pointer };
| ^^^^^^^^ dereferencing pointer failed: ALLOC has been freed, so this pointer is dangling
| ^^^^^^^^ memory access failed: ALLOC has been freed, so this pointer is dangling
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information

2
src/tools/miri/tests/fail/function_pointers/deref_fn_ptr.rs
View File

@ -2,7 +2,7 @@ fn f() {}
fn main() {
let x: u8 = unsafe {
*std::mem::transmute::<fn(), *const u8>(f) //~ ERROR: out-of-bounds
*std::mem::transmute::<fn(), *const u8>(f) //~ ERROR: contains a function
};
panic!("this should never print: {}", x);
}

4
src/tools/miri/tests/fail/function_pointers/deref_fn_ptr.stderr
View File

@ -1,8 +1,8 @@
error: Undefined Behavior: dereferencing pointer failed: ALLOC has size 0, so pointer to 1 byte starting at offset 0 is out-of-bounds
error: Undefined Behavior: accessing ALLOC which contains a function
--> $DIR/deref_fn_ptr.rs:LL:CC
|
LL | *std::mem::transmute::<fn(), *const u8>(f)
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ dereferencing pointer failed: ALLOC has size 0, so pointer to 1 byte starting at offset 0 is out-of-bounds
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ accessing ALLOC which contains a function
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information

4
src/tools/miri/tests/fail/generator-pinned-moved.stderr
View File

@ -1,8 +1,8 @@
error: Undefined Behavior: dereferencing pointer failed: ALLOC has been freed, so this pointer is dangling
error: Undefined Behavior: memory access failed: ALLOC has been freed, so this pointer is dangling
--> $DIR/generator-pinned-moved.rs:LL:CC
|
LL | *num += 1;
| ^^^^^^^^^ dereferencing pointer failed: ALLOC has been freed, so this pointer is dangling
| ^^^^^^^^^ memory access failed: ALLOC has been freed, so this pointer is dangling
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information

4
src/tools/miri/tests/fail/intrinsics/simd-gather.stderr
View File

@ -1,8 +1,8 @@
error: Undefined Behavior: dereferencing pointer failed: ALLOC has size 9, so pointer to 1 byte starting at offset 9 is out-of-bounds
error: Undefined Behavior: memory access failed: ALLOC has size 9, so pointer to 1 byte starting at offset 9 is out-of-bounds
--> $DIR/simd-gather.rs:LL:CC
|
LL | let _result = Simd::gather_select_unchecked(&vec, Mask::splat(true), idxs, Simd::splat(0));
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ dereferencing pointer failed: ALLOC has size 9, so pointer to 1 byte starting at offset 9 is out-of-bounds
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ memory access failed: ALLOC has size 9, so pointer to 1 byte starting at offset 9 is out-of-bounds
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information

4
src/tools/miri/tests/fail/intrinsics/simd-scatter.stderr
View File

@ -1,4 +1,4 @@
error: Undefined Behavior: dereferencing pointer failed: ALLOC has size 9, so pointer to 1 byte starting at offset 9 is out-of-bounds
error: Undefined Behavior: memory access failed: ALLOC has size 9, so pointer to 1 byte starting at offset 9 is out-of-bounds
--> $DIR/simd-scatter.rs:LL:CC
|
LL | / Simd::from_array([-27, 82, -41, 124]).scatter_select_unchecked(
@ -7,7 +7,7 @@ LL | | &mut vec,
LL | | Mask::splat(true),
LL | | idxs,
LL | | );
| |_________^ dereferencing pointer failed: ALLOC has size 9, so pointer to 1 byte starting at offset 9 is out-of-bounds
| |_________^ memory access failed: ALLOC has size 9, so pointer to 1 byte starting at offset 9 is out-of-bounds
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information

4
src/tools/miri/tests/fail/provenance/pointer_partial_overwrite.stderr
View File

@ -1,8 +1,8 @@
error: Undefined Behavior: dereferencing pointer failed: $HEX[noalloc] is a dangling pointer (it has no provenance)
error: Undefined Behavior: memory access failed: $HEX[noalloc] is a dangling pointer (it has no provenance)
--> $DIR/pointer_partial_overwrite.rs:LL:CC
|
LL | let x = *p;
| ^^ dereferencing pointer failed: $HEX[noalloc] is a dangling pointer (it has no provenance)
| ^^ memory access failed: $HEX[noalloc] is a dangling pointer (it has no provenance)
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information

2
src/tools/miri/tests/fail/provenance/provenance_transmute.rs
View File

@ -13,7 +13,7 @@ unsafe fn deref(left: *const u8, right: *const u8) {
// The compiler is allowed to replace `left_int` by `right_int` here...
let left_ptr: *const u8 = mem::transmute(left_int);
// ...which however means here it could be dereferencing the wrong pointer.
let _val = *left_ptr; //~ERROR: dereferencing pointer failed
let _val = *left_ptr; //~ERROR: dangling pointer
}
}

4
src/tools/miri/tests/fail/provenance/provenance_transmute.stderr
View File

@ -1,8 +1,8 @@
error: Undefined Behavior: dereferencing pointer failed: $HEX[noalloc] is a dangling pointer (it has no provenance)
error: Undefined Behavior: memory access failed: $HEX[noalloc] is a dangling pointer (it has no provenance)
--> $DIR/provenance_transmute.rs:LL:CC
|
LL | let _val = *left_ptr;
| ^^^^^^^^^ dereferencing pointer failed: $HEX[noalloc] is a dangling pointer (it has no provenance)
| ^^^^^^^^^ memory access failed: $HEX[noalloc] is a dangling pointer (it has no provenance)
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information

4
src/tools/miri/tests/fail/provenance/ptr_int_unexposed.stderr
View File

@ -1,8 +1,8 @@
error: Undefined Behavior: dereferencing pointer failed: $HEX[noalloc] is a dangling pointer (it has no provenance)
error: Undefined Behavior: memory access failed: $HEX[noalloc] is a dangling pointer (it has no provenance)
--> $DIR/ptr_int_unexposed.rs:LL:CC
|
LL | assert_eq!(unsafe { *ptr }, 3);
| ^^^^ dereferencing pointer failed: $HEX[noalloc] is a dangling pointer (it has no provenance)
| ^^^^ memory access failed: $HEX[noalloc] is a dangling pointer (it has no provenance)
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information

4
src/tools/miri/tests/fail/provenance/ptr_invalid.stderr
View File

@ -1,8 +1,8 @@
error: Undefined Behavior: dereferencing pointer failed: $HEX[noalloc] is a dangling pointer (it has no provenance)
error: Undefined Behavior: memory access failed: $HEX[noalloc] is a dangling pointer (it has no provenance)
--> $DIR/ptr_invalid.rs:LL:CC
|
LL | let _val = unsafe { *xptr_invalid };
| ^^^^^^^^^^^^^ dereferencing pointer failed: $HEX[noalloc] is a dangling pointer (it has no provenance)
| ^^^^^^^^^^^^^ memory access failed: $HEX[noalloc] is a dangling pointer (it has no provenance)
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information

4
src/tools/miri/tests/fail/rc_as_ptr.stderr
View File

@ -1,8 +1,8 @@
error: Undefined Behavior: dereferencing pointer failed: ALLOC has been freed, so this pointer is dangling
error: Undefined Behavior: out-of-bounds pointer use: ALLOC has been freed, so this pointer is dangling
--> $DIR/rc_as_ptr.rs:LL:CC
|
LL | assert_eq!(42, **unsafe { &*Weak::as_ptr(&weak) });
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ dereferencing pointer failed: ALLOC has been freed, so this pointer is dangling
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ out-of-bounds pointer use: ALLOC has been freed, so this pointer is dangling
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information

4
src/tools/miri/tests/fail/reading_half_a_pointer.stderr
View File

@ -1,8 +1,8 @@
error: Undefined Behavior: dereferencing pointer failed: $HEX[noalloc] is a dangling pointer (it has no provenance)
error: Undefined Behavior: memory access failed: $HEX[noalloc] is a dangling pointer (it has no provenance)
--> $DIR/reading_half_a_pointer.rs:LL:CC
|
LL | let _val = *x;
| ^^ dereferencing pointer failed: $HEX[noalloc] is a dangling pointer (it has no provenance)
| ^^ memory access failed: $HEX[noalloc] is a dangling pointer (it has no provenance)
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information

2
src/tools/miri/tests/fail/unaligned_pointers/drop_in_place.rs
View File

@ -13,7 +13,7 @@ struct PartialDrop {
b: u8,
}
//@error-in-other-file: /alignment 2 is required/
//@error-in-other-file: /required 2 byte alignment/
fn main() {
unsafe {
// Create an unaligned pointer

4
src/tools/miri/tests/fail/unaligned_pointers/drop_in_place.stderr
View File

@ -1,8 +1,8 @@
error: Undefined Behavior: accessing memory with alignment ALIGN, but alignment ALIGN is required
error: Undefined Behavior: constructing invalid value: encountered an unaligned reference (required ALIGN byte alignment but found ALIGN)
--> RUSTLIB/core/src/ptr/mod.rs:LL:CC
|
LL | pub unsafe fn drop_in_place<T: ?Sized>(to_drop: *mut T) {
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ accessing memory with alignment ALIGN, but alignment ALIGN is required
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ constructing invalid value: encountered an unaligned reference (required ALIGN byte alignment but found ALIGN)
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information

4
src/tools/miri/tests/fail/unaligned_pointers/dyn_alignment.stderr
View File

@ -1,8 +1,8 @@
error: Undefined Behavior: constructing invalid value: encountered an unaligned reference (required 256 byte alignment but found $ALIGN)
error: Undefined Behavior: constructing invalid value: encountered an unaligned reference (required ALIGN byte alignment but found ALIGN)
--> $DIR/dyn_alignment.rs:LL:CC
|
LL | let _ptr = &*ptr;
| ^^^^^ constructing invalid value: encountered an unaligned reference (required 256 byte alignment but found $ALIGN)
| ^^^^^ constructing invalid value: encountered an unaligned reference (required ALIGN byte alignment but found ALIGN)
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information

9
src/tools/miri/tests/fail/unaligned_pointers/reference_to_packed.rs
View File

@ -1,5 +1,5 @@
// This should fail even without validation/SB
//@compile-flags: -Zmiri-disable-validation -Zmiri-disable-stacked-borrows -Cdebug-assertions=no
// This should fail even without SB
//@compile-flags: -Zmiri-disable-stacked-borrows -Cdebug-assertions=no
#![allow(dead_code, unused_variables)]
@ -12,15 +12,14 @@ struct Foo {
}
unsafe fn raw_to_ref<'a, T>(x: *const T) -> &'a T {
mem::transmute(x)
mem::transmute(x) //~ERROR: required 4 byte alignment
}
fn main() {
// Try many times as this might work by chance.
for _ in 0..20 {
let foo = Foo { x: 42, y: 99 };
// There seem to be implicit reborrows, which make the error already appear here
let p: &i32 = unsafe { raw_to_ref(ptr::addr_of!(foo.x)) }; //~ERROR: alignment 4 is required
let p: &i32 = unsafe { raw_to_ref(ptr::addr_of!(foo.x)) };
let i = *p;
}
}

13
src/tools/miri/tests/fail/unaligned_pointers/reference_to_packed.stderr
View File

@ -1,13 +1,18 @@
error: Undefined Behavior: accessing memory with alignment ALIGN, but alignment ALIGN is required
error: Undefined Behavior: constructing invalid value: encountered an unaligned reference (required ALIGN byte alignment but found ALIGN)
--> $DIR/reference_to_packed.rs:LL:CC
|
LL | let p: &i32 = unsafe { raw_to_ref(ptr::addr_of!(foo.x)) };
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ accessing memory with alignment ALIGN, but alignment ALIGN is required
LL | mem::transmute(x)
| ^^^^^^^^^^^^^^^^^ constructing invalid value: encountered an unaligned reference (required ALIGN byte alignment but found ALIGN)
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information
= note: BACKTRACE:
= note: inside `main` at $DIR/reference_to_packed.rs:LL:CC
= note: inside `raw_to_ref::<'_, i32>` at $DIR/reference_to_packed.rs:LL:CC
note: inside `main`
--> $DIR/reference_to_packed.rs:LL:CC
|
LL | let p: &i32 = unsafe { raw_to_ref(ptr::addr_of!(foo.x)) };
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace

14
src/tools/miri/tests/fail/unaligned_pointers/unaligned_ptr_addr_of.rs
View File

@ -1,14 +0,0 @@
// This should fail even without validation or Stacked Borrows.
//@compile-flags: -Zmiri-disable-validation -Zmiri-disable-stacked-borrows -Cdebug-assertions=no
use std::ptr;
fn main() {
// Try many times as this might work by chance.
for _ in 0..20 {
let x = [2u16, 3, 4]; // Make it big enough so we don't get an out-of-bounds error.
let x = &x[0] as *const _ as *const u32;
// This must fail because alignment is violated: the allocation's base is not sufficiently aligned.
// The deref is UB even if we just put the result into a raw pointer.
let _x = unsafe { ptr::addr_of!(*x) }; //~ ERROR: memory with alignment 2, but alignment 4 is required
}
}

16
src/tools/miri/tests/fail/unaligned_pointers/unaligned_ptr_addr_of.stderr
View File

@ -1,16 +0,0 @@
error: Undefined Behavior: accessing memory with alignment ALIGN, but alignment ALIGN is required
--> $DIR/unaligned_ptr_addr_of.rs:LL:CC
|
LL | let _x = unsafe { ptr::addr_of!(*x) };
| ^^^^^^^^^^^^^^^^^ accessing memory with alignment ALIGN, but alignment ALIGN is required
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information
= note: BACKTRACE:
= note: inside `main` at RUSTLIB/core/src/ptr/mod.rs:LL:CC
= note: this error originates in the macro `ptr::addr_of` (in Nightly builds, run with -Z macro-backtrace for more info)
note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace
error: aborting due to previous error

12
src/tools/miri/tests/fail/unaligned_pointers/unaligned_ref_addr_of.rs Normal file
View File

@ -0,0 +1,12 @@
// This should fail even without Stacked Borrows.
//@compile-flags: -Zmiri-disable-stacked-borrows -Cdebug-assertions=no
fn main() {
// Try many times as this might work by chance.
for _ in 0..20 {
let x = [2u16, 3, 4]; // Make it big enough so we don't get an out-of-bounds error.
let x = &x[0] as *const _ as *const u32;
// This must fail because alignment is violated: the allocation's base is not sufficiently aligned.
let _x = unsafe { &*x }; //~ ERROR: required 4 byte alignment
}
}

15
src/tools/miri/tests/fail/unaligned_pointers/unaligned_ref_addr_of.stderr Normal file
View File

@ -0,0 +1,15 @@
error: Undefined Behavior: constructing invalid value: encountered an unaligned reference (required ALIGN byte alignment but found ALIGN)
--> $DIR/unaligned_ref_addr_of.rs:LL:CC
|
LL | let _x = unsafe { &*x };
| ^^^ constructing invalid value: encountered an unaligned reference (required ALIGN byte alignment but found ALIGN)
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information
= note: BACKTRACE:
= note: inside `main` at $DIR/unaligned_ref_addr_of.rs:LL:CC
note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace
error: aborting due to previous error

4
src/tools/miri/tests/fail/zst1.stderr
View File

@ -1,8 +1,8 @@
error: Undefined Behavior: dereferencing pointer failed: ALLOC has size 0, so pointer to 1 byte starting at offset 0 is out-of-bounds
error: Undefined Behavior: memory access failed: ALLOC has size 0, so pointer to 1 byte starting at offset 0 is out-of-bounds
--> $DIR/zst1.rs:LL:CC
|
LL | let _val = unsafe { *x };
| ^^ dereferencing pointer failed: ALLOC has size 0, so pointer to 1 byte starting at offset 0 is out-of-bounds
| ^^ memory access failed: ALLOC has size 0, so pointer to 1 byte starting at offset 0 is out-of-bounds
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information

4
src/tools/miri/tests/fail/zst2.stderr
View File

@ -1,8 +1,8 @@
error: Undefined Behavior: dereferencing pointer failed: ALLOC has been freed, so this pointer is dangling
error: Undefined Behavior: memory access failed: ALLOC has been freed, so this pointer is dangling
--> $DIR/zst2.rs:LL:CC
|
LL | unsafe { *x = zst_val };
| ^^^^^^^^^^^^ dereferencing pointer failed: ALLOC has been freed, so this pointer is dangling
| ^^^^^^^^^^^^ memory access failed: ALLOC has been freed, so this pointer is dangling
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information

4
src/tools/miri/tests/fail/zst3.stderr
View File

@ -1,8 +1,8 @@
error: Undefined Behavior: dereferencing pointer failed: ALLOC has size 1, so pointer at offset 2 is out-of-bounds
error: Undefined Behavior: memory access failed: ALLOC has size 1, so pointer at offset 2 is out-of-bounds
--> $DIR/zst3.rs:LL:CC
|
LL | unsafe { *(x as *mut [u8; 0]) = zst_val };
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ dereferencing pointer failed: ALLOC has size 1, so pointer at offset 2 is out-of-bounds
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ memory access failed: ALLOC has size 1, so pointer at offset 2 is out-of-bounds
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information

34
src/tools/miri/tests/pass/ptr_raw.rs
View File

@ -1,3 +1,7 @@
#![feature(strict_provenance)]
use std::ptr::{self, addr_of};
use std::mem;
fn basic_raw() {
let mut x = 12;
let x = &mut x;
@ -28,7 +32,37 @@ fn assign_overlapping() {
unsafe { *ptr = *ptr };
}
fn deref_invalid() {
unsafe {
// `addr_of!(*ptr)` is never UB.
let _val = addr_of!(*ptr::invalid::<i32>(0));
let _val = addr_of!(*ptr::invalid::<i32>(1)); // not aligned
// Similarly, just mentioning the place is fine.
let _ = *ptr::invalid::<i32>(0);
let _ = *ptr::invalid::<i32>(1);
}
}
fn deref_partially_dangling() {
let x = (1, 13);
let xptr = &x as *const _ as *const (i32, i32, i32);
let val = unsafe { (*xptr).1 };
assert_eq!(val, 13);
}
fn deref_too_big_slice() {
unsafe {
let slice: *const [u8] = mem::transmute((1usize, usize::MAX));
// `&*slice` would complain that the slice is too big, but in a raw pointer this is fine.
let _val = addr_of!(*slice);
}
}
fn main() {
basic_raw();
assign_overlapping();
deref_invalid();
deref_partially_dangling();
deref_too_big_slice();
}

8
tests/ui/const-ptr/forbidden_slices.rs
View File

@ -2,7 +2,6 @@
// normalize-stderr-test "(the raw bytes of the constant) \(size: [0-9]*, align: [0-9]*\)" -> "$1 (size: $$SIZE, align: $$ALIGN)"
// normalize-stderr-test "([0-9a-f][0-9a-f] |╾─*a(lloc)?[0-9]+(\+[a-z0-9]+)?─*╼ )+ *│.*" -> "HEX_DUMP"
// normalize-stderr-test "alloc\d+" -> "allocN"
// error-pattern: could not evaluate static initializer
#![feature(
slice_from_ptr_range,
const_slice_from_ptr_range,
@ -17,10 +16,13 @@ use std::{
// Null is never valid for reads
pub static S0: &[u32] = unsafe { from_raw_parts(ptr::null(), 0) };
//~^ ERROR: it is undefined behavior to use this value
pub static S1: &[()] = unsafe { from_raw_parts(ptr::null(), 0) };
//~^ ERROR: it is undefined behavior to use this value
// Out of bounds
pub static S2: &[u32] = unsafe { from_raw_parts(&D0, 2) };
//~^ ERROR: it is undefined behavior to use this value
// Reading uninitialized data
pub static S4: &[u8] = unsafe { from_raw_parts((&D1) as *const _ as _, 1) }; //~ ERROR: it is undefined behavior to use this value
@ -39,6 +41,7 @@ pub static S7: &[u16] = unsafe {
// Unaligned read
pub static S8: &[u64] = unsafe {
//~^ ERROR: it is undefined behavior to use this value
let ptr = (&D4 as *const [u32; 2] as *const u32).byte_add(1).cast::<u64>();
from_raw_parts(ptr, 1)
@ -66,8 +69,9 @@ pub static R6: &[bool] = unsafe {
from_ptr_range(ptr..ptr.add(4))
};
pub static R7: &[u16] = unsafe {
//~^ ERROR: it is undefined behavior to use this value
let ptr = (&D2 as *const Struct as *const u16).byte_add(1);
from_ptr_range(ptr..ptr.add(4)) //~ inside `R7`
from_ptr_range(ptr..ptr.add(4))
};
pub static R8: &[u64] = unsafe {
let ptr = (&D4 as *const [u32; 2] as *const u32).byte_add(1).cast::<u64>();

128
tests/ui/const-ptr/forbidden_slices.stderr
View File

@ -1,44 +1,38 @@
error[E0080]: could not evaluate static initializer
--> $SRC_DIR/core/src/slice/raw.rs:LL:COL
|
= note: dereferencing pointer failed: null pointer is a dangling pointer (it has no provenance)
|
note: inside `std::slice::from_raw_parts::<'_, u32>`
--> $SRC_DIR/core/src/slice/raw.rs:LL:COL
note: inside `S0`
--> $DIR/forbidden_slices.rs:19:34
error[E0080]: it is undefined behavior to use this value
--> $DIR/forbidden_slices.rs:18:1
|
LL | pub static S0: &[u32] = unsafe { from_raw_parts(ptr::null(), 0) };
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
error[E0080]: could not evaluate static initializer
--> $SRC_DIR/core/src/slice/raw.rs:LL:COL
| ^^^^^^^^^^^^^^^^^^^^^ constructing invalid value: encountered a null reference
|
= note: dereferencing pointer failed: null pointer is a dangling pointer (it has no provenance)
|
note: inside `std::slice::from_raw_parts::<'_, ()>`
--> $SRC_DIR/core/src/slice/raw.rs:LL:COL
note: inside `S1`
--> $DIR/forbidden_slices.rs:20:33
|
LL | pub static S1: &[()] = unsafe { from_raw_parts(ptr::null(), 0) };
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
error[E0080]: could not evaluate static initializer
--> $SRC_DIR/core/src/slice/raw.rs:LL:COL
|
= note: dereferencing pointer failed: allocN has size 4, so pointer to 8 bytes starting at offset 0 is out-of-bounds
|
note: inside `std::slice::from_raw_parts::<'_, u32>`
--> $SRC_DIR/core/src/slice/raw.rs:LL:COL
note: inside `S2`
--> $DIR/forbidden_slices.rs:23:34
|
LL | pub static S2: &[u32] = unsafe { from_raw_parts(&D0, 2) };
| ^^^^^^^^^^^^^^^^^^^^^^
= note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior.
= note: the raw bytes of the constant (size: $SIZE, align: $ALIGN) {
HEX_DUMP
}
error[E0080]: it is undefined behavior to use this value
--> $DIR/forbidden_slices.rs:26:1
--> $DIR/forbidden_slices.rs:20:1
|
LL | pub static S1: &[()] = unsafe { from_raw_parts(ptr::null(), 0) };
| ^^^^^^^^^^^^^^^^^^^^ constructing invalid value: encountered a null reference
|
= note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior.
= note: the raw bytes of the constant (size: $SIZE, align: $ALIGN) {
HEX_DUMP
}
error[E0080]: it is undefined behavior to use this value
--> $DIR/forbidden_slices.rs:24:1
|
LL | pub static S2: &[u32] = unsafe { from_raw_parts(&D0, 2) };
| ^^^^^^^^^^^^^^^^^^^^^ constructing invalid value: encountered a dangling reference (going beyond the bounds of its allocation)
|
= note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior.
= note: the raw bytes of the constant (size: $SIZE, align: $ALIGN) {
HEX_DUMP
}
error[E0080]: it is undefined behavior to use this value
--> $DIR/forbidden_slices.rs:28:1
|
LL | pub static S4: &[u8] = unsafe { from_raw_parts((&D1) as *const _ as _, 1) };
| ^^^^^^^^^^^^^^^^^^^^ constructing invalid value at .<deref>[0]: encountered uninitialized memory, but expected an integer
@ -49,7 +43,7 @@ LL | pub static S4: &[u8] = unsafe { from_raw_parts((&D1) as *const _ as _, 1) }
}
error[E0080]: it is undefined behavior to use this value
--> $DIR/forbidden_slices.rs:28:1
--> $DIR/forbidden_slices.rs:30:1
|
LL | pub static S5: &[u8] = unsafe { from_raw_parts((&D3) as *const _ as _, size_of::<&u32>()) };
| ^^^^^^^^^^^^^^^^^^^^ constructing invalid value at .<deref>[0]: encountered a pointer, but expected an integer
@ -62,7 +56,7 @@ LL | pub static S5: &[u8] = unsafe { from_raw_parts((&D3) as *const _ as _, size
= help: the absolute address of a pointer is not known at compile-time, so such operations are not supported
error[E0080]: it is undefined behavior to use this value
--> $DIR/forbidden_slices.rs:30:1
--> $DIR/forbidden_slices.rs:32:1
|
LL | pub static S6: &[bool] = unsafe { from_raw_parts((&D0) as *const _ as _, 4) };
| ^^^^^^^^^^^^^^^^^^^^^^ constructing invalid value at .<deref>[0]: encountered 0x11, but expected a boolean
@ -73,7 +67,7 @@ LL | pub static S6: &[bool] = unsafe { from_raw_parts((&D0) as *const _ as _, 4)
}
error[E0080]: it is undefined behavior to use this value
--> $DIR/forbidden_slices.rs:33:1
--> $DIR/forbidden_slices.rs:35:1
|
LL | pub static S7: &[u16] = unsafe {
| ^^^^^^^^^^^^^^^^^^^^^ constructing invalid value at .<deref>[1]: encountered uninitialized memory, but expected an integer
@ -83,18 +77,16 @@ LL | pub static S7: &[u16] = unsafe {
HEX_DUMP
}
error[E0080]: could not evaluate static initializer
--> $SRC_DIR/core/src/slice/raw.rs:LL:COL
error[E0080]: it is undefined behavior to use this value
--> $DIR/forbidden_slices.rs:43:1
|
= note: dereferencing pointer failed: allocN has size 8, so pointer to 8 bytes starting at offset 1 is out-of-bounds
LL | pub static S8: &[u64] = unsafe {
| ^^^^^^^^^^^^^^^^^^^^^ constructing invalid value: encountered a dangling reference (going beyond the bounds of its allocation)
|
note: inside `std::slice::from_raw_parts::<'_, u64>`
--> $SRC_DIR/core/src/slice/raw.rs:LL:COL
note: inside `S8`
--> $DIR/forbidden_slices.rs:44:5
|
LL | from_raw_parts(ptr, 1)
| ^^^^^^^^^^^^^^^^^^^^^^
= note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior.
= note: the raw bytes of the constant (size: $SIZE, align: $ALIGN) {
HEX_DUMP
}
error[E0080]: could not evaluate static initializer
--> $SRC_DIR/core/src/ptr/const_ptr.rs:LL:COL
@ -106,7 +98,7 @@ note: inside `ptr::const_ptr::<impl *const u32>::sub_ptr`
note: inside `from_ptr_range::<'_, u32>`
--> $SRC_DIR/core/src/slice/raw.rs:LL:COL
note: inside `R0`
--> $DIR/forbidden_slices.rs:47:34
--> $DIR/forbidden_slices.rs:50:34
|
LL | pub static R0: &[u32] = unsafe { from_ptr_range(ptr::null()..ptr::null()) };
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
@ -121,7 +113,7 @@ note: inside `ptr::const_ptr::<impl *const ()>::sub_ptr`
note: inside `from_ptr_range::<'_, ()>`
--> $SRC_DIR/core/src/slice/raw.rs:LL:COL
note: inside `R1`
--> $DIR/forbidden_slices.rs:48:33
--> $DIR/forbidden_slices.rs:51:33
|
LL | pub static R1: &[()] = unsafe { from_ptr_range(ptr::null()..ptr::null()) };
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
@ -135,13 +127,13 @@ error[E0080]: could not evaluate static initializer
note: inside `ptr::const_ptr::<impl *const u32>::add`
--> $SRC_DIR/core/src/ptr/const_ptr.rs:LL:COL
note: inside `R2`
--> $DIR/forbidden_slices.rs:51:25
--> $DIR/forbidden_slices.rs:54:25
|
LL | from_ptr_range(ptr..ptr.add(2))
| ^^^^^^^^^^
error[E0080]: it is undefined behavior to use this value
--> $DIR/forbidden_slices.rs:53:1
--> $DIR/forbidden_slices.rs:56:1
|
LL | pub static R4: &[u8] = unsafe {
| ^^^^^^^^^^^^^^^^^^^^ constructing invalid value at .<deref>[0]: encountered uninitialized memory, but expected an integer
@ -152,7 +144,7 @@ LL | pub static R4: &[u8] = unsafe {
}
error[E0080]: it is undefined behavior to use this value
--> $DIR/forbidden_slices.rs:58:1
--> $DIR/forbidden_slices.rs:61:1
|
LL | pub static R5: &[u8] = unsafe {
| ^^^^^^^^^^^^^^^^^^^^ constructing invalid value at .<deref>[0]: encountered a pointer, but expected an integer
@ -165,7 +157,7 @@ LL | pub static R5: &[u8] = unsafe {
= help: the absolute address of a pointer is not known at compile-time, so such operations are not supported
error[E0080]: it is undefined behavior to use this value
--> $DIR/forbidden_slices.rs:63:1
--> $DIR/forbidden_slices.rs:66:1
|
LL | pub static R6: &[bool] = unsafe {
| ^^^^^^^^^^^^^^^^^^^^^^ constructing invalid value at .<deref>[0]: encountered 0x11, but expected a boolean
@ -175,20 +167,16 @@ LL | pub static R6: &[bool] = unsafe {
HEX_DUMP
}
error[E0080]: could not evaluate static initializer
--> $SRC_DIR/core/src/slice/raw.rs:LL:COL
error[E0080]: it is undefined behavior to use this value
--> $DIR/forbidden_slices.rs:71:1
|
= note: accessing memory with alignment 1, but alignment 2 is required
LL | pub static R7: &[u16] = unsafe {
| ^^^^^^^^^^^^^^^^^^^^^ constructing invalid value: encountered an unaligned reference (required 2 byte alignment but found 1)
|
note: inside `std::slice::from_raw_parts::<'_, u16>`
--> $SRC_DIR/core/src/slice/raw.rs:LL:COL
note: inside `from_ptr_range::<'_, u16>`
--> $SRC_DIR/core/src/slice/raw.rs:LL:COL
note: inside `R7`
--> $DIR/forbidden_slices.rs:70:5
|
LL | from_ptr_range(ptr..ptr.add(4))
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
= note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior.
= note: the raw bytes of the constant (size: $SIZE, align: $ALIGN) {
HEX_DUMP
}
error[E0080]: could not evaluate static initializer
--> $SRC_DIR/core/src/ptr/const_ptr.rs:LL:COL
@ -198,7 +186,7 @@ error[E0080]: could not evaluate static initializer
note: inside `ptr::const_ptr::<impl *const u64>::add`
--> $SRC_DIR/core/src/ptr/const_ptr.rs:LL:COL
note: inside `R8`
--> $DIR/forbidden_slices.rs:74:25
--> $DIR/forbidden_slices.rs:78:25
|
LL | from_ptr_range(ptr..ptr.add(1))
| ^^^^^^^^^^
@ -213,7 +201,7 @@ note: inside `ptr::const_ptr::<impl *const u32>::sub_ptr`
note: inside `from_ptr_range::<'_, u32>`
--> $SRC_DIR/core/src/slice/raw.rs:LL:COL
note: inside `R9`
--> $DIR/forbidden_slices.rs:79:34
--> $DIR/forbidden_slices.rs:83:34
|
LL | pub static R9: &[u32] = unsafe { from_ptr_range(&D0..(&D0 as *const u32).add(1)) };
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
@ -228,7 +216,7 @@ note: inside `ptr::const_ptr::<impl *const u32>::sub_ptr`
note: inside `from_ptr_range::<'_, u32>`
--> $SRC_DIR/core/src/slice/raw.rs:LL:COL
note: inside `R10`
--> $DIR/forbidden_slices.rs:80:35
--> $DIR/forbidden_slices.rs:84:35
|
LL | pub static R10: &[u32] = unsafe { from_ptr_range(&D0..&D0) };
| ^^^^^^^^^^^^^^^^^^^^^^^^

6
tests/ui/const-ptr/out_of_bounds_read.stderr
View File

@ -1,7 +1,7 @@
error[E0080]: evaluation of constant value failed
--> $SRC_DIR/core/src/ptr/mod.rs:LL:COL
|
= note: dereferencing pointer failed: alloc5 has size 4, so pointer to 4 bytes starting at offset 4 is out-of-bounds
= note: memory access failed: alloc5 has size 4, so pointer to 4 bytes starting at offset 4 is out-of-bounds
|
note: inside `std::ptr::read::<u32>`
--> $SRC_DIR/core/src/ptr/mod.rs:LL:COL
@ -14,7 +14,7 @@ LL | const _READ: u32 = unsafe { ptr::read(PAST_END_PTR) };
error[E0080]: evaluation of constant value failed
--> $SRC_DIR/core/src/ptr/mod.rs:LL:COL
|
= note: dereferencing pointer failed: alloc5 has size 4, so pointer to 4 bytes starting at offset 4 is out-of-bounds
= note: memory access failed: alloc5 has size 4, so pointer to 4 bytes starting at offset 4 is out-of-bounds
|
note: inside `std::ptr::read::<u32>`
--> $SRC_DIR/core/src/ptr/mod.rs:LL:COL
@ -29,7 +29,7 @@ LL | const _CONST_READ: u32 = unsafe { PAST_END_PTR.read() };
error[E0080]: evaluation of constant value failed
--> $SRC_DIR/core/src/ptr/mod.rs:LL:COL
|
= note: dereferencing pointer failed: alloc5 has size 4, so pointer to 4 bytes starting at offset 4 is out-of-bounds
= note: memory access failed: alloc5 has size 4, so pointer to 4 bytes starting at offset 4 is out-of-bounds
|
note: inside `std::ptr::read::<u32>`
--> $SRC_DIR/core/src/ptr/mod.rs:LL:COL

2
tests/ui/consts/const-deref-ptr.stderr
View File

@ -2,7 +2,7 @@ error[E0080]: could not evaluate static initializer
--> $DIR/const-deref-ptr.rs:4:29
|
LL | static C: u64 = unsafe {*(0xdeadbeef as *const u64)};
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^ dereferencing pointer failed: 0xdeadbeef[noalloc] is a dangling pointer (it has no provenance)
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^ memory access failed: 0xdeadbeef[noalloc] is a dangling pointer (it has no provenance)
error: aborting due to previous error

4
tests/ui/consts/const-eval/const_raw_ptr_ops2.stderr
View File

@ -2,13 +2,13 @@ error[E0080]: evaluation of constant value failed
--> $DIR/const_raw_ptr_ops2.rs:7:26
|
LL | const Z2: i32 = unsafe { *(42 as *const i32) };
| ^^^^^^^^^^^^^^^^^^^ dereferencing pointer failed: 0x2a[noalloc] is a dangling pointer (it has no provenance)
| ^^^^^^^^^^^^^^^^^^^ memory access failed: 0x2a[noalloc] is a dangling pointer (it has no provenance)
error[E0080]: evaluation of constant value failed
--> $DIR/const_raw_ptr_ops2.rs:9:26
|
LL | const Z3: i32 = unsafe { *(44 as *const i32) };
| ^^^^^^^^^^^^^^^^^^^ dereferencing pointer failed: 0x2c[noalloc] is a dangling pointer (it has no provenance)
| ^^^^^^^^^^^^^^^^^^^ memory access failed: 0x2c[noalloc] is a dangling pointer (it has no provenance)
error: aborting due to 2 previous errors

10
tests/ui/consts/const-eval/dangling.rs
View File

@ -1,10 +0,0 @@
use std::mem;
// Make sure we error with the right kind of error on a too large slice.
const TEST: () = { unsafe {
let slice: *const [u8] = mem::transmute((1usize, usize::MAX));
let _val = &*slice; //~ ERROR: evaluation of constant value failed
//~| slice is bigger than largest supported object
} };
fn main() {}

9
tests/ui/consts/const-eval/dangling.stderr
View File

@ -1,9 +0,0 @@
error[E0080]: evaluation of constant value failed
--> $DIR/dangling.rs:6:16
|
LL | let _val = &*slice;
| ^^^^^^^ invalid metadata in wide pointer: slice is bigger than largest supported object
error: aborting due to previous error
For more information about this error, try `rustc --explain E0080`.

2
tests/ui/consts/const-eval/heap/dealloc_intrinsic_dangling.rs
View File

@ -5,10 +5,10 @@
use std::intrinsics;
const _X: &'static u8 = unsafe {
//~^ error: dangling pointer in final constant
let ptr = intrinsics::const_allocate(4, 4);
intrinsics::const_deallocate(ptr, 4, 4);
&*ptr
//~^ error: evaluation of constant value failed
};
const _Y: u8 = unsafe {

10
tests/ui/consts/const-eval/heap/dealloc_intrinsic_dangling.stderr
View File

@ -1,14 +1,14 @@
error[E0080]: evaluation of constant value failed
--> $DIR/dealloc_intrinsic_dangling.rs:10:5
error: encountered dangling pointer in final constant
--> $DIR/dealloc_intrinsic_dangling.rs:7:1
|
LL | &*ptr
| ^^^^^ dereferencing pointer failed: alloc2 has been freed, so this pointer is dangling
LL | const _X: &'static u8 = unsafe {
| ^^^^^^^^^^^^^^^^^^^^^
error[E0080]: evaluation of constant value failed
--> $DIR/dealloc_intrinsic_dangling.rs:18:5
|
LL | *reference
| ^^^^^^^^^^ dereferencing pointer failed: alloc4 has been freed, so this pointer is dangling
| ^^^^^^^^^^ memory access failed: alloc4 has been freed, so this pointer is dangling
error: aborting due to 2 previous errors

2
tests/ui/consts/const-eval/issue-49296.stderr
View File

@ -2,7 +2,7 @@ error[E0080]: evaluation of constant value failed
--> $DIR/issue-49296.rs:9:16
|
LL | const X: u64 = *wat(42);
| ^^^^^^^^ dereferencing pointer failed: alloc3 has been freed, so this pointer is dangling
| ^^^^^^^^ memory access failed: alloc3 has been freed, so this pointer is dangling
error: aborting due to previous error

2
tests/ui/consts/const-eval/nonnull_as_ref_ub.rs
View File

@ -1,6 +1,6 @@
use std::ptr::NonNull;
const NON_NULL: NonNull<u8> = unsafe { NonNull::dangling() };
const _: () = assert!(42 == *unsafe { NON_NULL.as_ref() });
const _: () = assert!(42 == *unsafe { NON_NULL.as_ref() }); //~ERROR: evaluation of constant value failed
fn main() {}

11
tests/ui/consts/const-eval/nonnull_as_ref_ub.stderr
View File

@ -1,15 +1,8 @@
error[E0080]: evaluation of constant value failed
--> $SRC_DIR/core/src/ptr/non_null.rs:LL:COL
|
= note: dereferencing pointer failed: 0x1[noalloc] is a dangling pointer (it has no provenance)
|
note: inside `NonNull::<u8>::as_ref::<'_>`
--> $SRC_DIR/core/src/ptr/non_null.rs:LL:COL
note: inside `_`
--> $DIR/nonnull_as_ref_ub.rs:4:39
--> $DIR/nonnull_as_ref_ub.rs:4:29
|
LL | const _: () = assert!(42 == *unsafe { NON_NULL.as_ref() });
| ^^^^^^^^^^^^^^^^^
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ memory access failed: 0x1[noalloc] is a dangling pointer (it has no provenance)
error: aborting due to previous error

2
tests/ui/consts/const-eval/raw-pointer-ub.stderr
View File

@ -29,7 +29,7 @@ error[E0080]: evaluation of constant value failed
--> $DIR/raw-pointer-ub.rs:32:16
|
LL | let _val = *ptr;
| ^^^^ dereferencing pointer failed: allocN has size 4, so pointer to 8 bytes starting at offset 0 is out-of-bounds
| ^^^^ memory access failed: allocN has size 4, so pointer to 8 bytes starting at offset 0 is out-of-bounds
error: aborting due to 4 previous errors

26
tests/ui/consts/const-eval/ub-incorrect-vtable.32bit.stderr
View File

@ -1,14 +1,24 @@
error[E0080]: evaluation of constant value failed
--> $DIR/ub-incorrect-vtable.rs:19:14
error[E0080]: it is undefined behavior to use this value
--> $DIR/ub-incorrect-vtable.rs:18:1
|
LL | unsafe { std::mem::transmute((&92u8, &[0usize, 1usize, 1000usize])) };
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ using allocN as vtable pointer but it does not point to a vtable
LL | const INVALID_VTABLE_ALIGNMENT: &dyn Trait =
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ constructing invalid value: encountered allocN, but expected a vtable pointer
|
= note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior.
= note: the raw bytes of the constant (size: 8, align: 4) {
╾─allocN──╼ ╾─allocN──╼ │ ╾──╼╾──╼
}
error[E0080]: evaluation of constant value failed
--> $DIR/ub-incorrect-vtable.rs:24:14
error[E0080]: it is undefined behavior to use this value
--> $DIR/ub-incorrect-vtable.rs:23:1
|
LL | unsafe { std::mem::transmute((&92u8, &[1usize, usize::MAX, 1usize])) };
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ using allocN as vtable pointer but it does not point to a vtable
LL | const INVALID_VTABLE_SIZE: &dyn Trait =
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ constructing invalid value: encountered allocN, but expected a vtable pointer
|
= note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior.
= note: the raw bytes of the constant (size: 8, align: 4) {
╾─allocN─╼ ╾─allocN─╼ │ ╾──╼╾──╼
}
error[E0080]: it is undefined behavior to use this value
--> $DIR/ub-incorrect-vtable.rs:33:1

26
tests/ui/consts/const-eval/ub-incorrect-vtable.64bit.stderr
View File

@ -1,14 +1,24 @@
error[E0080]: evaluation of constant value failed
--> $DIR/ub-incorrect-vtable.rs:19:14
error[E0080]: it is undefined behavior to use this value
--> $DIR/ub-incorrect-vtable.rs:18:1
|
LL | unsafe { std::mem::transmute((&92u8, &[0usize, 1usize, 1000usize])) };
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ using allocN as vtable pointer but it does not point to a vtable
LL | const INVALID_VTABLE_ALIGNMENT: &dyn Trait =
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ constructing invalid value: encountered allocN, but expected a vtable pointer
|
= note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior.
= note: the raw bytes of the constant (size: 16, align: 8) {
╾───────allocN────────╼ ╾───────allocN────────╼ │ ╾──────╼╾──────╼
}
error[E0080]: evaluation of constant value failed
--> $DIR/ub-incorrect-vtable.rs:24:14
error[E0080]: it is undefined behavior to use this value
--> $DIR/ub-incorrect-vtable.rs:23:1
|
LL | unsafe { std::mem::transmute((&92u8, &[1usize, usize::MAX, 1usize])) };
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ using allocN as vtable pointer but it does not point to a vtable
LL | const INVALID_VTABLE_SIZE: &dyn Trait =
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ constructing invalid value: encountered allocN, but expected a vtable pointer
|
= note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior.
= note: the raw bytes of the constant (size: 16, align: 8) {
╾───────allocN───────╼ ╾───────allocN───────╼ │ ╾──────╼╾──────╼
}
error[E0080]: it is undefined behavior to use this value
--> $DIR/ub-incorrect-vtable.rs:33:1

8
tests/ui/consts/const-eval/ub-incorrect-vtable.rs
View File

@ -17,13 +17,13 @@ trait Trait {}
const INVALID_VTABLE_ALIGNMENT: &dyn Trait =
unsafe { std::mem::transmute((&92u8, &[0usize, 1usize, 1000usize])) };
//~^ ERROR evaluation of constant value failed
//~| does not point to a vtable
//~^^ ERROR it is undefined behavior to use this value
//~| expected a vtable pointer
const INVALID_VTABLE_SIZE: &dyn Trait =
unsafe { std::mem::transmute((&92u8, &[1usize, usize::MAX, 1usize])) };
//~^ ERROR evaluation of constant value failed
//~| does not point to a vtable
//~^^ ERROR it is undefined behavior to use this value
//~| expected a vtable pointer
#[repr(transparent)]
struct W<T>(T);

4
tests/ui/consts/const-eval/ub-nonnull.stderr
View File

@ -10,10 +10,10 @@ LL | const NULL_PTR: NonNull<u8> = unsafe { mem::transmute(0usize) };
}
error[E0080]: evaluation of constant value failed
--> $DIR/ub-nonnull.rs:20:30
--> $DIR/ub-nonnull.rs:20:29
|
LL | let out_of_bounds_ptr = &ptr[255];
| ^^^^^^^^ dereferencing pointer failed: alloc11 has size 1, so pointer to 256 bytes starting at offset 0 is out-of-bounds
| ^^^^^^^^^ out-of-bounds pointer arithmetic: alloc11 has size 1, so pointer to 255 bytes starting at offset 0 is out-of-bounds
error[E0080]: it is undefined behavior to use this value
--> $DIR/ub-nonnull.rs:24:1

16
tests/ui/consts/const-eval/ub-wide-ptr.rs
View File

@ -122,14 +122,14 @@ const TRAIT_OBJ_INT_VTABLE: W<&dyn Trait> = unsafe { mem::transmute(W((&92u8, 4u
//~^ ERROR it is undefined behavior to use this value
//~| expected a vtable
const TRAIT_OBJ_UNALIGNED_VTABLE: &dyn Trait = unsafe { mem::transmute((&92u8, &[0u8; 128])) };
//~^ ERROR evaluation of constant value failed
//~| does not point to a vtable
//~^ ERROR it is undefined behavior to use this value
//~| expected a vtable
const TRAIT_OBJ_BAD_DROP_FN_NULL: &dyn Trait = unsafe { mem::transmute((&92u8, &[0usize; 8])) };
//~^ ERROR evaluation of constant value failed
//~| does not point to a vtable
//~^ ERROR it is undefined behavior to use this value
//~| expected a vtable
const TRAIT_OBJ_BAD_DROP_FN_INT: &dyn Trait = unsafe { mem::transmute((&92u8, &[1usize; 8])) };
//~^ ERROR evaluation of constant value failed
//~| does not point to a vtable
//~^ ERROR it is undefined behavior to use this value
//~| expected a vtable
const TRAIT_OBJ_BAD_DROP_FN_NOT_FN_PTR: W<&dyn Trait> = unsafe { mem::transmute(W((&92u8, &[&42u8; 8]))) };
//~^ ERROR it is undefined behavior to use this value
//~| expected a vtable
@ -148,12 +148,12 @@ const RAW_TRAIT_OBJ_CONTENT_INVALID: *const dyn Trait = unsafe { mem::transmute:
// Const eval fails for these, so they need to be statics to error.
static mut RAW_TRAIT_OBJ_VTABLE_NULL_THROUGH_REF: *const dyn Trait = unsafe {
//~^ ERROR it is undefined behavior to use this value
mem::transmute::<_, &dyn Trait>((&92u8, 0usize))
//~^ ERROR could not evaluate static initializer
};
static mut RAW_TRAIT_OBJ_VTABLE_INVALID_THROUGH_REF: *const dyn Trait = unsafe {
//~^ ERROR it is undefined behavior to use this value
mem::transmute::<_, &dyn Trait>((&92u8, &3u64))
//~^ ERROR could not evaluate static initializer
};
fn main() {}

59
tests/ui/consts/const-eval/ub-wide-ptr.stderr
View File

@ -218,23 +218,38 @@ LL | const TRAIT_OBJ_INT_VTABLE: W<&dyn Trait> = unsafe { mem::transmute(W((&92u
HEX_DUMP
}
error[E0080]: evaluation of constant value failed
--> $DIR/ub-wide-ptr.rs:124:57
error[E0080]: it is undefined behavior to use this value
--> $DIR/ub-wide-ptr.rs:124:1
|
LL | const TRAIT_OBJ_UNALIGNED_VTABLE: &dyn Trait = unsafe { mem::transmute((&92u8, &[0u8; 128])) };
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ using allocN as vtable pointer but it does not point to a vtable
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ constructing invalid value: encountered allocN, but expected a vtable pointer
|
= note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior.
= note: the raw bytes of the constant (size: $SIZE, align: $ALIGN) {
HEX_DUMP
}
error[E0080]: evaluation of constant value failed
--> $DIR/ub-wide-ptr.rs:127:57
error[E0080]: it is undefined behavior to use this value
--> $DIR/ub-wide-ptr.rs:127:1
|
LL | const TRAIT_OBJ_BAD_DROP_FN_NULL: &dyn Trait = unsafe { mem::transmute((&92u8, &[0usize; 8])) };
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ using allocN as vtable pointer but it does not point to a vtable
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ constructing invalid value: encountered allocN, but expected a vtable pointer
|
= note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior.
= note: the raw bytes of the constant (size: $SIZE, align: $ALIGN) {
HEX_DUMP
}
error[E0080]: evaluation of constant value failed
--> $DIR/ub-wide-ptr.rs:130:56
error[E0080]: it is undefined behavior to use this value
--> $DIR/ub-wide-ptr.rs:130:1
|
LL | const TRAIT_OBJ_BAD_DROP_FN_INT: &dyn Trait = unsafe { mem::transmute((&92u8, &[1usize; 8])) };
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ using allocN as vtable pointer but it does not point to a vtable
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ constructing invalid value: encountered allocN, but expected a vtable pointer
|
= note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior.
= note: the raw bytes of the constant (size: $SIZE, align: $ALIGN) {
HEX_DUMP
}
error[E0080]: it is undefined behavior to use this value
--> $DIR/ub-wide-ptr.rs:133:1
@ -280,17 +295,27 @@ LL | const RAW_TRAIT_OBJ_VTABLE_INVALID: *const dyn Trait = unsafe { mem::transm
HEX_DUMP
}
error[E0080]: could not evaluate static initializer
--> $DIR/ub-wide-ptr.rs:151:5
error[E0080]: it is undefined behavior to use this value
--> $DIR/ub-wide-ptr.rs:150:1
|
LL | mem::transmute::<_, &dyn Trait>((&92u8, 0usize))
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ out-of-bounds pointer use: null pointer is a dangling pointer (it has no provenance)
LL | static mut RAW_TRAIT_OBJ_VTABLE_NULL_THROUGH_REF: *const dyn Trait = unsafe {
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ constructing invalid value: encountered null pointer, but expected a vtable pointer
|
= note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior.
= note: the raw bytes of the constant (size: $SIZE, align: $ALIGN) {
HEX_DUMP
}
error[E0080]: could not evaluate static initializer
--> $DIR/ub-wide-ptr.rs:155:5
error[E0080]: it is undefined behavior to use this value
--> $DIR/ub-wide-ptr.rs:154:1
|
LL | mem::transmute::<_, &dyn Trait>((&92u8, &3u64))
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ using allocN as vtable pointer but it does not point to a vtable
LL | static mut RAW_TRAIT_OBJ_VTABLE_INVALID_THROUGH_REF: *const dyn Trait = unsafe {
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ constructing invalid value: encountered allocN, but expected a vtable pointer
|
= note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior.
= note: the raw bytes of the constant (size: $SIZE, align: $ALIGN) {
HEX_DUMP
}
error: aborting due to 29 previous errors

20
tests/ui/consts/const-mut-refs/mut_ref_in_final_dynamic_check.32bit.stderr Normal file
View File

@ -0,0 +1,20 @@
error[E0080]: it is undefined behavior to use this value
--> $DIR/mut_ref_in_final_dynamic_check.rs:17:1
|
LL | const A: Option<&mut i32> = helper();
| ^^^^^^^^^^^^^^^^^^^^^^^^^ constructing invalid value at .<enum-variant(Some)>.0: encountered mutable reference in a `const`
|
= note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior.
= note: the raw bytes of the constant (size: 4, align: 4) {
2a 00 00 00 │ *...
}
error: encountered dangling pointer in final constant
--> $DIR/mut_ref_in_final_dynamic_check.rs:24:1
|
LL | const B: Option<&mut i32> = helper2();
| ^^^^^^^^^^^^^^^^^^^^^^^^^
error: aborting due to 2 previous errors
For more information about this error, try `rustc --explain E0080`.

20
tests/ui/consts/const-mut-refs/mut_ref_in_final_dynamic_check.64bit.stderr Normal file
View File

@ -0,0 +1,20 @@
error[E0080]: it is undefined behavior to use this value
--> $DIR/mut_ref_in_final_dynamic_check.rs:17:1
|
LL | const A: Option<&mut i32> = helper();
| ^^^^^^^^^^^^^^^^^^^^^^^^^ constructing invalid value at .<enum-variant(Some)>.0: encountered mutable reference in a `const`
|
= note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior.
= note: the raw bytes of the constant (size: 8, align: 8) {
2a 00 00 00 00 00 00 00 │ *.......
}
error: encountered dangling pointer in final constant
--> $DIR/mut_ref_in_final_dynamic_check.rs:24:1
|
LL | const B: Option<&mut i32> = helper2();
| ^^^^^^^^^^^^^^^^^^^^^^^^^
error: aborting due to 2 previous errors
For more information about this error, try `rustc --explain E0080`.

9
tests/ui/consts/const-mut-refs/mut_ref_in_final_dynamic_check.rs
View File

@ -1,3 +1,4 @@
// stderr-per-bitwidth
#![feature(const_mut_refs)]
#![feature(raw_ref_op)]
@ -9,17 +10,15 @@
const fn helper() -> Option<&'static mut i32> { unsafe {
// Undefined behaviour (integer as pointer), who doesn't love tests like this.
// This code never gets executed, because the static checks fail before that.
Some(&mut *(42 as *mut i32)) //~ ERROR evaluation of constant value failed
//~| 0x2a[noalloc] is a dangling pointer
Some(&mut *(42 as *mut i32))
} }
// The error is an evaluation error and not a validation error, so the error is reported
// directly at the site where it occurs.
const A: Option<&mut i32> = helper();
const A: Option<&mut i32> = helper(); //~ ERROR it is undefined behavior to use this value
//~^ encountered mutable reference in a `const`
const fn helper2() -> Option<&'static mut i32> { unsafe {
// Undefined behaviour (dangling pointer), who doesn't love tests like this.
// This code never gets executed, because the static checks fail before that.
Some(&mut *(&mut 42 as *mut i32))
} }
const B: Option<&mut i32> = helper2(); //~ ERROR encountered dangling pointer in final constant

Some files were not shown because too many files have changed in this diff Show More