From 13b02e3d8696458fa3a2ba9a745a744e655bebe7 Mon Sep 17 00:00:00 2001
From: Ralf Jung <post@ralfj.de>
Date: Wed, 21 Aug 2024 15:12:42 +0200
Subject: [PATCH] add a test for zero-sized protectors

---
 .../tests/fail/alloc/global_system_mixup.rs   |  4 +--
 .../fail/alloc/global_system_mixup.stderr     |  2 +-
 .../fail/both_borrows/zero-sized-protected.rs | 19 ++++++++++
 .../zero-sized-protected.stack.stderr         | 15 ++++++++
 .../zero-sized-protected.tree.stderr          | 36 +++++++++++++++++++
 5 files changed, 72 insertions(+), 4 deletions(-)
 create mode 100644 src/tools/miri/tests/fail/both_borrows/zero-sized-protected.rs
 create mode 100644 src/tools/miri/tests/fail/both_borrows/zero-sized-protected.stack.stderr
 create mode 100644 src/tools/miri/tests/fail/both_borrows/zero-sized-protected.tree.stderr

diff --git a/src/tools/miri/tests/fail/alloc/global_system_mixup.rs b/src/tools/miri/tests/fail/alloc/global_system_mixup.rs
index 19c62913b4c..804aa13660b 100644
--- a/src/tools/miri/tests/fail/alloc/global_system_mixup.rs
+++ b/src/tools/miri/tests/fail/alloc/global_system_mixup.rs
@@ -13,7 +13,5 @@ use std::alloc::{Allocator, Global, Layout, System};
 fn main() {
     let l = Layout::from_size_align(1, 1).unwrap();
     let ptr = Global.allocate(l).unwrap().as_non_null_ptr();
-    unsafe {
-        System.deallocate(ptr, l);
-    }
+    unsafe { System.deallocate(ptr, l) };
 }
diff --git a/src/tools/miri/tests/fail/alloc/global_system_mixup.stderr b/src/tools/miri/tests/fail/alloc/global_system_mixup.stderr
index 7006b96ee1e..77909564149 100644
--- a/src/tools/miri/tests/fail/alloc/global_system_mixup.stderr
+++ b/src/tools/miri/tests/fail/alloc/global_system_mixup.stderr
@@ -12,7 +12,7 @@ LL |         FREE();
 note: inside `main`
   --> $DIR/global_system_mixup.rs:LL:CC
    |
-LL |         System.deallocate(ptr, l);
+LL |     unsafe { System.deallocate(ptr, l) };
    | ^
 
 note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace
diff --git a/src/tools/miri/tests/fail/both_borrows/zero-sized-protected.rs b/src/tools/miri/tests/fail/both_borrows/zero-sized-protected.rs
new file mode 100644
index 00000000000..aed5cb11258
--- /dev/null
+++ b/src/tools/miri/tests/fail/both_borrows/zero-sized-protected.rs
@@ -0,0 +1,19 @@
+//@revisions: stack tree
+//@[tree]compile-flags: -Zmiri-tree-borrows
+//@[tree]error-in-other-file: /deallocation .* is forbidden/
+use std::alloc::{alloc, dealloc, Layout};
+
+// `x` is strongly protected but covers zero bytes.
+// Let's see if deallocating the allocation x points to is UB:
+// in TB, it is UB, but in SB it is not.
+fn test(_x: &mut (), ptr: *mut u8, l: Layout) {
+    unsafe { dealloc(ptr, l) };
+}
+
+fn main() {
+    let l = Layout::from_size_align(1, 1).unwrap();
+    let ptr = unsafe { alloc(l) };
+    unsafe { test(&mut *ptr.cast::<()>(), ptr, l) };
+    // In SB the test would pass if it weren't for this line.
+    unsafe { std::hint::unreachable_unchecked() }; //~[stack] ERROR: unreachable
+}
diff --git a/src/tools/miri/tests/fail/both_borrows/zero-sized-protected.stack.stderr b/src/tools/miri/tests/fail/both_borrows/zero-sized-protected.stack.stderr
new file mode 100644
index 00000000000..672682ff294
--- /dev/null
+++ b/src/tools/miri/tests/fail/both_borrows/zero-sized-protected.stack.stderr
@@ -0,0 +1,15 @@
+error: Undefined Behavior: entering unreachable code
+  --> $DIR/zero-sized-protected.rs:LL:CC
+   |
+LL |     unsafe { std::hint::unreachable_unchecked() };
+   |              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ entering unreachable code
+   |
+   = help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
+   = help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information
+   = note: BACKTRACE:
+   = note: inside `main` at $DIR/zero-sized-protected.rs:LL:CC
+
+note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace
+
+error: aborting due to 1 previous error
+
diff --git a/src/tools/miri/tests/fail/both_borrows/zero-sized-protected.tree.stderr b/src/tools/miri/tests/fail/both_borrows/zero-sized-protected.tree.stderr
new file mode 100644
index 00000000000..ef981038e55
--- /dev/null
+++ b/src/tools/miri/tests/fail/both_borrows/zero-sized-protected.tree.stderr
@@ -0,0 +1,36 @@
+error: Undefined Behavior: deallocation through <TAG> (root of the allocation) at ALLOC[0x0] is forbidden
+  --> RUSTLIB/alloc/src/alloc.rs:LL:CC
+   |
+LL |     unsafe { __rust_dealloc(ptr, layout.size(), layout.align()) }
+   |              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ deallocation through <TAG> (root of the allocation) at ALLOC[0x0] is forbidden
+   |
+   = help: this indicates a potential bug in the program: it performed an invalid operation, but the Tree Borrows rules it violated are still experimental
+   = help: the allocation of the accessed tag <TAG> (root of the allocation) also contains the strongly protected tag <TAG>
+   = help: the strongly protected tag <TAG> disallows deallocations
+help: the accessed tag <TAG> was created here
+  --> $DIR/zero-sized-protected.rs:LL:CC
+   |
+LL |     let ptr = unsafe { alloc(l) };
+   |                        ^^^^^^^^
+help: the strongly protected tag <TAG> was created here, in the initial state Reserved
+  --> $DIR/zero-sized-protected.rs:LL:CC
+   |
+LL | fn test(_x: &mut (), ptr: *mut u8, l: Layout) {
+   |         ^^
+   = note: BACKTRACE (of the first span):
+   = note: inside `std::alloc::dealloc` at RUSTLIB/alloc/src/alloc.rs:LL:CC
+note: inside `test`
+  --> $DIR/zero-sized-protected.rs:LL:CC
+   |
+LL |     unsafe { dealloc(ptr, l) };
+   |              ^^^^^^^^^^^^^^^
+note: inside `main`
+  --> $DIR/zero-sized-protected.rs:LL:CC
+   |
+LL |     unsafe { test(&mut *ptr.cast::<()>(), ptr, l) };
+   |              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace
+
+error: aborting due to 1 previous error
+