mikros/rust
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

make permissive provenance and raw-ptr tagging the default

Browse Source
This commit is contained in:
Ralf Jung 2022-06-26 21:14:18 -04:00
parent 60570a39c7
commit 13d425daeb
64 changed files with 491 additions and 246 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
README.md
View File

@ -306,7 +306,7 @@ environment variable. We first document the most relevant and most commonly used
* `-Zmiri-strict-provenance` enables [strict
provenance](https://github.com/rust-lang/rust/issues/95228) checking in Miri. This means that
casting an integer to a pointer yields a result with 'invalid' provenance, i.e., with provenance
that cannot be used for any memory access. Also implies `-Zmiri-tag-raw-pointers`.
that cannot be used for any memory access.
The remaining flags are for advanced use only, and more likely to change or be removed.
Some of these are **unsound**, which means they can lead
@ -321,7 +321,7 @@ to Miri failing to detect cases of undefined behavior in a program.
integers via `mem::transmute` or union/pointer type punning. This has two effects: it disables the
check against integers storing a pointer (i.e., data with provenance), thus allowing
pointer-to-integer transmutation, and it treats integer-to-pointer transmutation as equivalent to
a cast. Using this flag is **unsound** and
a cast. Implies `-Zmiri-permissive-provenance`. Using this flag is **unsound** and
[deprecated](https://github.com/rust-lang/miri/issues/2188).
* `-Zmiri-disable-abi-check` disables checking [function ABI]. Using this flag
is **unsound**.
@ -354,15 +354,11 @@ to Miri failing to detect cases of undefined behavior in a program.
application instead of raising an error within the context of Miri (and halting
execution). Note that code might not expect these operations to ever panic, so
this flag can lead to strange (mis)behavior.
* `-Zmiri-permissive-provenance` is **experimental**. This will make Miri do a
best-effort attempt to implement the semantics of
[`expose_addr`](https://doc.rust-lang.org/nightly/std/primitive.pointer.html#method.expose_addr)
and
[`ptr::from_exposed_addr`](https://doc.rust-lang.org/nightly/std/ptr/fn.from_exposed_addr.html)
for pointer-to-int and int-to-pointer casts, respectively. This will
necessarily miss some bugs as those semantics are not efficiently
implementable in a sanitizer, but it will only miss bugs that concerns
memory/pointers which is subject to these operations.
* `-Zmiri-permissive-provenance` disables the warning for integer-to-pointer casts and
[`ptr::from_exposed_addr`](https://doc.rust-lang.org/nightly/std/ptr/fn.from_exposed_addr.html).
This will necessarily miss some bugs as those operations are not efficiently and accurately
implementable in a sanitizer, but it will only miss bugs that concern memory/pointers which is
subject to these operations.
* `-Zmiri-symbolic-alignment-check` makes the alignment check more strict. By
default, alignment is checked by casting the pointer to an integer, and making
sure that is a multiple of the alignment. This can lead to cases where a
@ -389,13 +385,6 @@ to Miri failing to detect cases of undefined behavior in a program.
happening and where in your code would be a good place to look for it.
Specifying this argument multiple times does not overwrite the previous
values, instead it appends its values to the list. Listing a tag multiple times has no effect.
* `-Zmiri-tag-raw-pointers` makes Stacked Borrows assign proper tags even for raw pointers. This can
make valid code using int-to-ptr casts fail to pass the checks, but also can help identify latent
aliasing issues in code that Miri accepts by default. You can recognize false positives by
`<untagged>` occurring in the message -- this indicates a pointer that was cast from an integer,
so Miri was unable to track this pointer. Note that it is not currently guaranteed that code that
works with `-Zmiri-tag-raw-pointers` also works without `-Zmiri-tag-raw-pointers`, but for the
vast majority of code, this will be the case.
[function ABI]: https://doc.rust-lang.org/reference/items/functions.html#extern-function-qualifier

7
src/bin/miri.rs
View File

@ -340,6 +340,7 @@ fn main() {
Please let us know at <https://github.com/rust-lang/miri/issues/2188> if you rely on this flag."
);
miri_config.allow_ptr_int_transmute = true;
miri_config.provenance_mode = ProvenanceMode::Permissive;
} else if arg == "-Zmiri-disable-abi-check" {
miri_config.check_abi = false;
} else if arg == "-Zmiri-disable-isolation" {
@ -374,20 +375,18 @@ fn main() {
} else if arg == "-Zmiri-panic-on-unsupported" {
miri_config.panic_on_unsupported = true;
} else if arg == "-Zmiri-tag-raw-pointers" {
miri_config.tag_raw = true;
eprintln!("WARNING: `-Zmiri-tag-raw-pointers` has no effect; it is enabled by default");
} else if arg == "-Zmiri-strict-provenance" {
miri_config.provenance_mode = ProvenanceMode::Strict;
miri_config.tag_raw = true;
miri_config.allow_ptr_int_transmute = false;
} else if arg == "-Zmiri-permissive-provenance" {
miri_config.provenance_mode = ProvenanceMode::Permissive;
miri_config.tag_raw = true;
} else if arg == "-Zmiri-mute-stdout-stderr" {
miri_config.mute_stdout_stderr = true;
} else if arg == "-Zmiri-track-raw-pointers" {
eprintln!(
"WARNING: -Zmiri-track-raw-pointers has been renamed to -Zmiri-tag-raw-pointers, the old name is deprecated."
);
miri_config.tag_raw = true;
} else if let Some(param) = arg.strip_prefix("-Zmiri-seed=") {
if miri_config.seed.is_some() {
panic!("Cannot specify -Zmiri-seed multiple times!");

25
src/diagnostics.rs
View File

@ -69,6 +69,7 @@ pub enum NonHaltingDiagnostic {
FreedAlloc(AllocId),
RejectedIsolatedOp(String),
ProgressReport,
Int2Ptr,
}
/// Level of Miri specific diagnostics
@ -468,15 +469,35 @@ pub trait EvalContextExt<'mir, 'tcx: 'mir>: crate::MiriEvalContextExt<'mir, 'tcx
format!("{op} was made to return an error due to isolation"),
ProgressReport =>
format!("progress report: current operation being executed is here"),
Int2Ptr => format!("pointer-to-integer cast"),
};
let (title, diag_level) = match e {
RejectedIsolatedOp(_) =>
("operation rejected by isolation", DiagLevel::Warning),
_ => ("tracking was triggered", DiagLevel::Note),
Int2Ptr => ("pointer-to-integer cast", DiagLevel::Warning),
CreatedPointerTag(..)
| PoppedPointerTag(..)
| CreatedCallId(..)
| CreatedAlloc(..)
| FreedAlloc(..)
| ProgressReport => ("tracking was triggered", DiagLevel::Note),
};
report_msg(this, diag_level, title, vec![msg], vec![], &stacktrace);
let helps = match e {
Int2Ptr =>
vec![
(None, format!("this program is using integer-to-pointer casts or (equivalently) `from_exposed_addr`,")),
(None, format!("which means that Miri might miss pointer bugs in this program")),
(None, format!("see https://doc.rust-lang.org/nightly/std/ptr/fn.from_exposed_addr.html for more details on that operation")),
(None, format!("to ensure that Miri does not miss bugs in your program, use `with_addr` (https://doc.rust-lang.org/nightly/std/ptr/index.html#strict-provenance) instead")),
(None, format!("you can then pass the `-Zmiri-strict-provenance` flag to Miri, to ensure you are not relying on `from_exposed_addr` semantics")),
(None, format!("alternatively, the `-Zmiri-permissive-provenance` flag disables this warning")),
],
_ => vec![],
};
report_msg(this, diag_level, title, vec![msg], helps, &stacktrace);
}
});
}

5
src/eval.rs
View File

@ -101,8 +101,6 @@ pub struct MiriConfig {
pub tracked_call_ids: HashSet<CallId>,
/// The allocation ids to report about.
pub tracked_alloc_ids: HashSet<AllocId>,
/// Whether to track raw pointers in stacked borrows.
pub tag_raw: bool,
/// Determine if data race detection should be enabled
pub data_race_detector: bool,
/// Determine if weak memory emulation should be enabled. Requires data race detection to be enabled
@ -146,14 +144,13 @@ impl Default for MiriConfig {
tracked_pointer_tags: HashSet::default(),
tracked_call_ids: HashSet::default(),
tracked_alloc_ids: HashSet::default(),
tag_raw: false,
data_race_detector: true,
weak_memory_emulation: true,
cmpxchg_weak_failure_rate: 0.8, // 80%
measureme_out: None,
panic_on_unsupported: false,
backtrace_style: BacktraceStyle::Short,
provenance_mode: ProvenanceMode::Legacy,
provenance_mode: ProvenanceMode::Default,
mute_stdout_stderr: false,
preemption_rate: 0.01, // 1%
report_progress: None,

76
src/intptrcast.rs
View File

@ -11,16 +11,13 @@ use crate::*;
#[derive(Copy, Clone, Debug, PartialEq, Eq)]
pub enum ProvenanceMode {
/// Int2ptr casts return pointers with "wildcard" provenance
/// that basically matches that of all exposed pointers
/// (and SB tags, if enabled).
/// We support `expose_addr`/`from_exposed_addr` via "wildcard" provenance.
/// However, we want on `from_exposed_addr` to alert the user of the precision loss.
Default,
/// Like `Default`, but without the warning.
Permissive,
/// Int2ptr casts return pointers with an invalid provenance,
/// i.e., not valid for any memory access.
/// We error on `from_exposed_addr`, ensuring no precision loss.
Strict,
/// Int2ptr casts determine the allocation they point to at cast time.
/// All allocations are considered exposed.
Legacy,
}
pub type GlobalState = RefCell<GlobalStateInner>;
@ -66,6 +63,8 @@ impl<'mir, 'tcx> GlobalStateInner {
let pos = global_state.int_to_ptr_map.binary_search_by_key(&addr, |(addr, _)| *addr);
// Determine the in-bounds provenance for this pointer.
// (This is only called on an actual access, so in-bounds is the only possible kind of provenance.)
let alloc_id = match pos {
Ok(pos) => Some(global_state.int_to_ptr_map[pos].1),
Err(0) => None,
@ -91,21 +90,14 @@ impl<'mir, 'tcx> GlobalStateInner {
}
}?;
// In legacy mode, we consider all allocations exposed.
if global_state.provenance_mode == ProvenanceMode::Legacy
|| global_state.exposed.contains(&alloc_id)
{
Some(alloc_id)
} else {
None
}
// We only use this provenance if it has been exposed.
if global_state.exposed.contains(&alloc_id) { Some(alloc_id) } else { None }
}
pub fn expose_ptr(ecx: &mut MiriEvalContext<'mir, 'tcx>, alloc_id: AllocId, sb: SbTag) {
let global_state = ecx.machine.intptrcast.get_mut();
// In legacy and strict mode, we don't need this, so we can save some cycles
// by not tracking it.
if global_state.provenance_mode == ProvenanceMode::Permissive {
// In strict mode, we don't need this, so we can save some cycles by not tracking it.
if global_state.provenance_mode != ProvenanceMode::Strict {
trace!("Exposing allocation id {alloc_id:?}");
global_state.exposed.insert(alloc_id);
if ecx.machine.stacked_borrows.is_some() {
@ -120,42 +112,43 @@ impl<'mir, 'tcx> GlobalStateInner {
) -> Pointer<Option<Tag>> {
trace!("Transmuting 0x{:x} to a pointer", addr);
if ecx.machine.allow_ptr_int_transmute {
// When we allow transmutes, treat them like casts.
Self::ptr_from_addr_cast(ecx, addr)
let provenance = if ecx.machine.allow_ptr_int_transmute {
// When we allow transmutes, treat them like casts: generating a wildcard pointer.
Some(Tag::Wildcard)
} else {
// We consider transmuted pointers to be "invalid" (`None` provenance).
Pointer::new(None, Size::from_bytes(addr))
}
// Usually, we consider transmuted pointers to be "invalid" (`None` provenance).
None
};
Pointer::new(provenance, Size::from_bytes(addr))
}
pub fn ptr_from_addr_cast(
ecx: &MiriEvalContext<'mir, 'tcx>,
addr: u64,
) -> Pointer<Option<Tag>> {
) -> InterpResult<'tcx, Pointer<Option<Tag>>> {
trace!("Casting 0x{:x} to a pointer", addr);
let global_state = ecx.machine.intptrcast.borrow();
match global_state.provenance_mode {
ProvenanceMode::Legacy => {
// Determine the allocation this points to at cast time.
let alloc_id = Self::alloc_id_from_addr(ecx, addr);
Pointer::new(
alloc_id.map(|alloc_id| Tag::Concrete { alloc_id, sb: SbTag::Untagged }),
Size::from_bytes(addr),
)
ProvenanceMode::Default => {
// The first time this happens, print a warning.
use std::sync::atomic::{AtomicBool, Ordering};
static FIRST_WARNING: AtomicBool = AtomicBool::new(true);
if FIRST_WARNING.swap(false, Ordering::Relaxed) {
register_diagnostic(NonHaltingDiagnostic::Int2Ptr);
}
}
ProvenanceMode::Strict => {
// We don't support int2ptr casts in this mode (i.e., we treat them like
// transmutes).
Pointer::new(None, Size::from_bytes(addr))
}
ProvenanceMode::Permissive => {
// This is how wildcard pointers are born.
Pointer::new(Some(Tag::Wildcard), Size::from_bytes(addr))
throw_unsup_format!(
"integer-to-pointer casts and `from_exposed_addr` are not supported with `-Zmiri-strict-provenance`; use `with_addr` instead"
)
}
ProvenanceMode::Permissive => {}
}
// This is how wildcard pointers are born.
Ok(Pointer::new(Some(Tag::Wildcard), Size::from_bytes(addr)))
}
fn alloc_base_addr(ecx: &MiriEvalContext<'mir, 'tcx>, alloc_id: AllocId) -> u64 {
@ -214,6 +207,8 @@ impl<'mir, 'tcx> GlobalStateInner {
dl.overflowing_offset(base_addr, offset.bytes()).0
}
/// Whena pointer is used for a memory access, this computes where in which allocation the
/// access is going.
pub fn abs_ptr_to_rel(
ecx: &MiriEvalContext<'mir, 'tcx>,
ptr: Pointer<Tag>,
@ -224,7 +219,6 @@ impl<'mir, 'tcx> GlobalStateInner {
alloc_id
} else {
// A wildcard pointer.
assert_eq!(ecx.machine.intptrcast.borrow().provenance_mode, ProvenanceMode::Permissive);
GlobalStateInner::alloc_id_from_addr(ecx, addr.bytes())?
};

3
src/machine.rs
View File

@ -353,7 +353,6 @@ impl<'mir, 'tcx> Evaluator<'mir, 'tcx> {
Some(RefCell::new(stacked_borrows::GlobalStateInner::new(
config.tracked_pointer_tags.clone(),
config.tracked_call_ids.clone(),
config.tag_raw,
)))
} else {
None
@ -696,7 +695,7 @@ impl<'mir, 'tcx> Machine<'mir, 'tcx> for Evaluator<'mir, 'tcx> {
ecx: &MiriEvalContext<'mir, 'tcx>,
addr: u64,
) -> InterpResult<'tcx, Pointer<Option<Self::PointerTag>>> {
Ok(intptrcast::GlobalStateInner::ptr_from_addr_cast(ecx, addr))
intptrcast::GlobalStateInner::ptr_from_addr_cast(ecx, addr)
}
#[inline(always)]

8
src/stacked_borrows.rs
View File

@ -219,11 +219,7 @@ impl fmt::Display for RefKind {
/// Utilities for initialization and ID generation
impl GlobalStateInner {
pub fn new(
tracked_pointer_tags: HashSet<PtrId>,
tracked_call_ids: HashSet<CallId>,
tag_raw: bool,
) -> Self {
pub fn new(tracked_pointer_tags: HashSet<PtrId>, tracked_call_ids: HashSet<CallId>) -> Self {
GlobalStateInner {
next_ptr_id: NonZeroU64::new(1).unwrap(),
base_ptr_ids: FxHashMap::default(),
@ -231,7 +227,7 @@ impl GlobalStateInner {
active_calls: FxHashSet::default(),
tracked_pointer_tags,
tracked_call_ids,
tag_raw,
tag_raw: true,
}
}

5
test-cargo-miri/run-test.py
View File

@ -124,11 +124,6 @@ def test_cargo_miri_test():
"test.cross-target.stdout.ref", "test.stderr-empty.ref",
env={'MIRIFLAGS': "-Zmiri-disable-isolation"},
)
test("`cargo miri test` (raw-ptr tracking)",
cargo_miri("test"),
default_ref, "test.stderr-empty.ref",
env={'MIRIFLAGS': "-Zmiri-tag-raw-pointers"},
)
test("`cargo miri test` (with filter)",
cargo_miri("test") + ["--", "--format=pretty", "le1"],
filter_ref, "test.stderr-empty.ref",

17
tests/fail/backtrace/bad-backtrace-flags.stderr
View File

@ -1,3 +1,18 @@
warning: pointer-to-integer cast
--> $DIR/bad-backtrace-flags.rs:LL:CC
|
LL | miri_get_backtrace(2, 0 as *mut _);
| ^^^^^^^^^^^ pointer-to-integer cast
|
= help: this program is using integer-to-pointer casts or (equivalently) `from_exposed_addr`,
= help: which means that Miri might miss pointer bugs in this program
= help: see https://doc.rust-lang.org/nightly/std/ptr/fn.from_exposed_addr.html for more details on that operation
= help: to ensure that Miri does not miss bugs in your program, use `with_addr` (https://doc.rust-lang.org/nightly/std/ptr/index.html#strict-provenance) instead
= help: you can then pass the `-Zmiri-strict-provenance` flag to Miri, to ensure you are not relying on `from_exposed_addr` semantics
= help: alternatively, the `-Zmiri-permissive-provenance` flag disables this warning
= note: inside `main` at $DIR/bad-backtrace-flags.rs:LL:CC
error: unsupported operation: unknown `miri_get_backtrace` flags 2
--> $DIR/bad-backtrace-flags.rs:LL:CC
|
@ -10,5 +25,5 @@ LL | miri_get_backtrace(2, 0 as *mut _);
note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace
error: aborting due to previous error
error: aborting due to previous error; 1 warning emitted

17
tests/fail/backtrace/bad-backtrace-ptr.stderr
View File

@ -1,3 +1,18 @@
warning: pointer-to-integer cast
--> $DIR/bad-backtrace-ptr.rs:LL:CC
|
LL | miri_resolve_frame(0 as *mut _, 0);
| ^^^^^^^^^^^ pointer-to-integer cast
|
= help: this program is using integer-to-pointer casts or (equivalently) `from_exposed_addr`,
= help: which means that Miri might miss pointer bugs in this program
= help: see https://doc.rust-lang.org/nightly/std/ptr/fn.from_exposed_addr.html for more details on that operation
= help: to ensure that Miri does not miss bugs in your program, use `with_addr` (https://doc.rust-lang.org/nightly/std/ptr/index.html#strict-provenance) instead
= help: you can then pass the `-Zmiri-strict-provenance` flag to Miri, to ensure you are not relying on `from_exposed_addr` semantics
= help: alternatively, the `-Zmiri-permissive-provenance` flag disables this warning
= note: inside `main` at $DIR/bad-backtrace-ptr.rs:LL:CC
error: Undefined Behavior: null pointer is not a valid pointer for this operation
--> $DIR/bad-backtrace-ptr.rs:LL:CC
|
@ -11,5 +26,5 @@ LL | miri_resolve_frame(0 as *mut _, 0);
note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace
error: aborting due to previous error
error: aborting due to previous error; 1 warning emitted

17
tests/fail/backtrace/bad-backtrace-resolve-flags.stderr
View File

@ -1,3 +1,18 @@
warning: pointer-to-integer cast
--> $DIR/bad-backtrace-resolve-flags.rs:LL:CC
|
LL | let mut buf = vec![0 as *mut _; miri_backtrace_size(0)];
| ^^^^^^^^^^^ pointer-to-integer cast
|
= help: this program is using integer-to-pointer casts or (equivalently) `from_exposed_addr`,
= help: which means that Miri might miss pointer bugs in this program
= help: see https://doc.rust-lang.org/nightly/std/ptr/fn.from_exposed_addr.html for more details on that operation
= help: to ensure that Miri does not miss bugs in your program, use `with_addr` (https://doc.rust-lang.org/nightly/std/ptr/index.html#strict-provenance) instead
= help: you can then pass the `-Zmiri-strict-provenance` flag to Miri, to ensure you are not relying on `from_exposed_addr` semantics
= help: alternatively, the `-Zmiri-permissive-provenance` flag disables this warning
= note: inside `main` at $DIR/bad-backtrace-resolve-flags.rs:LL:CC
error: unsupported operation: unknown `miri_resolve_frame` flags 2
--> $DIR/bad-backtrace-resolve-flags.rs:LL:CC
|
@ -10,5 +25,5 @@ LL | miri_resolve_frame(buf[0], 2);
note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace
error: aborting due to previous error
error: aborting due to previous error; 1 warning emitted

17
tests/fail/backtrace/bad-backtrace-resolve-names-flags.stderr
View File

@ -1,3 +1,18 @@
warning: pointer-to-integer cast
--> $DIR/bad-backtrace-resolve-names-flags.rs:LL:CC
|
LL | let mut buf = vec![0 as *mut _; miri_backtrace_size(0)];
| ^^^^^^^^^^^ pointer-to-integer cast
|
= help: this program is using integer-to-pointer casts or (equivalently) `from_exposed_addr`,
= help: which means that Miri might miss pointer bugs in this program
= help: see https://doc.rust-lang.org/nightly/std/ptr/fn.from_exposed_addr.html for more details on that operation
= help: to ensure that Miri does not miss bugs in your program, use `with_addr` (https://doc.rust-lang.org/nightly/std/ptr/index.html#strict-provenance) instead
= help: you can then pass the `-Zmiri-strict-provenance` flag to Miri, to ensure you are not relying on `from_exposed_addr` semantics
= help: alternatively, the `-Zmiri-permissive-provenance` flag disables this warning
= note: inside `main` at $DIR/bad-backtrace-resolve-names-flags.rs:LL:CC
error: unsupported operation: unknown `miri_resolve_frame_names` flags 2
--> $DIR/bad-backtrace-resolve-names-flags.rs:LL:CC
|
@ -10,5 +25,5 @@ LL | ... miri_resolve_frame_names(buf[0], 2, 0 as *mut _, 0 as *mut _);
note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace
error: aborting due to previous error
error: aborting due to previous error; 1 warning emitted

17
tests/fail/concurrency/thread_local_static_dealloc.stderr
View File

@ -1,3 +1,18 @@
warning: pointer-to-integer cast
--> $DIR/thread_local_static_dealloc.rs:LL:CC
|
LL | let _val = *(dangling_ptr as *const u8);
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^ pointer-to-integer cast
|
= help: this program is using integer-to-pointer casts or (equivalently) `from_exposed_addr`,
= help: which means that Miri might miss pointer bugs in this program
= help: see https://doc.rust-lang.org/nightly/std/ptr/fn.from_exposed_addr.html for more details on that operation
= help: to ensure that Miri does not miss bugs in your program, use `with_addr` (https://doc.rust-lang.org/nightly/std/ptr/index.html#strict-provenance) instead
= help: you can then pass the `-Zmiri-strict-provenance` flag to Miri, to ensure you are not relying on `from_exposed_addr` semantics
= help: alternatively, the `-Zmiri-permissive-provenance` flag disables this warning
= note: inside `main` at $DIR/thread_local_static_dealloc.rs:LL:CC
error: Undefined Behavior: pointer to ALLOC was dereferenced after this allocation got freed
--> $DIR/thread_local_static_dealloc.rs:LL:CC
|
@ -11,5 +26,5 @@ LL | let _val = *(dangling_ptr as *const u8);
note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace
error: aborting due to previous error
error: aborting due to previous error; 1 warning emitted

17
tests/fail/dangling_pointers/deref-invalid-ptr.stderr
View File

@ -1,3 +1,18 @@
warning: pointer-to-integer cast
--> $DIR/deref-invalid-ptr.rs:LL:CC
|
LL | let x = 16usize as *const u32;
| ^^^^^^^^^^^^^^^^^^^^^ pointer-to-integer cast
|
= help: this program is using integer-to-pointer casts or (equivalently) `from_exposed_addr`,
= help: which means that Miri might miss pointer bugs in this program
= help: see https://doc.rust-lang.org/nightly/std/ptr/fn.from_exposed_addr.html for more details on that operation
= help: to ensure that Miri does not miss bugs in your program, use `with_addr` (https://doc.rust-lang.org/nightly/std/ptr/index.html#strict-provenance) instead
= help: you can then pass the `-Zmiri-strict-provenance` flag to Miri, to ensure you are not relying on `from_exposed_addr` semantics
= help: alternatively, the `-Zmiri-permissive-provenance` flag disables this warning
= note: inside `main` at $DIR/deref-invalid-ptr.rs:LL:CC
error: Undefined Behavior: dereferencing pointer failed: 0x10 is not a valid pointer
--> $DIR/deref-invalid-ptr.rs:LL:CC
|
@ -11,5 +26,5 @@ LL | let _y = unsafe { &*x as *const u32 };
note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace
error: aborting due to previous error
error: aborting due to previous error; 1 warning emitted

22
tests/fail/dangling_pointers/storage_dead_dangling.stderr
View File

@ -1,3 +1,23 @@
warning: pointer-to-integer cast
--> $DIR/storage_dead_dangling.rs:LL:CC
|
LL | unsafe { &mut *(LEAK as *mut i32) };
| ^^^^^^^^^^^^^^^^^^ pointer-to-integer cast
|
= help: this program is using integer-to-pointer casts or (equivalently) `from_exposed_addr`,
= help: which means that Miri might miss pointer bugs in this program
= help: see https://doc.rust-lang.org/nightly/std/ptr/fn.from_exposed_addr.html for more details on that operation
= help: to ensure that Miri does not miss bugs in your program, use `with_addr` (https://doc.rust-lang.org/nightly/std/ptr/index.html#strict-provenance) instead
= help: you can then pass the `-Zmiri-strict-provenance` flag to Miri, to ensure you are not relying on `from_exposed_addr` semantics
= help: alternatively, the `-Zmiri-permissive-provenance` flag disables this warning
= note: inside `evil` at $DIR/storage_dead_dangling.rs:LL:CC
note: inside `main` at $DIR/storage_dead_dangling.rs:LL:CC
--> $DIR/storage_dead_dangling.rs:LL:CC
|
LL | evil();
| ^^^^^^
error: Undefined Behavior: pointer to ALLOC was dereferenced after this allocation got freed
--> $DIR/storage_dead_dangling.rs:LL:CC
|
@ -16,5 +36,5 @@ LL | evil();
note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace
error: aborting due to previous error
error: aborting due to previous error; 1 warning emitted

17
tests/fail/dangling_pointers/wild_pointer_deref.stderr
View File

@ -1,3 +1,18 @@
warning: pointer-to-integer cast
--> $DIR/wild_pointer_deref.rs:LL:CC
|
LL | let p = 44 as *const i32;
| ^^^^^^^^^^^^^^^^ pointer-to-integer cast
|
= help: this program is using integer-to-pointer casts or (equivalently) `from_exposed_addr`,
= help: which means that Miri might miss pointer bugs in this program
= help: see https://doc.rust-lang.org/nightly/std/ptr/fn.from_exposed_addr.html for more details on that operation
= help: to ensure that Miri does not miss bugs in your program, use `with_addr` (https://doc.rust-lang.org/nightly/std/ptr/index.html#strict-provenance) instead
= help: you can then pass the `-Zmiri-strict-provenance` flag to Miri, to ensure you are not relying on `from_exposed_addr` semantics
= help: alternatively, the `-Zmiri-permissive-provenance` flag disables this warning
= note: inside `main` at $DIR/wild_pointer_deref.rs:LL:CC
error: Undefined Behavior: dereferencing pointer failed: 0x2c is not a valid pointer
--> $DIR/wild_pointer_deref.rs:LL:CC
|
@ -11,5 +26,5 @@ LL | let x = unsafe { *p };
note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace
error: aborting due to previous error
error: aborting due to previous error; 1 warning emitted

17
tests/fail/intrinsics/ptr_offset_0_plus_0.stderr
View File

@ -1,3 +1,18 @@
warning: pointer-to-integer cast
--> $DIR/ptr_offset_0_plus_0.rs:LL:CC
|
LL | let x = 0 as *mut i32;
| ^^^^^^^^^^^^^ pointer-to-integer cast
|
= help: this program is using integer-to-pointer casts or (equivalently) `from_exposed_addr`,
= help: which means that Miri might miss pointer bugs in this program
= help: see https://doc.rust-lang.org/nightly/std/ptr/fn.from_exposed_addr.html for more details on that operation
= help: to ensure that Miri does not miss bugs in your program, use `with_addr` (https://doc.rust-lang.org/nightly/std/ptr/index.html#strict-provenance) instead
= help: you can then pass the `-Zmiri-strict-provenance` flag to Miri, to ensure you are not relying on `from_exposed_addr` semantics
= help: alternatively, the `-Zmiri-permissive-provenance` flag disables this warning
= note: inside `main` at $DIR/ptr_offset_0_plus_0.rs:LL:CC
error: Undefined Behavior: pointer arithmetic failed: null pointer is not a valid pointer
--> RUSTLIB/core/src/ptr/mut_ptr.rs:LL:CC
|
@ -16,5 +31,5 @@ LL | let _x = unsafe { x.offset(0) }; // UB despite offset 0, NULL is never
note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace
error: aborting due to previous error
error: aborting due to previous error; 1 warning emitted

17
tests/fail/intrinsics/ptr_offset_int_plus_int.stderr
View File

@ -1,3 +1,18 @@
warning: pointer-to-integer cast
--> $DIR/ptr_offset_int_plus_int.rs:LL:CC
|
LL | let _val = (1 as *mut u8).offset(1);
| ^^^^^^^^^^^^^^ pointer-to-integer cast
|
= help: this program is using integer-to-pointer casts or (equivalently) `from_exposed_addr`,
= help: which means that Miri might miss pointer bugs in this program
= help: see https://doc.rust-lang.org/nightly/std/ptr/fn.from_exposed_addr.html for more details on that operation
= help: to ensure that Miri does not miss bugs in your program, use `with_addr` (https://doc.rust-lang.org/nightly/std/ptr/index.html#strict-provenance) instead
= help: you can then pass the `-Zmiri-strict-provenance` flag to Miri, to ensure you are not relying on `from_exposed_addr` semantics
= help: alternatively, the `-Zmiri-permissive-provenance` flag disables this warning
= note: inside `main` at $DIR/ptr_offset_int_plus_int.rs:LL:CC
error: Undefined Behavior: pointer arithmetic failed: 0x1 is not a valid pointer
--> RUSTLIB/core/src/ptr/mut_ptr.rs:LL:CC
|
@ -16,5 +31,5 @@ LL | let _val = (1 as *mut u8).offset(1);
note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace
error: aborting due to previous error
error: aborting due to previous error; 1 warning emitted

17
tests/fail/intrinsics/ptr_offset_int_plus_ptr.stderr
View File

@ -1,3 +1,18 @@
warning: pointer-to-integer cast
--> $DIR/ptr_offset_int_plus_ptr.rs:LL:CC
|
LL | let _val = (1 as *mut u8).offset(ptr as isize);
| ^^^^^^^^^^^^^^ pointer-to-integer cast
|
= help: this program is using integer-to-pointer casts or (equivalently) `from_exposed_addr`,
= help: which means that Miri might miss pointer bugs in this program
= help: see https://doc.rust-lang.org/nightly/std/ptr/fn.from_exposed_addr.html for more details on that operation
= help: to ensure that Miri does not miss bugs in your program, use `with_addr` (https://doc.rust-lang.org/nightly/std/ptr/index.html#strict-provenance) instead
= help: you can then pass the `-Zmiri-strict-provenance` flag to Miri, to ensure you are not relying on `from_exposed_addr` semantics
= help: alternatively, the `-Zmiri-permissive-provenance` flag disables this warning
= note: inside `main` at $DIR/ptr_offset_int_plus_ptr.rs:LL:CC
error: Undefined Behavior: pointer arithmetic failed: 0x1 is not a valid pointer
--> RUSTLIB/core/src/ptr/mut_ptr.rs:LL:CC
|
@ -16,5 +31,5 @@ LL | let _val = (1 as *mut u8).offset(ptr as isize);
note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace
error: aborting due to previous error
error: aborting due to previous error; 1 warning emitted

22
tests/fail/provenance/ptr_legacy_provenance.rs
View File

@ -1,22 +0,0 @@
// compile-flags: -Zmiri-disable-stacked-borrows
// normalize-stderr-test: "offset -[0-9]+" -> "offset -XX"
#![feature(strict_provenance)]
use std::ptr;
// Make sure that with legacy provenance, the allocation id of
// a casted pointer is determined at cast-time
fn main() {
let x: i32 = 0;
let y: i32 = 1;
let x_ptr = &x as *const i32;
let y_ptr = &y as *const i32;
let x_usize = x_ptr.expose_addr();
let y_usize = y_ptr.expose_addr();
let ptr = ptr::from_exposed_addr::<i32>(y_usize);
let ptr = ptr.with_addr(x_usize);
assert_eq!(unsafe { *ptr }, 0); //~ ERROR is out-of-bounds
}

15
tests/fail/provenance/ptr_legacy_provenance.stderr
View File

@ -1,15 +0,0 @@
error: Undefined Behavior: dereferencing pointer failed: ALLOC has size 4, so pointer to 4 bytes starting at offset -XX is out-of-bounds
--> $DIR/ptr_legacy_provenance.rs:LL:CC
|
LL | assert_eq!(unsafe { *ptr }, 0);
| ^^^^ dereferencing pointer failed: ALLOC has size 4, so pointer to 4 bytes starting at offset -XX is out-of-bounds
|
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information
= note: inside `main` at $DIR/ptr_legacy_provenance.rs:LL:CC
note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace
error: aborting due to previous error

8
tests/fail/stacked_borrows/aliasing_mut3.stderr
View File

@ -1,20 +1,20 @@
error: Undefined Behavior: trying to reborrow <untagged> for SharedReadOnly permission at ALLOC[0x0], but that tag does not exist in the borrow stack for this location
error: Undefined Behavior: trying to reborrow <TAG> for SharedReadOnly permission at ALLOC[0x0], but that tag does not exist in the borrow stack for this location
--> $DIR/aliasing_mut3.rs:LL:CC
|
LL | pub fn safe(_x: &mut i32, _y: &i32) {}
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
| |
| trying to reborrow <untagged> for SharedReadOnly permission at ALLOC[0x0], but that tag does not exist in the borrow stack for this location
| trying to reborrow <TAG> for SharedReadOnly permission at ALLOC[0x0], but that tag does not exist in the borrow stack for this location
| this error occurs as part of a reborrow at ALLOC[0x0..0x4]
|
= help: this indicates a potential bug in the program: it performed an invalid operation, but the Stacked Borrows rules it violated are still experimental
= help: see https://github.com/rust-lang/unsafe-code-guidelines/blob/master/wip/stacked-borrows.md for further information
help: tag was most recently created at offsets [0x0..0x4]
help: <TAG> was created by a retag at offsets [0x0..0x4]
--> $DIR/aliasing_mut3.rs:LL:CC
|
LL | safe_raw(xraw, xshr);
| ^^^^
help: tag was later invalidated at offsets [0x0..0x4]
help: <TAG> was later invalidated at offsets [0x0..0x4]
--> $DIR/aliasing_mut3.rs:LL:CC
|
LL | pub fn safe(_x: &mut i32, _y: &i32) {}

4
tests/fail/stacked_borrows/box_exclusive_violation1.rs
View File

@ -8,7 +8,7 @@ fn demo_mut_advanced_unique(mut our: Box<i32>) -> i32 {
unknown_code_2();
// We know this will return 5
*our //~ ERROR borrow stack
*our
}
// Now comes the evil context
@ -24,7 +24,7 @@ fn unknown_code_1(x: &i32) {
fn unknown_code_2() {
unsafe {
*LEAK = 7;
*LEAK = 7; //~ ERROR borrow stack
}
}

33
tests/fail/stacked_borrows/box_exclusive_violation1.stderr
View File

@ -1,31 +1,30 @@
error: Undefined Behavior: attempting a read access using <TAG> at ALLOC[0x0], but that tag does not exist in the borrow stack for this location
error: Undefined Behavior: attempting a write access using <TAG> at ALLOC[0x0], but that tag does not exist in the borrow stack for this location
--> $DIR/box_exclusive_violation1.rs:LL:CC
|
LL | *our
| ^^^^
| |
| attempting a read access using <TAG> at ALLOC[0x0], but that tag does not exist in the borrow stack for this location
| this error occurs as part of an access at ALLOC[0x0..0x4]
LL | *LEAK = 7;
| ^^^^^^^^^
| |
| attempting a write access using <TAG> at ALLOC[0x0], but that tag does not exist in the borrow stack for this location
| this error occurs as part of an access at ALLOC[0x0..0x4]
|
= help: this indicates a potential bug in the program: it performed an invalid operation, but the Stacked Borrows rules it violated are still experimental
= help: see https://github.com/rust-lang/unsafe-code-guidelines/blob/master/wip/stacked-borrows.md for further information
help: <TAG> was created by a retag at offsets [0x0..0x4]
--> $DIR/box_exclusive_violation1.rs:LL:CC
|
LL | / fn demo_mut_advanced_unique(mut our: Box<i32>) -> i32 {
LL | | unknown_code_1(&*our);
LL | |
LL | | // This "re-asserts" uniqueness of the reference: After writing, we know
... |
LL | | *our
LL | | }
| |_^
LL | LEAK = x as *const _ as *mut _;
| ^
help: <TAG> was later invalidated at offsets [0x0..0x4]
--> $DIR/box_exclusive_violation1.rs:LL:CC
|
LL | *LEAK = 7;
| ^^^^^^^^^
= note: inside `demo_mut_advanced_unique` at $DIR/box_exclusive_violation1.rs:LL:CC
LL | *our = 5;
| ^^^^^^^^
= note: inside `unknown_code_2` at $DIR/box_exclusive_violation1.rs:LL:CC
note: inside `demo_mut_advanced_unique` at $DIR/box_exclusive_violation1.rs:LL:CC
--> $DIR/box_exclusive_violation1.rs:LL:CC
|
LL | unknown_code_2();
| ^^^^^^^^^^^^^^^^
note: inside `main` at $DIR/box_exclusive_violation1.rs:LL:CC
--> $DIR/box_exclusive_violation1.rs:LL:CC
|

2
tests/fail/stacked_borrows/illegal_read3.rs
View File

@ -5,7 +5,7 @@
use std::mem;
union HiddenRef {
// We avoid retagging at this type, so shared vs mutable does not matter.
// We avoid retagging at this type, and we only read, so shared vs mutable does not matter.
r: &'static i32,
}

8
tests/fail/stacked_borrows/illegal_read6.stderr
View File

@ -1,20 +1,20 @@
error: Undefined Behavior: attempting a read access using <untagged> at ALLOC[0x0], but that tag does not exist in the borrow stack for this location
error: Undefined Behavior: attempting a read access using <TAG> at ALLOC[0x0], but that tag does not exist in the borrow stack for this location
--> $DIR/illegal_read6.rs:LL:CC
|
LL | let _val = *raw;
| ^^^^
| |
| attempting a read access using <untagged> at ALLOC[0x0], but that tag does not exist in the borrow stack for this location
| attempting a read access using <TAG> at ALLOC[0x0], but that tag does not exist in the borrow stack for this location
| this error occurs as part of an access at ALLOC[0x0..0x4]
|
= help: this indicates a potential bug in the program: it performed an invalid operation, but the Stacked Borrows rules it violated are still experimental
= help: see https://github.com/rust-lang/unsafe-code-guidelines/blob/master/wip/stacked-borrows.md for further information
help: tag was most recently created at offsets [0x0..0x4]
help: <TAG> was created by a retag at offsets [0x0..0x4]
--> $DIR/illegal_read6.rs:LL:CC
|
LL | let raw = x as *mut _;
| ^
help: tag was later invalidated at offsets [0x0..0x4]
help: <TAG> was later invalidated at offsets [0x0..0x4]
--> $DIR/illegal_read6.rs:LL:CC
|
LL | let x = &mut *x; // kill `raw`

4
tests/fail/stacked_borrows/illegal_write1.rs
View File

@ -3,7 +3,7 @@ fn main() {
let xref = &*target;
{
let x: *mut u32 = xref as *const _ as *mut _;
unsafe { *x = 42 }; // invalidates shared ref, activates raw
unsafe { *x = 42 }; //~ ERROR only grants SharedReadOnly permission
}
let _x = *xref; //~ ERROR borrow stack
let _x = *xref;
}

21
tests/fail/stacked_borrows/illegal_write1.stderr
View File

@ -1,24 +1,19 @@
error: Undefined Behavior: attempting a read access using <TAG> at ALLOC[0x0], but that tag does not exist in the borrow stack for this location
error: Undefined Behavior: attempting a write access using <TAG> at ALLOC[0x0], but that tag only grants SharedReadOnly permission for this location
--> $DIR/illegal_write1.rs:LL:CC
|
LL | let _x = *xref;
| ^^^^^
| |
| attempting a read access using <TAG> at ALLOC[0x0], but that tag does not exist in the borrow stack for this location
| this error occurs as part of an access at ALLOC[0x0..0x4]
LL | unsafe { *x = 42 };
| ^^^^^^^
| |
| attempting a write access using <TAG> at ALLOC[0x0], but that tag only grants SharedReadOnly permission for this location
| this error occurs as part of an access at ALLOC[0x0..0x4]
|
= help: this indicates a potential bug in the program: it performed an invalid operation, but the Stacked Borrows rules it violated are still experimental
= help: see https://github.com/rust-lang/unsafe-code-guidelines/blob/master/wip/stacked-borrows.md for further information
help: <TAG> was created by a retag at offsets [0x0..0x4]
--> $DIR/illegal_write1.rs:LL:CC
|
LL | let xref = &*target;
| ^^^^^^^^
help: <TAG> was later invalidated at offsets [0x0..0x4]
--> $DIR/illegal_write1.rs:LL:CC
|
LL | unsafe { *x = 42 }; // invalidates shared ref, activates raw
| ^^^^^^^
LL | let x: *mut u32 = xref as *const _ as *mut _;
| ^^^^
= note: inside `main` at $DIR/illegal_write1.rs:LL:CC
note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace

8
tests/fail/stacked_borrows/illegal_write2.stderr
View File

@ -1,20 +1,20 @@
error: Undefined Behavior: attempting a write access using <untagged> at ALLOC[0x0], but that tag does not exist in the borrow stack for this location
error: Undefined Behavior: attempting a write access using <TAG> at ALLOC[0x0], but that tag does not exist in the borrow stack for this location
--> $DIR/illegal_write2.rs:LL:CC
|
LL | unsafe { *target2 = 13 };
| ^^^^^^^^^^^^^
| |
| attempting a write access using <untagged> at ALLOC[0x0], but that tag does not exist in the borrow stack for this location
| attempting a write access using <TAG> at ALLOC[0x0], but that tag does not exist in the borrow stack for this location
| this error occurs as part of an access at ALLOC[0x0..0x4]
|
= help: this indicates a potential bug in the program: it performed an invalid operation, but the Stacked Borrows rules it violated are still experimental
= help: see https://github.com/rust-lang/unsafe-code-guidelines/blob/master/wip/stacked-borrows.md for further information
help: tag was most recently created at offsets [0x0..0x4]
help: <TAG> was created by a retag at offsets [0x0..0x4]
--> $DIR/illegal_write2.rs:LL:CC
|
LL | let target2 = target as *mut _;
| ^^^^^^
help: tag was later invalidated at offsets [0x0..0x4]
help: <TAG> was later invalidated at offsets [0x0..0x4]
--> $DIR/illegal_write2.rs:LL:CC
|
LL | drop(&mut *target); // reborrow

6
tests/fail/stacked_borrows/illegal_write3.stderr
View File

@ -1,15 +1,15 @@
error: Undefined Behavior: attempting a write access using <untagged> at ALLOC[0x0], but that tag only grants SharedReadOnly permission for this location
error: Undefined Behavior: attempting a write access using <TAG> at ALLOC[0x0], but that tag only grants SharedReadOnly permission for this location
--> $DIR/illegal_write3.rs:LL:CC
|
LL | unsafe { *ptr = 42 };
| ^^^^^^^^^
| |
| attempting a write access using <untagged> at ALLOC[0x0], but that tag only grants SharedReadOnly permission for this location
| attempting a write access using <TAG> at ALLOC[0x0], but that tag only grants SharedReadOnly permission for this location
| this error occurs as part of an access at ALLOC[0x0..0x4]
|
= help: this indicates a potential bug in the program: it performed an invalid operation, but the Stacked Borrows rules it violated are still experimental
= help: see https://github.com/rust-lang/unsafe-code-guidelines/blob/master/wip/stacked-borrows.md for further information
help: tag was most recently created at offsets [0x0..0x4]
help: <TAG> was created by a retag at offsets [0x0..0x4]
--> $DIR/illegal_write3.rs:LL:CC
|
LL | let ptr = r#ref as *const _ as *mut _; // raw ptr, with raw tag

4
tests/fail/stacked_borrows/illegal_write4.rs
View File

@ -6,8 +6,8 @@ fn main() {
// Even just creating it unfreezes.
let raw = &mut target as *mut _; // let this leak to raw
let reference = unsafe { &*raw }; // freeze
let ptr = reference as *const _ as *mut i32; // raw ptr, with raw tag
let _mut_ref: &mut i32 = unsafe { mem::transmute(ptr) }; // &mut, with raw tag
let _ptr = reference as *const _ as *mut i32; // raw ptr, with raw tag
let _mut_ref: &mut i32 = unsafe { mem::transmute(raw) }; // &mut, with raw tag
// Now we retag, making our ref top-of-stack -- and, in particular, unfreezing.
let _val = *reference; //~ ERROR borrow stack
}

2
tests/fail/stacked_borrows/illegal_write4.stderr
View File

@ -17,7 +17,7 @@ LL | let reference = unsafe { &*raw }; // freeze
help: <TAG> was later invalidated at offsets [0x0..0x4]
--> $DIR/illegal_write4.rs:LL:CC
|
LL | let _mut_ref: &mut i32 = unsafe { mem::transmute(ptr) }; // &mut, with raw tag
LL | let _mut_ref: &mut i32 = unsafe { mem::transmute(raw) }; // &mut, with raw tag
| ^^^^^^^^^^^^^^^^^^^
= note: inside `main` at $DIR/illegal_write4.rs:LL:CC

8
tests/fail/stacked_borrows/illegal_write6.stderr
View File

@ -1,17 +1,17 @@
error: Undefined Behavior: not granting access to tag <untagged> because incompatible item is protected: [Unique for <TAG> (call ID)]
error: Undefined Behavior: not granting access to tag <TAG> because incompatible item is protected: [Unique for <TAG> (call ID)]
--> $DIR/illegal_write6.rs:LL:CC
|
LL | unsafe { *y = 2 };
| ^^^^^^ not granting access to tag <untagged> because incompatible item is protected: [Unique for <TAG> (call ID)]
| ^^^^^^ not granting access to tag <TAG> because incompatible item is protected: [Unique for <TAG> (call ID)]
|
= help: this indicates a potential bug in the program: it performed an invalid operation, but the Stacked Borrows rules it violated are still experimental
= help: see https://github.com/rust-lang/unsafe-code-guidelines/blob/master/wip/stacked-borrows.md for further information
help: tag was most recently created at offsets [0x0..0x4]
help: <TAG> was created by a retag at offsets [0x0..0x4]
--> $DIR/illegal_write6.rs:LL:CC
|
LL | let p = x as *mut u32;
| ^
help: <TAG> was protected due to a tag which was created here
help: <TAG> was protected due to <TAG> which was created here
--> $DIR/illegal_write6.rs:LL:CC
|
LL | foo(x, p);

8
tests/fail/stacked_borrows/invalidate_against_barrier1.stderr
View File

@ -1,17 +1,17 @@
error: Undefined Behavior: not granting access to tag <untagged> because incompatible item is protected: [Unique for <TAG> (call ID)]
error: Undefined Behavior: not granting access to tag <TAG> because incompatible item is protected: [Unique for <TAG> (call ID)]
--> $DIR/invalidate_against_barrier1.rs:LL:CC
|
LL | let _val = unsafe { *x };
| ^^ not granting access to tag <untagged> because incompatible item is protected: [Unique for <TAG> (call ID)]
| ^^ not granting access to tag <TAG> because incompatible item is protected: [Unique for <TAG> (call ID)]
|
= help: this indicates a potential bug in the program: it performed an invalid operation, but the Stacked Borrows rules it violated are still experimental
= help: see https://github.com/rust-lang/unsafe-code-guidelines/blob/master/wip/stacked-borrows.md for further information
help: tag was most recently created at offsets [0x0..0x4]
help: <TAG> was created by a retag at offsets [0x0..0x4]
--> $DIR/invalidate_against_barrier1.rs:LL:CC
|
LL | let xraw = &mut x as *mut _;
| ^^^^^^
help: <TAG> was protected due to a tag which was created here
help: <TAG> was protected due to <TAG> which was created here
--> $DIR/invalidate_against_barrier1.rs:LL:CC
|
LL | inner(xraw, xref);

8
tests/fail/stacked_borrows/invalidate_against_barrier2.stderr
View File

@ -1,17 +1,17 @@
error: Undefined Behavior: not granting access to tag <untagged> because incompatible item is protected: [SharedReadOnly for <TAG> (call ID)]
error: Undefined Behavior: not granting access to tag <TAG> because incompatible item is protected: [SharedReadOnly for <TAG> (call ID)]
--> $DIR/invalidate_against_barrier2.rs:LL:CC
|
LL | unsafe { *x = 0 };
| ^^^^^^ not granting access to tag <untagged> because incompatible item is protected: [SharedReadOnly for <TAG> (call ID)]
| ^^^^^^ not granting access to tag <TAG> because incompatible item is protected: [SharedReadOnly for <TAG> (call ID)]
|
= help: this indicates a potential bug in the program: it performed an invalid operation, but the Stacked Borrows rules it violated are still experimental
= help: see https://github.com/rust-lang/unsafe-code-guidelines/blob/master/wip/stacked-borrows.md for further information
help: tag was most recently created at offsets [0x0..0x4]
help: <TAG> was created by a retag at offsets [0x0..0x4]
--> $DIR/invalidate_against_barrier2.rs:LL:CC
|
LL | let xraw = &mut x as *mut _;
| ^^^^^^
help: <TAG> was protected due to a tag which was created here
help: <TAG> was protected due to <TAG> which was created here
--> $DIR/invalidate_against_barrier2.rs:LL:CC
|
LL | inner(xraw, xref);

8
tests/fail/stacked_borrows/mut_exclusive_violation1.stderr
View File

@ -1,20 +1,20 @@
error: Undefined Behavior: attempting a write access using <untagged> at ALLOC[0x0], but that tag does not exist in the borrow stack for this location
error: Undefined Behavior: attempting a write access using <TAG> at ALLOC[0x0], but that tag does not exist in the borrow stack for this location
--> $DIR/mut_exclusive_violation1.rs:LL:CC
|
LL | *LEAK = 7;
| ^^^^^^^^^
| |
| attempting a write access using <untagged> at ALLOC[0x0], but that tag does not exist in the borrow stack for this location
| attempting a write access using <TAG> at ALLOC[0x0], but that tag does not exist in the borrow stack for this location
| this error occurs as part of an access at ALLOC[0x0..0x4]
|
= help: this indicates a potential bug in the program: it performed an invalid operation, but the Stacked Borrows rules it violated are still experimental
= help: see https://github.com/rust-lang/unsafe-code-guidelines/blob/master/wip/stacked-borrows.md for further information
help: tag was most recently created at offsets [0x0..0x4]
help: <TAG> was created by a retag at offsets [0x0..0x4]
--> $DIR/mut_exclusive_violation1.rs:LL:CC
|
LL | LEAK = x as *const _ as *mut _;
| ^
help: tag was later invalidated at offsets [0x0..0x4]
help: <TAG> was later invalidated at offsets [0x0..0x4]
--> $DIR/mut_exclusive_violation1.rs:LL:CC
|
LL | *our = 5;

8
tests/fail/stacked_borrows/outdated_local.stderr
View File

@ -1,20 +1,20 @@
error: Undefined Behavior: attempting a read access using <untagged> at ALLOC[0x0], but that tag does not exist in the borrow stack for this location
error: Undefined Behavior: attempting a read access using <TAG> at ALLOC[0x0], but that tag does not exist in the borrow stack for this location
--> $DIR/outdated_local.rs:LL:CC
|
LL | assert_eq!(unsafe { *y }, 1);
| ^^
| |
| attempting a read access using <untagged> at ALLOC[0x0], but that tag does not exist in the borrow stack for this location
| attempting a read access using <TAG> at ALLOC[0x0], but that tag does not exist in the borrow stack for this location
| this error occurs as part of an access at ALLOC[0x0..0x4]
|
= help: this indicates a potential bug in the program: it performed an invalid operation, but the Stacked Borrows rules it violated are still experimental
= help: see https://github.com/rust-lang/unsafe-code-guidelines/blob/master/wip/stacked-borrows.md for further information
help: tag was most recently created at offsets [0x0..0x4]
help: <TAG> was created by a retag at offsets [0x0..0x4]
--> $DIR/outdated_local.rs:LL:CC
|
LL | let y: *const i32 = &x;
| ^^
help: tag was later invalidated at offsets [0x0..0x4]
help: <TAG> was later invalidated at offsets [0x0..0x4]
--> $DIR/outdated_local.rs:LL:CC
|
LL | x = 1; // this invalidates y by reactivating the lowermost uniq borrow for this local

8
tests/fail/stacked_borrows/pointer_smuggling.stderr
View File

@ -1,20 +1,20 @@
error: Undefined Behavior: attempting a read access using <untagged> at ALLOC[0x0], but that tag does not exist in the borrow stack for this location
error: Undefined Behavior: attempting a read access using <TAG> at ALLOC[0x0], but that tag does not exist in the borrow stack for this location
--> $DIR/pointer_smuggling.rs:LL:CC
|
LL | let _x = unsafe { *PTR };
| ^^^^
| |
| attempting a read access using <untagged> at ALLOC[0x0], but that tag does not exist in the borrow stack for this location
| attempting a read access using <TAG> at ALLOC[0x0], but that tag does not exist in the borrow stack for this location
| this error occurs as part of an access at ALLOC[0x0..0x1]
|
= help: this indicates a potential bug in the program: it performed an invalid operation, but the Stacked Borrows rules it violated are still experimental
= help: see https://github.com/rust-lang/unsafe-code-guidelines/blob/master/wip/stacked-borrows.md for further information
help: tag was most recently created at offsets [0x0..0x1]
help: <TAG> was created by a retag at offsets [0x0..0x1]
--> $DIR/pointer_smuggling.rs:LL:CC
|
LL | PTR = x;
| ^
help: tag was later invalidated at offsets [0x0..0x1]
help: <TAG> was later invalidated at offsets [0x0..0x1]
--> $DIR/pointer_smuggling.rs:LL:CC
|
LL | *val = 2; // this invalidates any raw ptrs `fun1` might have created.

1
tests/fail/stacked_borrows/raw_tracking.rs
View File

@ -1,4 +1,3 @@
// compile-flags: -Zmiri-tag-raw-pointers
//! This demonstrates a provenance problem that requires tracking of raw pointers to be detected.
fn main() {

6
tests/fail/stacked_borrows/shr_frozen_violation1.stderr
View File

@ -1,15 +1,15 @@
error: Undefined Behavior: attempting a write access using <untagged> at ALLOC[0x0], but that tag only grants SharedReadOnly permission for this location
error: Undefined Behavior: attempting a write access using <TAG> at ALLOC[0x0], but that tag only grants SharedReadOnly permission for this location
--> $DIR/shr_frozen_violation1.rs:LL:CC
|
LL | *(x as *const i32 as *mut i32) = 7;
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
| |
| attempting a write access using <untagged> at ALLOC[0x0], but that tag only grants SharedReadOnly permission for this location
| attempting a write access using <TAG> at ALLOC[0x0], but that tag only grants SharedReadOnly permission for this location
| this error occurs as part of an access at ALLOC[0x0..0x4]
|
= help: this indicates a potential bug in the program: it performed an invalid operation, but the Stacked Borrows rules it violated are still experimental
= help: see https://github.com/rust-lang/unsafe-code-guidelines/blob/master/wip/stacked-borrows.md for further information
help: tag was most recently created at offsets [0x0..0x4]
help: <TAG> was created by a retag at offsets [0x0..0x4]
--> $DIR/shr_frozen_violation1.rs:LL:CC
|
LL | *(x as *const i32 as *mut i32) = 7;

10
tests/fail/stacked_borrows/transmute-is-no-escape.stderr
View File

@ -1,15 +1,19 @@
error: Undefined Behavior: attempting a write access using <untagged> at ALLOC[0x0], but that tag does not exist in the borrow stack for this location
error: Undefined Behavior: attempting a write access using <TAG> at ALLOC[0x0], but that tag does not exist in the borrow stack for this location
--> $DIR/transmute-is-no-escape.rs:LL:CC
|
LL | unsafe { *raw = 13 };
| ^^^^^^^^^
| |
| attempting a write access using <untagged> at ALLOC[0x0], but that tag does not exist in the borrow stack for this location
| attempting a write access using <TAG> at ALLOC[0x0], but that tag does not exist in the borrow stack for this location
| this error occurs as part of an access at ALLOC[0x0..0x4]
|
= help: this indicates a potential bug in the program: it performed an invalid operation, but the Stacked Borrows rules it violated are still experimental
= help: see https://github.com/rust-lang/unsafe-code-guidelines/blob/master/wip/stacked-borrows.md for further information
help: <TAG> was created by a retag at offsets [0x4..0x8]
--> $DIR/transmute-is-no-escape.rs:LL:CC
|
LL | let raw = (&mut x[1] as *mut i32).wrapping_offset(-1);
| ^^^^^^^^^
= note: inside `main` at $DIR/transmute-is-no-escape.rs:LL:CC
note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace

32
tests/fail/stacked_borrows/unescaped_local.stderr
View File

@ -1,27 +1,33 @@
error: Undefined Behavior: attempting a write access using <untagged> at ALLOC[0x0], but that tag does not exist in the borrow stack for this location
warning: pointer-to-integer cast
--> $DIR/unescaped_local.rs:LL:CC
|
LL | let raw = &mut x as *mut i32 as usize as *mut i32;
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ pointer-to-integer cast
|
= help: this program is using integer-to-pointer casts or (equivalently) `from_exposed_addr`,
= help: which means that Miri might miss pointer bugs in this program
= help: see https://doc.rust-lang.org/nightly/std/ptr/fn.from_exposed_addr.html for more details on that operation
= help: to ensure that Miri does not miss bugs in your program, use `with_addr` (https://doc.rust-lang.org/nightly/std/ptr/index.html#strict-provenance) instead
= help: you can then pass the `-Zmiri-strict-provenance` flag to Miri, to ensure you are not relying on `from_exposed_addr` semantics
= help: alternatively, the `-Zmiri-permissive-provenance` flag disables this warning
= note: inside `main` at $DIR/unescaped_local.rs:LL:CC
error: Undefined Behavior: attempting a write access using <wildcard> at ALLOC[0x0], but no exposed tags have suitable permission in the borrow stack for this location
--> $DIR/unescaped_local.rs:LL:CC
|
LL | *raw = 13;
| ^^^^^^^^^
| |
| attempting a write access using <untagged> at ALLOC[0x0], but that tag does not exist in the borrow stack for this location
| attempting a write access using <wildcard> at ALLOC[0x0], but no exposed tags have suitable permission in the borrow stack for this location
| this error occurs as part of an access at ALLOC[0x0..0x4]
|
= help: this indicates a potential bug in the program: it performed an invalid operation, but the Stacked Borrows rules it violated are still experimental
= help: see https://github.com/rust-lang/unsafe-code-guidelines/blob/master/wip/stacked-borrows.md for further information
help: tag was most recently created at offsets [0x0..0x4]
--> $DIR/unescaped_local.rs:LL:CC
|
LL | let raw = &mut x as *mut i32 as usize as *mut i32;
| ^^^^^^
help: tag was later invalidated at offsets [0x0..0x4]
--> $DIR/unescaped_local.rs:LL:CC
|
LL | let _ptr = &mut x;
| ^^^^^^
= note: inside `main` at $DIR/unescaped_local.rs:LL:CC
note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace
error: aborting due to previous error
error: aborting due to previous error; 1 warning emitted

10
tests/fail/stacked_borrows/unescaped_static.stderr
View File

@ -1,15 +1,19 @@
error: Undefined Behavior: attempting a read access using <untagged> at ALLOC[0x1], but that tag does not exist in the borrow stack for this location
error: Undefined Behavior: attempting a read access using <TAG> at ALLOC[0x1], but that tag does not exist in the borrow stack for this location
--> $DIR/unescaped_static.rs:LL:CC
|
LL | let _val = unsafe { *ptr_to_first.add(1) };
| ^^^^^^^^^^^^^^^^^^^^
| |
| attempting a read access using <untagged> at ALLOC[0x1], but that tag does not exist in the borrow stack for this location
| attempting a read access using <TAG> at ALLOC[0x1], but that tag does not exist in the borrow stack for this location
| this error occurs as part of an access at ALLOC[0x1..0x2]
|
= help: this indicates a potential bug in the program: it performed an invalid operation, but the Stacked Borrows rules it violated are still experimental
= help: see https://github.com/rust-lang/unsafe-code-guidelines/blob/master/wip/stacked-borrows.md for further information
help: <TAG> was created by a retag at offsets [0x0..0x1]
--> $DIR/unescaped_static.rs:LL:CC
|
LL | let ptr_to_first = &ARRAY[0] as *const u8;
| ^^^^^^^^^
= note: inside `main` at $DIR/unescaped_static.rs:LL:CC
note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace

17
tests/fail/unaligned_pointers/intptrcast_alignment_check.stderr
View File

@ -1,3 +1,18 @@
warning: pointer-to-integer cast
--> $DIR/intptrcast_alignment_check.rs:LL:CC
|
LL | let u16_ptr = base_addr_aligned as *mut u16;
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ pointer-to-integer cast
|
= help: this program is using integer-to-pointer casts or (equivalently) `from_exposed_addr`,
= help: which means that Miri might miss pointer bugs in this program
= help: see https://doc.rust-lang.org/nightly/std/ptr/fn.from_exposed_addr.html for more details on that operation
= help: to ensure that Miri does not miss bugs in your program, use `with_addr` (https://doc.rust-lang.org/nightly/std/ptr/index.html#strict-provenance) instead
= help: you can then pass the `-Zmiri-strict-provenance` flag to Miri, to ensure you are not relying on `from_exposed_addr` semantics
= help: alternatively, the `-Zmiri-permissive-provenance` flag disables this warning
= note: inside `main` at $DIR/intptrcast_alignment_check.rs:LL:CC
error: Undefined Behavior: accessing memory with alignment ALIGN, but alignment ALIGN is required
--> $DIR/intptrcast_alignment_check.rs:LL:CC
|
@ -11,5 +26,5 @@ LL | unsafe { *u16_ptr = 2 };
note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace
error: aborting due to previous error
error: aborting due to previous error; 1 warning emitted

1
tests/fail/uninit_byte_read.rs
View File

@ -1,3 +1,4 @@
// compile-flags: -Zmiri-disable-stacked-borrows
fn main() {
let v: Vec<u8> = Vec::with_capacity(10);
let undef = unsafe { *v.get_unchecked(5) }; //~ ERROR uninitialized

17
tests/fail/validity/cast_fn_ptr1.stderr
View File

@ -1,3 +1,18 @@
warning: pointer-to-integer cast
--> $DIR/cast_fn_ptr1.rs:LL:CC
|
LL | g(0usize as *const i32)
| ^^^^^^^^^^^^^^^^^^^^ pointer-to-integer cast
|
= help: this program is using integer-to-pointer casts or (equivalently) `from_exposed_addr`,
= help: which means that Miri might miss pointer bugs in this program
= help: see https://doc.rust-lang.org/nightly/std/ptr/fn.from_exposed_addr.html for more details on that operation
= help: to ensure that Miri does not miss bugs in your program, use `with_addr` (https://doc.rust-lang.org/nightly/std/ptr/index.html#strict-provenance) instead
= help: you can then pass the `-Zmiri-strict-provenance` flag to Miri, to ensure you are not relying on `from_exposed_addr` semantics
= help: alternatively, the `-Zmiri-permissive-provenance` flag disables this warning
= note: inside `main` at $DIR/cast_fn_ptr1.rs:LL:CC
error: Undefined Behavior: type validation failed: encountered a null reference
--> $DIR/cast_fn_ptr1.rs:LL:CC
|
@ -11,5 +26,5 @@ LL | g(0usize as *const i32)
note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace
error: aborting due to previous error
error: aborting due to previous error; 1 warning emitted

22
tests/fail/validity/cast_fn_ptr2.stderr
View File

@ -1,3 +1,23 @@
warning: pointer-to-integer cast
--> $DIR/cast_fn_ptr2.rs:LL:CC
|
LL | 0usize as *const i32
| ^^^^^^^^^^^^^^^^^^^^ pointer-to-integer cast
|
= help: this program is using integer-to-pointer casts or (equivalently) `from_exposed_addr`,
= help: which means that Miri might miss pointer bugs in this program
= help: see https://doc.rust-lang.org/nightly/std/ptr/fn.from_exposed_addr.html for more details on that operation
= help: to ensure that Miri does not miss bugs in your program, use `with_addr` (https://doc.rust-lang.org/nightly/std/ptr/index.html#strict-provenance) instead
= help: you can then pass the `-Zmiri-strict-provenance` flag to Miri, to ensure you are not relying on `from_exposed_addr` semantics
= help: alternatively, the `-Zmiri-permissive-provenance` flag disables this warning
= note: inside `main::f` at $DIR/cast_fn_ptr2.rs:LL:CC
note: inside `main` at $DIR/cast_fn_ptr2.rs:LL:CC
--> $DIR/cast_fn_ptr2.rs:LL:CC
|
LL | let _x = g();
| ^^^
error: Undefined Behavior: type validation failed: encountered a null reference
--> $DIR/cast_fn_ptr2.rs:LL:CC
|
@ -11,5 +31,5 @@ LL | let _x = g();
note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace
error: aborting due to previous error
error: aborting due to previous error; 1 warning emitted

2
tests/pass/adjacent-allocs.rs
View File

@ -1,3 +1,5 @@
// compile-flags: -Zmiri-permissive-provenance
fn main() {
// The slack between allocations is random.
// Loop a few times to hit the zero-slack case.

20
tests/pass/align.stderr Normal file
View File

@ -0,0 +1,20 @@
warning: pointer-to-integer cast
--> $DIR/align.rs:LL:CC
|
LL | let u16_ptr = base_addr_aligned as *mut u16;
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ pointer-to-integer cast
|
= help: this program is using integer-to-pointer casts or (equivalently) `from_exposed_addr`,
= help: which means that Miri might miss pointer bugs in this program
= help: see https://doc.rust-lang.org/nightly/std/ptr/fn.from_exposed_addr.html for more details on that operation
= help: to ensure that Miri does not miss bugs in your program, use `with_addr` (https://doc.rust-lang.org/nightly/std/ptr/index.html#strict-provenance) instead
= help: you can then pass the `-Zmiri-strict-provenance` flag to Miri, to ensure you are not relying on `from_exposed_addr` semantics
= help: alternatively, the `-Zmiri-permissive-provenance` flag disables this warning
= note: inside `manual_alignment` at $DIR/align.rs:LL:CC
note: inside `main` at $DIR/align.rs:LL:CC
--> $DIR/align.rs:LL:CC
|
LL | manual_alignment();
| ^^^^^^^^^^^^^^^^^^

2
tests/pass/box.rs
View File

@ -47,7 +47,7 @@ fn boxed_pair_to_vec() {
struct Foo(u64);
fn reinterstruct(box_pair: Box<PairFoo>) -> Vec<Foo> {
let ref_pair = Box::leak(box_pair) as *mut PairFoo;
let ptr_foo = unsafe { &mut (*ref_pair).fst as *mut Foo };
let ptr_foo = unsafe { std::ptr::addr_of_mut!((*ref_pair).fst) };
unsafe { Vec::from_raw_parts(ptr_foo, 2, 2) }
}

20
tests/pass/box.stderr Normal file
View File

@ -0,0 +1,20 @@
warning: pointer-to-integer cast
--> $DIR/box.rs:LL:CC
|
LL | let r2 = ((r as usize) + 0) as *mut i32;
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ pointer-to-integer cast
|
= help: this program is using integer-to-pointer casts or (equivalently) `from_exposed_addr`,
= help: which means that Miri might miss pointer bugs in this program
= help: see https://doc.rust-lang.org/nightly/std/ptr/fn.from_exposed_addr.html for more details on that operation
= help: to ensure that Miri does not miss bugs in your program, use `with_addr` (https://doc.rust-lang.org/nightly/std/ptr/index.html#strict-provenance) instead
= help: you can then pass the `-Zmiri-strict-provenance` flag to Miri, to ensure you are not relying on `from_exposed_addr` semantics
= help: alternatively, the `-Zmiri-permissive-provenance` flag disables this warning
= note: inside `into_raw` at $DIR/box.rs:LL:CC
note: inside `main` at $DIR/box.rs:LL:CC
--> $DIR/box.rs:LL:CC
|
LL | into_raw();
| ^^^^^^^^^^

7
tests/pass/concurrency/tls_pthread_drop_order.rs
View File

@ -4,6 +4,7 @@
extern crate libc;
use std::mem;
use std::ptr;
pub type Key = libc::pthread_key_t;
@ -11,7 +12,7 @@ static mut RECORD: usize = 0;
static mut KEYS: [Key; 2] = [0; 2];
static mut GLOBALS: [u64; 2] = [1, 0];
static mut CANNARY: *mut u64 = 0 as *mut _; // this serves as a cannary: if TLS dtors are not run properly, this will not get deallocated, making the test fail.
static mut CANNARY: *mut u64 = ptr::null_mut(); // this serves as a cannary: if TLS dtors are not run properly, this will not get deallocated, making the test fail.
pub unsafe fn create(dtor: Option<unsafe extern "C" fn(*mut u8)>) -> Key {
let mut key = 0;
@ -30,7 +31,7 @@ pub fn record(r: usize) {
}
unsafe extern "C" fn dtor(ptr: *mut u64) {
assert!(CANNARY != 0 as *mut _); // make sure we do not get run too often
assert!(CANNARY != ptr::null_mut()); // make sure we do not get run too often
let val = *ptr;
let which_key =
@ -48,7 +49,7 @@ unsafe extern "C" fn dtor(ptr: *mut u64) {
// The correct sequence is: First key 0, then key 1, then key 0.
if RECORD == 0_1_0 {
drop(Box::from_raw(CANNARY));
CANNARY = 0 as *mut _;
CANNARY = ptr::null_mut();
}
}

15
tests/pass/extern_types.stderr Normal file
View File

@ -0,0 +1,15 @@
warning: pointer-to-integer cast
--> $DIR/extern_types.rs:LL:CC
|
LL | let x: &Foo = unsafe { &*(16 as *const Foo) };
| ^^^^^^^^^^^^^^^^^^ pointer-to-integer cast
|
= help: this program is using integer-to-pointer casts or (equivalently) `from_exposed_addr`,
= help: which means that Miri might miss pointer bugs in this program
= help: see https://doc.rust-lang.org/nightly/std/ptr/fn.from_exposed_addr.html for more details on that operation
= help: to ensure that Miri does not miss bugs in your program, use `with_addr` (https://doc.rust-lang.org/nightly/std/ptr/index.html#strict-provenance) instead
= help: you can then pass the `-Zmiri-strict-provenance` flag to Miri, to ensure you are not relying on `from_exposed_addr` semantics
= help: alternatively, the `-Zmiri-permissive-provenance` flag disables this warning
= note: inside `main` at $DIR/extern_types.rs:LL:CC

2
tests/pass/intptrcast.rs
View File

@ -1,3 +1,5 @@
// compile-flags: -Zmiri-permissive-provenance
// This strips provenance
fn transmute_ptr_to_int<T>(x: *const T) -> usize {
unsafe { std::mem::transmute(x) }

1
tests/pass/intrinsics.rs
View File

@ -1,3 +1,4 @@
// compile-flags: -Zmiri-permissive-provenance
#![feature(core_intrinsics, const_raw_ptr_comparison)]
#![feature(layout_for_ptr)]

6
tests/pass/linux-getrandom-without-isolation.rs
View File

@ -3,13 +3,15 @@
#![feature(rustc_private)]
extern crate libc;
use std::ptr;
fn main() {
let mut buf = [0u8; 5];
unsafe {
assert_eq!(
libc::syscall(
libc::SYS_getrandom,
0 as *mut libc::c_void,
ptr::null_mut::<libc::c_void>(),
0 as libc::size_t,
0 as libc::c_uint,
),
@ -26,7 +28,7 @@ fn main() {
);
assert_eq!(
libc::getrandom(0 as *mut libc::c_void, 0 as libc::size_t, 0 as libc::c_uint),
libc::getrandom(ptr::null_mut::<libc::c_void>(), 0 as libc::size_t, 0 as libc::c_uint),
0,
);
assert_eq!(

6
tests/pass/linux-getrandom.rs
View File

@ -2,13 +2,15 @@
#![feature(rustc_private)]
extern crate libc;
use std::ptr;
fn main() {
let mut buf = [0u8; 5];
unsafe {
assert_eq!(
libc::syscall(
libc::SYS_getrandom,
0 as *mut libc::c_void,
ptr::null_mut::<libc::c_void>(),
0 as libc::size_t,
0 as libc::c_uint,
),
@ -25,7 +27,7 @@ fn main() {
);
assert_eq!(
libc::getrandom(0 as *mut libc::c_void, 0 as libc::size_t, 0 as libc::c_uint),
libc::getrandom(ptr::null_mut::<libc::c_void>(), 0 as libc::size_t, 0 as libc::c_uint),
0,
);
assert_eq!(

2
tests/pass/panic/catch_panic.rs
View File

@ -1,5 +1,5 @@
// We test the `align_offset` panic below, make sure we test the interpreter impl and not the "real" one.
// compile-flags: -Zmiri-symbolic-alignment-check
// compile-flags: -Zmiri-symbolic-alignment-check -Zmiri-permissive-provenance
#![feature(never_type)]
#![allow(unconditional_panic, non_fmt_panics)]

1
tests/pass/ptr_int_casts.rs
View File

@ -1,3 +1,4 @@
// compile-flags: -Zmiri-permissive-provenance
use std::mem;
use std::ptr;

1
tests/pass/ptr_offset.rs
View File

@ -1,3 +1,4 @@
// compile-flags: -Zmiri-permissive-provenance
use std::{mem, ptr};
fn main() {

2
tests/pass/stacked-borrows/2phase.rs
View File

@ -1,5 +1,3 @@
// compile-flags: -Zmiri-tag-raw-pointers
trait S: Sized {
fn tpb(&mut self, _s: Self) {}
}

1
tests/pass/stacked-borrows/interior_mutability.rs
View File

@ -1,4 +1,3 @@
// compile-flags: -Zmiri-tag-raw-pointers
use std::cell::{Cell, RefCell, UnsafeCell};
use std::mem::{self, MaybeUninit};

1
tests/pass/stacked-borrows/stacked-borrows.rs
View File

@ -1,4 +1,3 @@
// compile-flags: -Zmiri-tag-raw-pointers
use std::ptr;
// Test various stacked-borrows-related things.

1
tests/pass/zst.rs
View File

@ -1,3 +1,4 @@
// compile-flags: -Zmiri-permissive-provenance
#[derive(PartialEq, Debug)]
struct A;