From c9512084bd250c92d898137863bc7d1f6374a6a3 Mon Sep 17 00:00:00 2001 From: Ralf Jung Date: Wed, 2 Aug 2023 18:26:55 +0200 Subject: [PATCH] add write_does_not_invalidate_all_aliases test, and enable direct_mut_to_const_raw test in TB --- .../pass/stacked-borrows/stacked-borrows.rs | 37 +++++++++++++++--- .../tests/pass/tree_borrows/tree-borrows.rs | 39 ++++++++++++++++--- 2 files changed, 65 insertions(+), 11 deletions(-) diff --git a/src/tools/miri/tests/pass/stacked-borrows/stacked-borrows.rs b/src/tools/miri/tests/pass/stacked-borrows/stacked-borrows.rs index 43ae7d6f522..d2ba1841844 100644 --- a/src/tools/miri/tests/pass/stacked-borrows/stacked-borrows.rs +++ b/src/tools/miri/tests/pass/stacked-borrows/stacked-borrows.rs @@ -10,7 +10,7 @@ fn main() { mut_raw_mut(); partially_invalidate_mut(); drop_after_sharing(); - direct_mut_to_const_raw(); + // direct_mut_to_const_raw(); two_raw(); shr_and_raw(); disjoint_mutable_subborrows(); @@ -19,6 +19,7 @@ fn main() { mut_below_shr(); wide_raw_ptr_in_tuple(); not_unpin_not_protected(); + write_does_not_invalidate_all_aliases(); } // Make sure that reading from an `&mut` does, like reborrowing to `&`, @@ -110,14 +111,13 @@ fn drop_after_sharing() { } // Make sure that coercing &mut T to *const T produces a writeable pointer. -fn direct_mut_to_const_raw() { - // TODO: This is currently disabled, waiting on a decision on - /*let x = &mut 0; +// TODO: This is currently disabled, waiting on a decision on +/*fn direct_mut_to_const_raw() { + let x = &mut 0; let y: *const i32 = x; unsafe { *(y as *mut i32) = 1; } assert_eq!(*x, 1); - */ -} +}*/ // Make sure that we can create two raw pointers from a mutable reference and use them both. fn two_raw() { @@ -238,3 +238,28 @@ fn inner(x: &mut NotUnpin, f: fn(&mut NotUnpin)) { drop(unsafe { Box::from_raw(raw) }); }); } + +fn write_does_not_invalidate_all_aliases() { + mod other { + /// Some private memory to store stuff in. + static mut S: *mut i32 = 0 as *mut i32; + + pub fn lib1(x: &&mut i32) { + unsafe { + S = (x as *const &mut i32).cast::<*mut i32>().read(); + } + } + + pub fn lib2() { + unsafe { + *S = 1337; + } + } + } + + let x = &mut 0; + other::lib1(&x); + *x = 42; // a write to x -- invalidates other pointers? + other::lib2(); + assert_eq!(*x, 1337); // oops, the value changed! I guess not all pointers were invalidated +} diff --git a/src/tools/miri/tests/pass/tree_borrows/tree-borrows.rs b/src/tools/miri/tests/pass/tree_borrows/tree-borrows.rs index 0d50d54faf6..476a4c85740 100644 --- a/src/tools/miri/tests/pass/tree_borrows/tree-borrows.rs +++ b/src/tools/miri/tests/pass/tree_borrows/tree-borrows.rs @@ -10,6 +10,7 @@ fn main() { aliasing_read_only_mutable_refs(); string_as_mut_ptr(); two_mut_protected_same_alloc(); + direct_mut_to_const_raw(); // Stacked Borrows tests read_does_not_invalidate1(); @@ -19,7 +20,6 @@ fn main() { mut_raw_mut(); partially_invalidate_mut(); drop_after_sharing(); - direct_mut_to_const_raw(); two_raw(); shr_and_raw(); disjoint_mutable_subborrows(); @@ -28,6 +28,7 @@ fn main() { mut_below_shr(); wide_raw_ptr_in_tuple(); not_unpin_not_protected(); + write_does_not_invalidate_all_aliases(); } // Tree Borrows has no issue with several mutable references existing @@ -172,12 +173,12 @@ fn drop_after_sharing() { // Make sure that coercing &mut T to *const T produces a writeable pointer. fn direct_mut_to_const_raw() { - // TODO: This is currently disabled, waiting on a decision on - /*let x = &mut 0; + let x = &mut 0; let y: *const i32 = x; - unsafe { *(y as *mut i32) = 1; } + unsafe { + *(y as *mut i32) = 1; + } assert_eq!(*x, 1); - */ } // Make sure that we can create two raw pointers from a mutable reference and use them both. @@ -298,3 +299,31 @@ fn inner(x: &mut NotUnpin, f: fn(&mut NotUnpin)) { drop(unsafe { Box::from_raw(raw) }); }); } + +fn write_does_not_invalidate_all_aliases() { + // In TB there are other ways to do that (`addr_of!(*x)` has the same tag as `x`), + // but let's still make sure this SB test keeps working. + + mod other { + /// Some private memory to store stuff in. + static mut S: *mut i32 = 0 as *mut i32; + + pub fn lib1(x: &&mut i32) { + unsafe { + S = (x as *const &mut i32).cast::<*mut i32>().read(); + } + } + + pub fn lib2() { + unsafe { + *S = 1337; + } + } + } + + let x = &mut 0; + other::lib1(&x); + *x = 42; // a write to x -- invalidates other pointers? + other::lib2(); + assert_eq!(*x, 1337); // oops, the value changed! I guess not all pointers were invalidated +}