Commit Graph

1654 Commits

Author SHA1 Message Date
bors
360186b114 Auto merge of #2166 - RalfJung:tests, r=oli-obk
ui_test tweaks

- support multiple filters
- make `./miri check` also cover ui_test
- Run opt-level=4 tests again, but only the "run" tests

r? `@oli-obk`
2022-05-31 05:11:43 +00:00
bors
aa589d3dc7 Auto merge of #2145 - saethlin:zero-size-creation, r=RalfJung
Save a created event for zero-size reborrows

Currently, we don't save a created event for zero-sized reborrows. Attempting to use something from a zero-sized reborrow is surprisingly common, for example on `minimal-lexical==0.2.1` we previously just emit this:
```
Undefined Behavior: attempting a write access using <187021> at alloc72933[0x0], but that tag does not exist in the borrow stack for this location
    --> /root/rust/library/core/src/ptr/mod.rs:1287:9
     |
1287 |         copy_nonoverlapping(&src as *const T, dst, 1);
     |         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
     |         |
     |         attempting a write access using <187021> at alloc72933[0x0], but that tag does not exist in the borrow stack for this location
     |         this error occurs as part of an access at alloc72933[0x0..0x8]
     |
     = help: this indicates a potential bug in the program: it performed an invalid operation, but the rules it violated are still experimental
     = help: see https://github.com/rust-lang/unsafe-code-guidelines/blob/master/wip/stacked-borrows.md for further information

     = note: inside `std::ptr::write::<u64>` at /root/rust/library/core/src/ptr/mod.rs:1287:9
note: inside `minimal_lexical::stackvec::StackVec::push_unchecked` at /root/build/src/stackvec.rs:82:13
    --> /root/build/src/stackvec.rs:82:13
     |
82   |             ptr::write(self.as_mut_ptr().add(self.len()), value);
     |             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

... backtrace continues...
```
Which leaves us with the question "where did we make this pointer?" because for every other diagnostic you get a "was created by" note, so I suspect people might be tempted to think there is a Miri bug here. I certainly was.

---
This code duplication is so awful, I'm going to take a look at cleaning it up later. The fact that `ptr_get_alloc_id` can fail in this situation makes things annoying.
2022-05-30 23:43:51 +00:00
Ralf Jung
7fb5110160 normalize away some more line numbers 2022-05-30 19:21:22 -04:00
Ralf Jung
d455421edc rustup 2022-05-30 19:19:39 -04:00
bors
57d8206093 Auto merge of #2165 - saethlin:more-clocks, r=RalfJung
Add support for _COARSE clocks

Original idea does not work, so I'm just going to try expanding support to include the `_COARSE` clocks.

The original motivation for this PR is that the test suite for the crate [`minstant`](https://crates.io/crates/minstant) reports UB, because it tries to use a clock type Miri didn't support, but never checked for an error code and so just used the uninit `libc::timespec`. So, that's technically a bug in `minstant`, but outside of Miri you'd have to be using an incredibly old Linux to ever see an `EINVAL` so the more helpful thing for Miri to do is behave like a newer Linux.

So now we don't detect UB in `minstant`, but we have a test failure:
```
failures:

---- src/instant.rs - instant::Instant::as_unix_nanos (line 150) stdout ----
Test executable failed (exit status: 101).

stderr:
thread 'main' panicked at 'assertion failed: (instant.as_unix_nanos(&anchor) as i64 - expected as i64).abs() < 1_000_000', src/instant.rs:11:1
```
I'm having trouble getting my head around the code in `minstant` that's involved in this test, but as far as I can tell from the man pages, these `_COARSE` clocks meet the requirements.

Closes https://github.com/rust-lang/miri/issues/1983 at least as best as I can.
2022-05-30 21:41:41 +00:00
Ben Kimock
ba9391334e Add support for _COARSE clocks, spruce up comments 2022-05-30 11:26:10 -04:00
Ralf Jung
80bf204848 don't configure the same regex twice 2022-05-30 12:30:58 +02:00
Ralf Jung
e37dfa6d91 ui_test: support multiple filters 2022-05-30 10:27:51 +02:00
Ben Kimock
9a1475dbe2 Save a created event for zero-size reborrows 2022-05-29 16:45:26 -04:00
Oli Scherer
1b7e278922 Reintroduce path filters 2022-05-27 11:43:14 +00:00
Oli Scherer
8acfbc3b33 Update all tests 2022-05-25 18:26:33 +00:00
bors
e7c2ab6d5b Auto merge of #2157 - RalfJung:tests, r=oli-obk
tweak new test suite output

- Make the entire "## Running ui tests ..." green, including the target.
- Fix double-space in `testname.rs  .. ok`.
- Make the final summary a bit more like compiletest-rs, in particular the newlines around it
- Use the term "ignored" consistently, rather than "skipped"

r? `@oli-obk`
2022-05-25 17:39:53 +00:00
Ralf Jung
a6b5b0e4ff tweak new test suite output 2022-05-25 18:27:20 +02:00
Ralf Jung
8c42ef1dee enable number validity checking and ptr::invalid checking by default 2022-05-25 16:17:41 +02:00
Oli Scherer
f1756c3ddd Add a custom ui test runner and move all tests to it 2022-05-25 13:31:26 +00:00
Ralf Jung
fcf3bc2335 with permissive-provenance set, we already treat ptr::invalid correctly 2022-05-24 17:49:11 +02:00
Ralf Jung
f0921bd5dc rustup 2022-05-23 17:35:36 +02:00
Ralf Jung
42d5e5bf96 move some tests to more suitable locations 2022-05-23 12:19:42 +02:00
bors
8f01d862d8 Auto merge of #2149 - RalfJung:tests, r=RalfJung
move some compile-fail tests to a more appropriate location

These are testing validity invariants, after all.
2022-05-23 09:43:35 +00:00
Ralf Jung
6e7a8c017a move some compile-fail tests to a more appropriate location 2022-05-23 11:28:33 +02:00
Ralf Jung
5ed22b32a2 test that compare-exchange-weak-failure-rate=0.0 means what it says 2022-05-23 10:28:46 +02:00
carbotaniuman
f7bc441fd3 Initial work on permissive provenance 2022-05-23 09:07:31 +02:00
Matthias Krüger
89da571b5d shims: fs: silence stderr instead of stdout.
Fixes #2143
2022-05-22 21:54:00 +02:00
Ben Kimock
486a769935 Handle diagnotics emitted in runtime initialization 2022-05-22 11:28:40 -04:00
Ralf Jung
8b4d613cc8 rustup 2022-05-20 18:37:57 +02:00
Ralf Jung
a941af8161 rustup 2022-05-20 08:08:11 +02:00
Ralf Jung
092c2b9d92 change one of the ref-to-uninhbaited tests to Box 2022-05-18 08:32:38 +02:00
Ralf Jung
30548bb57e test for validity of references pointing to uninhabited types 2022-05-18 08:32:38 +02:00
bors
36c274aa38 Auto merge of #2084 - rust-lang:silence, r=RalfJung
Add a command line flag to avoid printing to stdout and stderr

This is practical for tests that don't actually care about the output and thus don't want it intermingled with miri's warnings, errors or ICEs

fixes #2083
2022-05-10 07:24:07 +00:00
Ralf Jung
d585b92fe3 test for "erroneous constant used" post-monomorphization error 2022-05-08 17:56:09 +02:00
Ralf Jung
9605ae807d rustup 2022-05-06 17:28:01 +02:00
bors
49366abfb0 Auto merge of #2095 - dtolnay-contrib:ref, r=RalfJung
Replace unneeded use of `ref` in favor of "match ergonomics"

The signature of `check_shim` is very amenable to this.

```rust
fn check_shim<'a, const N: usize>(…) -> InterpResult<'tcx, &'a [OpTy<'tcx, Tag>; N]>
```

Instead of:

```rust
let &[ref ptr, ref flags] = this.check_shim(…)?;
```

we can write it just as:

```rust
let [ptr, flags] = this.check_shim(…)?;
```
2022-05-01 06:34:32 +00:00
David Tolnay
b994148714
Clean up all trailing whitespace 2022-04-30 10:40:35 -07:00
David Tolnay
1d9e91ed50
Replace unneeded use of ref in favor of "match ergonomics" 2022-04-30 10:30:05 -07:00
Ralf Jung
a0ac13d8a1 gracefully handle type-too-large layout errors 2022-04-30 17:09:44 +02:00
David Tolnay
a893618854
Implement llvm.x86.addcarry.64 2022-04-29 15:51:01 -07:00
Oli Scherer
a192a199a8 Rename flag, datastructure and messaging around muting stdout and stderr 2022-04-26 09:33:20 +00:00
Oli Scherer
4d4855c762 Add a command line flag to avoid printing to stdout and stderr 2022-04-25 13:12:55 +00:00
Ralf Jung
3ca59d2fbf make sure 2-phase borows work even with raw ptr tagging 2022-04-21 16:09:35 +02:00
Ralf Jung
432015d1f6 rustup 2022-04-20 17:46:31 -04:00
Ralf Jung
e214e6db98 add mut_below_shr test 2022-04-20 10:52:25 -04:00
Ralf Jung
d4a85f6305 add another test for #2068 2022-04-20 10:39:17 -04:00
Ralf Jung
b5a76c7ff0 add test for https://github.com/rust-lang/miri/issues/2068 2022-04-20 08:44:10 -04:00
Ralf Jung
763ff1c49f do not consider thread-local allocations read-only 2022-04-19 14:56:07 -04:00
Ralf Jung
db2c4b6dfa implement strerror_r 2022-04-16 22:54:38 -04:00
Ralf Jung
0669b22759 rustup 2022-04-16 08:41:34 -04:00
Ralf Jung
3f1d3aedcd increase slack for timeout test 2022-04-10 11:23:56 -04:00
Ralf Jung
ebb70da4c6 rustup 2022-04-10 09:36:30 -04:00
bors
be72564a64 Auto merge of #2055 - RalfJung:rustup, r=RalfJung
Rustup

Fixes https://github.com/rust-lang/miri/issues/1717
2022-04-08 13:57:45 +00:00
Ralf Jung
363f8ab745 thread name setting works with strict provenance now :) 2022-04-08 09:57:25 -04:00
Ralf Jung
c8553d8162 fix Windows stdout/stderr 2022-04-08 09:57:25 -04:00
Ralf Jung
cac48dd734 treat prctl like a variadic function 2022-04-07 16:20:19 -04:00
Ralf Jung
59ee672fef for variadic functions, accept arbitrary trailing arguments but make sure we check all leading arguments 2022-04-07 16:19:00 -04:00
Mara Bos
5581e33806 Add test for FUTEX_*_BITSET. 2022-04-06 23:48:26 +02:00
Mara Bos
a72a929b19 Add test for FUTEX_WAIT_BITSET. 2022-04-06 23:06:27 +02:00
Ralf Jung
46ff257b4e test that partially uninit MaybeUninit works correctly 2022-04-05 18:30:39 -04:00
Ralf Jung
3dcba56349 add test for nasty example 2022-04-02 00:05:27 -04:00
Ralf Jung
1d79b60a1e make strict-provenance imply check-number-validity 2022-04-01 23:59:16 -04:00
bors
732461b4cd Auto merge of #2045 - RalfJung:strict-provenance, r=RalfJung
add -Zmiri-strict-provenance

This implements [strict provenance](https://github.com/rust-lang/rust/issues/95228) in Miri. The only change is that casting an integer to a pointer does not even attempt to produce a good provenance for the given address; instead, it always uses the invalid provenance. This stricter than even `-Zmiri-tag-raw-pointers` in that it also rejects the following example (which does not even involve Stacked Borrows):
```rust
fn main() {
    let x = 22;
    let ptr = &x as *const _ as *const u8;
    let roundtrip = ptr as usize as *const u8;
    let _ = unsafe { roundtrip.offset(1) };
}
```
The new flag also implies `-Zmiri-tag-raw-pointers` since the only reason one would *not* want to tag raw pointers is to support ptr-int-ptr roundtrips.

Note that the flag does *not* check against ptr-to-int *transmutes*; that still requires `-Zmiri-check-number-validity`. You can also check for strict provenance *without* Stacked Borrows by adding `-Zmiri-disable-stacked-borrows`.

The new "Miri hard mode" flags for maximal checking are `-Zmiri-strict-provenance -Zmiri-check-number-validity`. (Add `-Zmiri-symbolic-alignment-check` if you feel extra spicy today.)
2022-04-01 22:40:26 +00:00
Ralf Jung
aa04dc1eeb Rust values can be up to isize::MAX in size 2022-04-01 17:22:01 -04:00
Ralf Jung
9af03bf342 add -Zmiri-strict-provenance 2022-04-01 14:10:24 -04:00
Ralf Jung
811e6dd71d test int_log functions 2022-03-31 11:20:24 -04:00
Ralf Jung
5d7c495de5 channels do ptr-int transmutes so move them to non-check-number-validity test 2022-03-26 14:33:17 -04:00
Ralf Jung
ede470e1fc ensure that -Zmiri-check-number-validity detects integers with provenance 2022-03-26 14:33:13 -04:00
Ralf Jung
9772c85ebc another test for too big type 2022-03-26 11:08:11 -04:00
bors
346f8f2219 Auto merge of #2036 - RalfJung:vec, r=RalfJung
regression test for reverse() unsoundness

Cc https://github.com/rust-lang/rust/pull/90821
2022-03-24 14:33:02 +00:00
Ralf Jung
3275df31ea rustup 2022-03-24 10:06:33 -04:00
Ralf Jung
951ac65f26 regression test for reverse() unsoundness 2022-03-22 14:28:36 -04:00
Ralf Jung
694846f8b4 vec test: check number validity 2022-03-22 14:26:40 -04:00
Ralf Jung
aafc0694fc test arbitrary-self dyn receivers 2022-03-20 14:03:46 -04:00
Ralf Jung
65469fe85b test remove_dir_all 2022-03-20 10:36:27 -04:00
bors
57786678d4 Auto merge of #1975 - DrMeepster:backtrace_fix, r=RalfJung
Make backtraces work with #[global_allocator]

Currently, backtraces break when the global allocator is overridden because the allocator will attempt to deallocate memory allocated directly by Miri.

~~This PR fixes that by using a new memory kind and providing a function to deallocate it. We can't call the custom allocator to allocate because it's not possible to call a function in the middle of a shim.~~

This PR fixes that by adding a new version of the backtrace API accessible by setting `flags` to 1. Existing code still functions.

backtrace-rs PR: rust-lang/backtrace-rs#462

Fixes https://github.com/rust-lang/miri/issues/1996
2022-03-20 02:37:09 +00:00
DrMeepster
2c670b10df add new version of backtrace api using flags=1 2022-03-19 18:14:11 -07:00
Ralf Jung
1b1321a685 fix simd_bitmask shorter than a byte on big-endian 2022-03-17 13:14:16 -04:00
Ralf Jung
b5d3a25b49 detect when unused bits of a SIMD bitmask are non-0 2022-03-17 13:08:01 -04:00
Ralf Jung
bfed3c4f0d implement simd bitmask intrinsics 2022-03-17 13:08:01 -04:00
bors
670dc7d551 Auto merge of #1971 - saethlin:sb-details, r=RalfJung
Add a lot more information to SB fatal errors

In fatal errors, this clarifies the difference between a tag not being present in the borrow stack at all, and the tag being present but granting SRO. It also introduces a little notation for memory ranges so we can mention to the user that the span may point to code that operates on multiple memory locations, but we are reporting an error at a particular offset.

This also gets rid of the unqualified phrase "the borrow stack" in errors, and clarifies that it is the borrow stack _for some location_.

The crate `pdqselect` v0.1.1:
Before:
```
2103 |     unsafe { copy_nonoverlapping(src, dst, count) }
     |              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ no item granting read access to tag <2357> at alloc1029 found in borrow stack.
```
After:
```
2103 |     unsafe { copy_nonoverlapping(src, dst, count) }
     |              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
     |              |
     |              attempting a read access using <2357> at alloc1029[0x0], but that tag does not exist in the borrow stack for this location
     |              this error occurs as part of an access at alloc1029[0x0..0x4]
```

And the crate `half` v1.8.2
Before:
```
131 |     unsafe { &mut *ptr::slice_from_raw_parts_mut(data, len) }
    |              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ trying to reborrow for Unique at alloc1051, but parent tag <2091> does not have an appropriate item in the borrow stack
```
After:
```
131 |     unsafe { &mut *ptr::slice_from_raw_parts_mut(data, len) }
    |              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
    |              |
    |              trying to reborrow <2091> for Unique permission at alloc1051[0x0], but that tag only grants SharedReadOnly permission for this location
    |              this error occurs as part of a reborrow at alloc1051[0x0..0x6]
```
2022-03-17 13:26:29 +00:00
Ralf Jung
4fd5dca27c implement SIMD sqrt and fma 2022-03-16 22:13:43 -04:00
Ben Kimock
730cd27248 Print more in SB error diagnostics
This tries to clarify exactly why an access is not valid by printing
what memory range the access was over, which in combination with
tag-tracking may help a user figure out the source of the problem.
2022-03-16 20:12:04 -04:00
Ralf Jung
1f237b3b7d implement SIMD float rounding functions 2022-03-16 18:53:36 -04:00
Ralf Jung
f338b0229b test integer SIMD min/max 2022-03-14 09:53:49 -04:00
Jubilee Young
61bfa8afe8 Fixup renamed fn for Simd 2022-03-13 19:03:08 -07:00
Ralf Jung
bae720c75b add ptr_offset_from OOB test, and update test errors 2022-03-10 18:56:19 -05:00
Ralf Jung
41ffce1145 implement simd_scatter 2022-03-09 19:29:05 -05:00
Ralf Jung
576e2bbed5 implement gather 2022-03-09 19:29:05 -05:00
Ralf Jung
3eba7fcf73 implement simd_shuffle 2022-03-09 19:29:05 -05:00
Ralf Jung
6d3506adef fs: add and test for DirectoryNotEmpty error variant 2022-03-07 18:30:12 -05:00
Tavian Barnes
0886419524 Implement a readdir64() shim for Linux
Partial fix for #1966.
2022-03-07 16:19:03 -05:00
Ralf Jung
735bee2736 implement simd_saturating intrinsics 2022-03-07 14:12:59 -05:00
Ralf Jung
b87a9c90e1 fix handling of NaNs in simd max/min 2022-03-07 09:49:35 -05:00
Ralf Jung
2f97eb68a0 implement simd_fmax/fmin 2022-03-07 09:40:23 -05:00
Ralf Jung
9851b743c1 implement simd_reduce_min/max 2022-03-07 09:40:23 -05:00
Ralf Jung
db06d4998f implement simd_cast, simd_as 2022-03-07 09:40:23 -05:00
bors
a25d905ddf Auto merge of #2003 - RalfJung:simd-reduce-test, r=RalfJung
also test f32/f64 simd_reduce

Forgot to include this in https://github.com/rust-lang/miri/pull/2001
2022-03-06 04:22:12 +00:00
Ralf Jung
21d36ffd04 also test f32/f64 simd_reduce 2022-03-05 23:03:14 -05:00
Ralf Jung
9810a147a7 add extra tests for shifts with negative offsets 2022-03-05 22:59:23 -05:00
Ralf Jung
b491b72673 implement simd_reduce_{add,mul} 2022-03-05 19:02:00 -05:00
Ralf Jung
3ed8ad4423 avoid repeated string matching, and add more simd_reduce intrinsics 2022-03-05 18:46:14 -05:00
bors
3854a76ace Auto merge of #1970 - asquared31415:open_unix_varargs, r=RalfJung
Allow varargs for libc::open when it is allowed by the second argument

This PR allows `libc::open` to be called using two or three arguments as defined in https://man7.org/linux/man-pages/man2/open.2.html

The presence of the third argument depends on the value of the second argument.  If the second argument dictates that the third argument is *required* miri will emit an error if the argument is missing.  If the second argument does *not* require a third argument, then the argument is ignored and passed as 0 internally (it would be ignored by libc anyway)
2022-03-05 22:47:51 +00:00
asquared31415
8e97599af4 allow varargs for libc::open when it is allowed by the second argument 2022-03-05 17:29:48 -05:00