11 Commits

Author SHA1 Message Date
Ralf Jung
1d79b60a1e make strict-provenance imply check-number-validity 2022-04-01 23:59:16 -04:00
bors
732461b4cd Auto merge of #2045 - RalfJung:strict-provenance, r=RalfJung
add -Zmiri-strict-provenance

This implements [strict provenance](https://github.com/rust-lang/rust/issues/95228) in Miri. The only change is that casting an integer to a pointer does not even attempt to produce a good provenance for the given address; instead, it always uses the invalid provenance. This stricter than even `-Zmiri-tag-raw-pointers` in that it also rejects the following example (which does not even involve Stacked Borrows):
```rust
fn main() {
    let x = 22;
    let ptr = &x as *const _ as *const u8;
    let roundtrip = ptr as usize as *const u8;
    let _ = unsafe { roundtrip.offset(1) };
}
```
The new flag also implies `-Zmiri-tag-raw-pointers` since the only reason one would *not* want to tag raw pointers is to support ptr-int-ptr roundtrips.

Note that the flag does *not* check against ptr-to-int *transmutes*; that still requires `-Zmiri-check-number-validity`. You can also check for strict provenance *without* Stacked Borrows by adding `-Zmiri-disable-stacked-borrows`.

The new "Miri hard mode" flags for maximal checking are `-Zmiri-strict-provenance -Zmiri-check-number-validity`. (Add `-Zmiri-symbolic-alignment-check` if you feel extra spicy today.)
2022-04-01 22:40:26 +00:00
Ralf Jung
aa04dc1eeb Rust values can be up to isize::MAX in size 2022-04-01 17:22:01 -04:00
Ralf Jung
9af03bf342 add -Zmiri-strict-provenance 2022-04-01 14:10:24 -04:00
Ralf Jung
d8bee92aee rename track-raw-pointers flag to tag-raw-pointers 2021-11-13 15:48:27 -05:00
Pointerbender
c6dbe5cdca use references so that potential aliasing bugs are triggered during regression test 2021-06-02 15:36:18 +02:00
Pointerbender
b8aba11de3 regression tests for pointer invalidation in core library slice methods 2021-06-02 15:36:18 +02:00
Ralf Jung
be4108e27c test some new uninit APIs 2019-08-18 11:34:09 +02:00
Ralf Jung
7d623f73cc do not use 'let _', it is strange 2018-11-26 15:31:53 +01:00
Ralf Jung
74635a57e2 re-do large parts of stacked borrows, now with proper support for partiall frozen data 2018-11-08 08:29:34 +01:00
Ralf Jung
3302656247 More extensive slice and vec tests
Not all of them pass validation...
2018-11-01 08:58:03 +01:00