Commit Graph

1836 Commits

Author SHA1 Message Date
Ralf Jung
e8ab64e424 make unused flags work like they used to 2022-07-17 08:18:55 -04:00
Ralf Jung
9782b7b039 rustup 2022-07-16 23:40:36 -04:00
bors
e0672589d3 Auto merge of #2370 - RalfJung:weak-mem-test, r=RalfJung
add another weak mem consistency test

`@cbeuw` your code seems to do this correctly? :D
2022-07-14 12:23:47 +00:00
Ralf Jung
b8a0c49e51 test that we can see this weak behavior 2022-07-14 08:23:31 -04:00
Ralf Jung
07c3e42bd7 replace a macro by a function 2022-07-14 08:17:18 -04:00
Ralf Jung
820f322b86 add work-around for #2164 2022-07-14 08:07:59 -04:00
Ralf Jung
11f2b83464 fix a missing thread join 2022-07-14 07:59:22 -04:00
Ralf Jung
bd69a92b4b rustup 2022-07-13 22:35:45 -04:00
Ralf Jung
a272ca2cf7 add another weak mem consistency test 2022-07-13 21:50:19 -04:00
bors
e16705de25 Auto merge of #2369 - RalfJung:reborrow, r=RalfJung
reborrow error: clarify that we are reborrowing *from* that tag

`@saethlin` I found the current message not entirely clear, so what do you think about this?
2022-07-14 00:04:40 +00:00
Ralf Jung
cc42cb1b21 reborrow error: clarify that we are reborrowing *from* that tag 2022-07-13 19:40:53 -04:00
Ralf Jung
757e88c901 use ui_test regex capabilities 2022-07-13 18:59:33 -04:00
Oli Scherer
837bf84271 Error patterns can be regexes 2022-07-13 14:36:03 +00:00
bors
db5a2b9747 Auto merge of #2315 - saethlin:shrink-item, r=saethlin
Optimizing Stacked Borrows (part 2): Shrink Item

This moves protectors out of `Item`, storing them both in a global `HashSet` which contains all currently-protected tags as well as a `Vec<SbTag>` on each `Frame` so that when we return from a function we know which tags to remove from the protected set.

This also bit-packs the 64-bit tag and the 2-bit permission together when they are stored in memory. This means we theoretically run out of tags sooner, but I doubt that limit will ever be hit.

Together these optimizations reduce the memory footprint of Miri when executing programs which stress Stacked Borrows by ~66%. For example, running a test with isolation off which only panics currently peaks at ~19 GB, with this PR it peaks at ~6.2 GB.

To-do
- [x] Enforce the 62-bit limit
- [x] Decide if there is a better order to pack the tag and permission in
- [x] Wait for `UnsafeCell` to become infectious, or express offsets + tags in the global protector set

Benchmarks before:
```
Benchmark 1: cargo +miri miri run --manifest-path bench-cargo-miri/backtraces/Cargo.toml
  Time (mean ± σ):      8.948 s ±  0.253 s    [User: 8.752 s, System: 0.158 s]
  Range (min … max):    8.619 s …  9.279 s    5 runs

Benchmark 1: cargo +miri miri run --manifest-path bench-cargo-miri/mse/Cargo.toml
  Time (mean ± σ):      2.129 s ±  0.037 s    [User: 1.849 s, System: 0.248 s]
  Range (min … max):    2.086 s …  2.176 s    5 runs

Benchmark 1: cargo +miri miri run --manifest-path bench-cargo-miri/serde1/Cargo.toml
  Time (mean ± σ):      3.334 s ±  0.017 s    [User: 3.211 s, System: 0.103 s]
  Range (min … max):    3.315 s …  3.352 s    5 runs

Benchmark 1: cargo +miri miri run --manifest-path bench-cargo-miri/serde2/Cargo.toml
  Time (mean ± σ):      3.316 s ±  0.038 s    [User: 3.207 s, System: 0.095 s]
  Range (min … max):    3.282 s …  3.375 s    5 runs

Benchmark 1: cargo +miri miri run --manifest-path bench-cargo-miri/unicode/Cargo.toml
  Time (mean ± σ):      6.391 s ±  0.323 s    [User: 5.928 s, System: 0.412 s]
  Range (min … max):    6.090 s …  6.917 s    5 runs
 ```
 After:
 ```
Benchmark 1: cargo +miri miri run --manifest-path bench-cargo-miri/backtraces/Cargo.toml
  Time (mean ± σ):      6.955 s ±  0.051 s    [User: 6.807 s, System: 0.132 s]
  Range (min … max):    6.900 s …  7.038 s    5 runs

Benchmark 1: cargo +miri miri run --manifest-path bench-cargo-miri/mse/Cargo.toml
  Time (mean ± σ):      1.784 s ±  0.012 s    [User: 1.627 s, System: 0.156 s]
  Range (min … max):    1.772 s …  1.797 s    5 runs

Benchmark 1: cargo +miri miri run --manifest-path bench-cargo-miri/serde1/Cargo.toml
  Time (mean ± σ):      2.505 s ±  0.095 s    [User: 2.311 s, System: 0.096 s]
  Range (min … max):    2.405 s …  2.603 s    5 runs

Benchmark 1: cargo +miri miri run --manifest-path bench-cargo-miri/serde2/Cargo.toml
  Time (mean ± σ):      2.449 s ±  0.031 s    [User: 2.306 s, System: 0.100 s]
  Range (min … max):    2.395 s …  2.467 s    5 runs

Benchmark 1: cargo +miri miri run --manifest-path bench-cargo-miri/unicode/Cargo.toml
  Time (mean ± σ):      3.667 s ±  0.110 s    [User: 3.498 s, System: 0.140 s]
  Range (min … max):    3.564 s …  3.814 s    5 runs
 ```
 The decrease in system time is probably due to spending less time in the page fault handler.
2022-07-13 01:44:01 +00:00
Ben Kimock
4eff60ad6e Rearrange and document the new implementation
stacked_borrow now has an item module, and its own FrameExtra. These
serve to protect the implementation of Item (which is a bunch of
bit-packing tricks) from the primary logic of Stacked Borrows, and the
FrameExtra we have separates Stacked Borrows more cleanly from the
interpreter itself.

The new strategy for checking protectors also makes some subtle
performance tradeoffs, so they are now documented in Stack::item_popped
because that function primarily benefits from them, and it also touches
every aspect of them.

Also separating the actual CallId that is protecting a Tag from the Tag
makes it inconvienent to reproduce exactly the same protector errors, so
this also takes the opportunity to use some slightly cleaner English in
those errors. We need to make some change, might as well make it good.
2022-07-12 21:03:54 -04:00
Ben Kimock
afa1dddcf9 Store protectors outside Item, pack Tag and Perm
Previously, Item was a struct of a NonZeroU64, an Option which was
usually unset or irrelevant, and a 4-variant enum. So collectively, the
size of an Item was 24 bytes, but only 8 bytes were used for the most
part.

So this takes advantage of the fact that it is probably impossible to
exhaust the total space of SbTags, and steals 3 bits from it to pack the
whole struct into a single u64. This bit-packing means that we reduce
peak memory usage when Miri goes memory-bound by ~3x. We also get CPU
performance improvements of varying size, because not only are we simply
accessing less memory, we can now compare a Vec<Item> using a memcmp
because it does not have any padding.
2022-07-12 21:01:33 -04:00
Ralf Jung
cd3535d256 test that we also find bad uses of mem::uninitialized 2022-07-12 09:55:28 -04:00
Ralf Jung
49a6c230cb remove deprecated options 2022-07-11 21:28:54 -04:00
Oli Scherer
1ca8d60734 Fix annotation filtering with revisions 2022-07-11 17:19:10 +00:00
Oli Scherer
a64f9e7250 Remove error annotations stderr
they still showed up in multiline messages
2022-07-11 11:50:33 +00:00
Oli Scherer
f3496cbe4b require level and colon in //~ style comments 2022-07-11 11:48:56 +00:00
Ralf Jung
444ba75ac5 make more tests deterministic 2022-07-10 20:21:19 -04:00
Ralf Jung
45abee46be make a test deterministic 2022-07-10 20:15:35 -04:00
Oli Scherer
6e106617f1 Port all tests 2022-07-08 16:08:32 +00:00
Oli Scherer
54b6b03410 Actually use eyre and get rid of the ad-hoc macros emulating error handling 2022-07-08 15:55:37 +00:00
Oli Scherer
570032b0dd Introduce a proper error handling framework 2022-07-08 15:55:37 +00:00
Oli Scherer
389915e09b Replace all //error-pattern comments with strict syntax and fix other comments in the same files 2022-07-08 15:55:37 +00:00
Ralf Jung
23d1f1a5a3 rustup 2022-07-07 20:12:30 -04:00
Ralf Jung
b6602f5d11 rustup 2022-07-06 22:55:12 -04:00
Ralf Jung
5fed3ebc26 adjust code for copy_op changes 2022-07-06 21:40:31 -04:00
Ralf Jung
e9176c747e test for better error location on stack pop 2022-07-06 21:40:31 -04:00
Ralf Jung
e5df0cc770 adjust tests for removal of unsized_locals 2022-07-06 21:40:31 -04:00
Ralf Jung
d5f1c26380 rustup; ptr atomics 2022-07-06 21:38:52 -04:00
Ralf Jung
907a003f14 tweak format strings 2022-07-06 09:47:48 -04:00
bors
36d8f5cbfc Auto merge of #2336 - RalfJung:wide-ptr-compare, r=RalfJung
fix comparing wide raw pointers

Fixes https://github.com/rust-lang/rust/issues/96169

However I am not sure if these are the correct semantics. I'll wait for confirmation in that issue.
2022-07-06 12:16:25 +00:00
Ralf Jung
de2915bba7 rustup 2022-07-05 22:29:38 -04:00
Ralf Jung
6c8ad4abc9 fix comparing wide raw pointers 2022-07-05 21:21:02 -04:00
Ralf Jung
f3f4bafa1b rustup 2022-07-05 18:16:20 -04:00
Ralf Jung
2931e0fd63 handle Box with allocators 2022-07-05 08:34:41 -04:00
Ralf Jung
a4e7e1e6b5 fix retagging of vtable ptrs 2022-07-03 11:56:29 -04:00
Ralf Jung
5f7bc9739b move arc_drop test to miri-test-libstd
and make weak memory consistency test a bit faster again
2022-07-03 08:13:58 -04:00
Ralf Jung
b4520e4591 test fs::read_link surface function 2022-07-02 13:32:04 -04:00
Ralf Jung
98254f67af pointer tag tracking: on creation, log the offsets it is created for 2022-07-02 11:33:29 -04:00
bors
428245072e Auto merge of #2306 - RalfJung:unix, r=RalfJung
make some things available for all Unixes
2022-07-02 13:45:27 +00:00
Ralf Jung
ae51998191 male libc.rs at least build on FreeBSD 2022-07-02 09:45:00 -04:00
bors
c17e68d9be Auto merge of #2300 - InfRandomness:freebsd-environ-extern-impl, r=RalfJung
Extend `environ` linux extern implementation to freebsd

This fixes the `env` test on freebsd, and enables the CI test

Signed-off-by: InfRandomness <infrandomness@gmail.com>
2022-07-02 12:57:14 +00:00
bors
24c5eaf8bc Auto merge of #2305 - RalfJung:rustup, r=RalfJung
rustup
2022-07-02 12:38:40 +00:00
Ralf Jung
c0cbb662d2 rustup 2022-07-02 08:38:07 -04:00
InfRandomness
a26be7ea5f
Enable env test on freebsd
Signed-off-by: InfRandomness <infrandomness@gmail.com>
2022-07-02 12:42:14 +02:00
Ralf Jung
d09db1660b fix and slightly improve data race reports 2022-07-01 20:13:44 -04:00
Ralf Jung
7f3fbbdee7 allocation tracking: also print size, alignment, kind of the allocation 2022-06-30 22:24:23 -04:00
Oli Scherer
a9f9d48b1a Support no-std targets and test it in CI 2022-06-30 12:51:22 +00:00
Ralf Jung
a2e61aeeff rustup 2022-06-29 21:31:27 -04:00
bors
5974e7d4a9 Auto merge of #2287 - RalfJung:field-retagging, r=RalfJung
stacked borrows: add option for recursive field retagging
2022-06-29 23:04:07 +00:00
Ralf Jung
955f961f83 merge two SB test files 2022-06-29 18:22:30 -04:00
Ralf Jung
c4e86e103e add option for recursive field retagging 2022-06-29 18:22:30 -04:00
Christian Legnitto
73a1a27a45 Support gettimeofday on more than macos
This appears to be in linux and in openbsd as well:

* https://github.com/torvalds/linux/blob/master/lib/vdso/gettimeofday.c
* https://github.com/openbsd/src/blob/master/sys/sys/time.h#L439

Co-authored-by: Ralf Jung <post@ralfj.de>
2022-06-29 17:48:04 -04:00
Ralf Jung
839c120b40 fmt 2022-06-29 10:09:18 -04:00
Ralf Jung
ea8dba411b improve atomics test coverage 2022-06-29 09:31:11 -04:00
Ralf Jung
28dea673be rustup 2022-06-29 08:33:06 -04:00
Ralf Jung
8bd4bbe3e4 tweak int2ptr diagnostics 2022-06-28 08:52:22 -04:00
bors
aaaed51ab8 Auto merge of #2279 - RalfJung:adjacent-allocs, r=RalfJung
Allow non-ZST allocations to be adjacent

Also `cargo update` in test-cargo-miri... no need to make a separate PR for that right?...
2022-06-28 02:52:23 +00:00
Ralf Jung
c16b380d6b finally we can actually have adjacent allocations :) 2022-06-27 22:52:02 -04:00
Ralf Jung
098704e10f make use of get_alloc_info 2022-06-27 21:22:46 -04:00
bors
7fafbde038 Auto merge of #2275 - RalfJung:permissive-provenance-for-all, r=RalfJung
Enable permissive provenance by default

This completes the plan laid out in https://github.com/rust-lang/miri/issues/2133:
- We use permissive provenance with wildcard pointers by default.
- We print a warning on int2ptr casts. `-Zmiri-permissive-provenance` suppresses the warning; `-Zmiri-strict-provenance` turns it into a hard error.
- Raw pointer tagging is now always enabled, so we remove the `-Zmiri-tag-raw-pointers` flag and the code for untagged pointers. (Passing the flag still works, for compatibility -- but we just ignore it, with a warning.)

We also fix an intptrcast issue:
- Only live allocations are considered when computing the AllocId from an address.

So, finally, Miri has a good story for ptr2int2ptr roundtrips *and* no weird false negatives when doing raw pointer stuff with Stacked Borrows. :-) 🎉   Thanks a lot to everyone who helped with this, in particular `@carbotaniuman` who convinced me this is even possible.

Fixes https://github.com/rust-lang/miri/issues/2133
Fixes https://github.com/rust-lang/miri/issues/1866
Fixes https://github.com/rust-lang/miri/issues/1993
2022-06-28 01:20:40 +00:00
Ralf Jung
c1eddbc7fe show int2ptr warning once for each span (but don't duplicate the long help) 2022-06-27 20:50:45 -04:00
Ralf Jung
67e89b53e2 fix warning text 2022-06-27 20:04:46 -04:00
bors
f5593de579 Auto merge of #2221 - InfRandomness:freebsd-target-support, r=RalfJung
Freebsd-target-support

Implement freebsd as a target for miri
2022-06-27 17:40:15 +00:00
Ralf Jung
fb186a2f2d make sure a thread is joined 2022-06-27 11:44:45 -04:00
Ralf Jung
294ef15adb more int2ptr cast tests, and fix casting of addresses inside dead allocations 2022-06-26 22:19:56 -04:00
Ralf Jung
13d425daeb make permissive provenance and raw-ptr tagging the default 2022-06-26 21:14:42 -04:00
infrandomness
97a512070a Fix pending reviews 2022-06-27 01:39:24 +02:00
infrandomness
9130034337 Initial freebsd work 2022-06-27 01:39:24 +02:00
bors
ab88ba4299 Auto merge of #2270 - RalfJung:futex-ordering, r=RalfJung
test that futexes induce appropriate synchronization

This fails when I remove the `validate_lock_acquire` or `validate_lock_release` from `futex_wake`. So finally we got those code paths actually covered in tests. :)
2022-06-26 03:54:43 +00:00
Ralf Jung
e667ccb459 test that futexes induce appropriate synchronization 2022-06-25 23:40:58 -04:00
Ralf Jung
5aeba7f86b make a bunch of tests look more like how they did before rustfmt 2022-06-25 23:31:24 -04:00
Ralf Jung
d3ca71ba37 test that &mut !Unpin references are protected 2022-06-25 19:15:11 -04:00
Ralf Jung
7c025a8f0e test for forgetting locked mutex 2022-06-25 16:01:00 -04:00
Ralf Jung
e5022bf48a join all the threads 2022-06-25 15:46:47 -04:00
Ralf Jung
58c79c5b6f tweaks and feedback 2022-06-24 22:02:17 -04:00
Ralf Jung
4fbb284a99 implement 'delimited' expose tracking so we still detect some UB 2022-06-24 20:05:56 -04:00
Ralf Jung
8d6fdaa024 make the tests pass
(and some formatting)
2022-06-24 18:03:02 -04:00
Ralf Jung
2deb9e5dae add exposed_only_ro test 2022-06-24 16:21:47 -04:00
carbotaniuman
57ce47b728 Handle wildcard pointers in SB 2022-06-24 16:10:23 -04:00
David Tolnay
e5f40ca9cb
Bless stderr files after rustfmt 2022-06-23 13:08:52 -07:00
David Tolnay
8833197a62
Manual adjustments 2022-06-23 13:08:52 -07:00
David Tolnay
a23eb46b5b
Format late arrivals with rustfmt 2022-06-23 13:08:52 -07:00
bors
c38e1e9d62 Auto merge of #2250 - rust-lang:gesundheit, r=oli-obk
Require local annotations for local diagnostics

if/when we get flaky diagnostics we can revisit and add more helpers for those
2022-06-23 13:49:56 +00:00
Oli Scherer
c4ffe680e3 Require local annotations for local diagnostics 2022-06-23 13:49:02 +00:00
bors
655eed35b7 Auto merge of #2248 - RalfJung:arc-drop-fix, r=RalfJung
do not protect SRW items

This is the Miri version of https://github.com/rust-lang/rust/pull/98017.
2022-06-22 21:39:41 +00:00
bors
3d1d345f8f Auto merge of #2255 - dtolnay-contrib:rustfmt7, r=oli-obk
Format tests with rustfmt (288-299 of 299)

Extracted from #2097.

I'll make a separate PR to enable checking the `tests` directory's formatting in CI. I'll need to rebase that after both this and #2254 have landed, and if any new non-rustfmt-formatted files appear in the meantime, we can include formatting those in the same PR that enables the CI.
2022-06-22 10:04:08 +00:00
bors
5e584d25ef Auto merge of #2252 - dtolnay-contrib:rustfmt5, r=oli-obk
Format tests with rustfmt (225-275 of 300)

Extracted from #2097.

These cases all involve a line comment at the end of a block that rustfmt has chosen to wrap.

```diff
- unsafe { (*ptr).set(20); } //~ ERROR does not exist in the borrow stack
+ unsafe {
+     (*ptr).set(20);
+ } //~ ERROR does not exist in the borrow stack
```

I have moved all of those comments back onto the same line as the content of the block instead, as was indicated being `@RalfJung's` preference in https://github.com/rust-lang/miri/pull/2097#discussion_r862436672.

```diff
+ unsafe {
+     (*ptr).set(20); //~ ERROR does not exist in the borrow stack
+ }
```
2022-06-22 09:04:44 +00:00
David Tolnay
274085cebd
Manual adjustments 2022-06-21 23:52:24 -07:00
David Tolnay
05893d9026
Bless stderr files after rustfmt 2022-06-21 23:21:37 -07:00
David Tolnay
639f660dde
Manual adjustments 2022-06-21 23:21:12 -07:00
David Tolnay
ba23d37b70
Format tests with rustfmt (288-299 of 299) 2022-06-21 22:58:00 -07:00
David Tolnay
7d09004aee
Format tests with rustfmt (276-287 of 299) 2022-06-21 22:57:47 -07:00
bors
7a1b08e46e Auto merge of #2251 - dtolnay-contrib:rustfmt4, r=RalfJung
Format tests with rustfmt (201-224 of 300)

Extracted from #2097. Last of the easy cases which do not involve moving around a comment.
2022-06-22 04:27:04 +00:00
Ralf Jung
f992099820 fix ICE when const refers to extern static 2022-06-21 21:03:40 -07:00
David Tolnay
f1044d2f77
Bless stderr files after rustfmt 2022-06-21 11:46:10 -07:00