6092 Commits

Author SHA1 Message Date
bors
9d418a3f03 Auto merge of #2168 - RalfJung:power, r=RalfJung
use is_power_of_two where appropriate
2022-05-30 22:01:53 +00:00
Ralf Jung
a8e457fad1 use is_power_of_two where appropriate 2022-05-30 17:47:16 -04:00
bors
57d8206093 Auto merge of #2165 - saethlin:more-clocks, r=RalfJung
Add support for _COARSE clocks

Original idea does not work, so I'm just going to try expanding support to include the `_COARSE` clocks.

The original motivation for this PR is that the test suite for the crate [`minstant`](https://crates.io/crates/minstant) reports UB, because it tries to use a clock type Miri didn't support, but never checked for an error code and so just used the uninit `libc::timespec`. So, that's technically a bug in `minstant`, but outside of Miri you'd have to be using an incredibly old Linux to ever see an `EINVAL` so the more helpful thing for Miri to do is behave like a newer Linux.

So now we don't detect UB in `minstant`, but we have a test failure:
```
failures:

---- src/instant.rs - instant::Instant::as_unix_nanos (line 150) stdout ----
Test executable failed (exit status: 101).

stderr:
thread 'main' panicked at 'assertion failed: (instant.as_unix_nanos(&anchor) as i64 - expected as i64).abs() < 1_000_000', src/instant.rs:11:1
```
I'm having trouble getting my head around the code in `minstant` that's involved in this test, but as far as I can tell from the man pages, these `_COARSE` clocks meet the requirements.

Closes https://github.com/rust-lang/miri/issues/1983 at least as best as I can.
2022-05-30 21:41:41 +00:00
Ben Kimock
ba9391334e Add support for _COARSE clocks, spruce up comments 2022-05-30 11:26:10 -04:00
bors
065ff89e33 Auto merge of #2158 - rust-lang:gesundheit, r=RalfJung
Avoid error patterns matching themselves

fixes #2156
fixes https://github.com/rust-lang/miri/issues/2155

this will be obsolete the moment I extract that data from json diagnostics instead of just regexing the stderr.
2022-05-30 07:52:48 +00:00
Oli Scherer
3832227734 Forward CARGO_BUILD_FLAGS to ui_test test suite 2022-05-30 07:26:47 +00:00
bors
5c3e4b6556 Auto merge of #2162 - RalfJung:rustup, r=RalfJung
rustup

Cc https://github.com/rust-lang/rust/issues/97486
2022-05-29 12:07:14 +00:00
Ralf Jung
7cd5fc3de3 rustup 2022-05-29 14:06:35 +02:00
bors
e45f2f0d5f Auto merge of #2161 - RalfJung:rustup, r=RalfJung
rustup

Locally tests pass but rustc CI says they fail, let's see what happens...

Also clarify docs of cmpxchg_weak_failure_rate (Cc https://github.com/rust-lang/miri/issues/2160).
2022-05-29 06:34:31 +00:00
Ralf Jung
424841817a disable optimized tests for now 2022-05-29 08:34:10 +02:00
Ralf Jung
1226147414 rustup 2022-05-28 18:08:13 +02:00
Oli Scherer
740574206b Commit our ui test crate's cargo lockfile 2022-05-27 14:24:38 +00:00
Oli Scherer
1b7e278922 Reintroduce path filters 2022-05-27 11:43:14 +00:00
Oli Scherer
10e06be15a Don't export private things 2022-05-27 11:36:18 +00:00
Oli Scherer
6b18cf0e20 Self-descriptive verbosity 2022-05-25 18:26:33 +00:00
Oli Scherer
a51ae9fb2c Use unit tests to keep private things private 2022-05-25 18:26:33 +00:00
Oli Scherer
25b7a12625 Properly name a test 2022-05-25 18:26:33 +00:00
Oli Scherer
d466eb8f66 Explain Comments::parse arguments 2022-05-25 18:26:33 +00:00
Oli Scherer
e4d6c00aa2 Run tests for ui_test together with miri test 2022-05-25 18:26:33 +00:00
Oli Scherer
8acfbc3b33 Update all tests 2022-05-25 18:26:33 +00:00
Oli Scherer
b64a1c46c6 Make the file path of the failure more visible to be able to click it faster 2022-05-25 18:26:33 +00:00
Oli Scherer
21795f3ce4 Fix annotations matching themselves 2022-05-25 18:26:33 +00:00
Oli Scherer
23bbe2bce7 Reproduce #2156 2022-05-25 18:26:33 +00:00
bors
e7c2ab6d5b Auto merge of #2157 - RalfJung:tests, r=oli-obk
tweak new test suite output

- Make the entire "## Running ui tests ..." green, including the target.
- Fix double-space in `testname.rs  .. ok`.
- Make the final summary a bit more like compiletest-rs, in particular the newlines around it
- Use the term "ignored" consistently, rather than "skipped"

r? `@oli-obk`
2022-05-25 17:39:53 +00:00
Ralf Jung
a6b5b0e4ff tweak new test suite output 2022-05-25 18:27:20 +02:00
bors
5832dd1c0c Auto merge of #2151 - RalfJung:numbers, r=oli-obk
enable number validity checking and ptr::invalid checking by default

This removes the `-Zmiri-check-number-validity` flag, enabling its effects by default. (We don't error when the flag is passed, for backwards compatibility.) We also enable by default that transmuting an integer to a pointer now creates a pointer with `None` provenance, which is invalid to dereference (and, in the case of a function pointer, invalid to call). I did this together since it is all related to ptr2int/int2ptr transmutation.

Two new flags are added to optionally take back these stricter checks:
- `-Zmiri-allow-uninit-numbers` makes Miri accept uninit data in integers and floats
- `-Zmiri-allow-ptr-int-transmute` makes Miri accept pointers (provenance data) in integers and floats, *and* makes Miri treat int2ptr transmutes as equivalent to a cast.

The flag names make sense IMO, but they are somewhat inconsistent with our existing flags since we usually call things `-Zmiri-disable-$CHECK` rather than `-Zmiri-allow-$THING`. But `-Zmiri-disable-uninit-number-check` sounds silly?

(Whenever I say "transmute" this includes union and pointer based type punning.)
Cc `@saethlin` I hope this won't break everything?^^ I think the most risky part is the int2ptr transmute aspect, in particular around function pointers where no `as` casts are possible. The correct pattern is to first cast to a raw ptr and then transmute that to a fn ptr. We should probably document this better, in the `transmute` documentation and maybe in the documentation for the `fn()` type. I should run this PR against the std test suite before we land it.
r? `@oli-obk`

- [x] Ensure stdlib docs recommend "usize -> raw ptr -> fn ptr" for int-to-fnptr casts: https://github.com/rust-lang/rust/pull/97321
- [x] Run the stdlib test suite
2022-05-25 14:35:06 +00:00
Ralf Jung
8c42ef1dee enable number validity checking and ptr::invalid checking by default 2022-05-25 16:17:41 +02:00
bors
0a4279fed9 Auto merge of #2032 - rust-lang:gesundheit, r=oli-obk
Move test suite to ui tests and bless stderr output

fixes #2027

* [ ] //~ annotations should check that the error happens on their line
* [x] document all the things
2022-05-25 13:41:29 +00:00
Oli Scherer
f1756c3ddd Add a custom ui test runner and move all tests to it 2022-05-25 13:31:26 +00:00
bors
5063880779 Auto merge of #2153 - RalfJung:ptr-invalid, r=RalfJung
with permissive-provenance set, we already treat ptr::invalid correctly

(same for strict provenance, but there it is not surprising)
2022-05-24 15:51:23 +00:00
Ralf Jung
fcf3bc2335 with permissive-provenance set, we already treat ptr::invalid correctly 2022-05-24 17:49:11 +02:00
bors
22c97b33e4 Auto merge of #2138 - JakobDegen:call-fallout, r=RalfJung
Adjust Miri to also require return places everywhere

This is the miri side of rust-lang/rust#96098 . It'll still need a bump to rust-version once the rust PR is merged, but the test suite passes against my local build of rustc.
2022-05-24 15:17:33 +00:00
Ralf Jung
e428d29d93 rustp 2022-05-24 17:17:05 +02:00
Jakob Degen
168c83a0b7 Adjust Miri to also require return places everywhere 2022-05-24 17:16:36 +02:00
bors
ede9ae6c51 Auto merge of #2152 - RalfJung:rustup, r=RalfJung
rustup

On macOS the timing tests [failed again](https://github.com/rust-lang/miri/runs/6557930217?check_suite_focus=true), so let's give them even more slack.
2022-05-23 18:02:34 +00:00
Ralf Jung
f0921bd5dc rustup 2022-05-23 17:35:36 +02:00
bors
31fb32e49f Auto merge of #2150 - RalfJung:rustup, r=RalfJung
Rustup

In particular, this contains https://github.com/rust-lang/rust/pull/97219. Miri support for actually erroring on misuse of `ptr::invalid` will happen later.

Also move some more tests to better locations.
2022-05-23 10:39:51 +00:00
Ralf Jung
460a0137cc rustup 2022-05-23 12:37:48 +02:00
Ralf Jung
42d5e5bf96 move some tests to more suitable locations 2022-05-23 12:19:42 +02:00
bors
8f01d862d8 Auto merge of #2149 - RalfJung:tests, r=RalfJung
move some compile-fail tests to a more appropriate location

These are testing validity invariants, after all.
2022-05-23 09:43:35 +00:00
Ralf Jung
6e7a8c017a move some compile-fail tests to a more appropriate location 2022-05-23 11:28:33 +02:00
bors
24c16b9b22 Auto merge of #2147 - RalfJung:readme, r=RalfJung
split flag section into common and advanced flags

As discussed with `@oli-obk` . However I was not always sure which flags to put where, so if you think some flags should be in the other category please let me know. :)
2022-05-23 09:25:16 +00:00
Ralf Jung
4d9eafe19a fix some old typos 2022-05-23 11:24:08 +02:00
bors
27b40f124f Auto merge of #2148 - RalfJung:compare-exchange-weak-failure-rate-test, r=RalfJung
test that compare-exchange-weak-failure-rate=0.0 means what it says

Adds a test for https://github.com/rust-lang/miri/pull/2105
2022-05-23 08:29:51 +00:00
Ralf Jung
5ed22b32a2 test that compare-exchange-weak-failure-rate=0.0 means what it says 2022-05-23 10:28:46 +02:00
Ralf Jung
a3a2a474cb split flag section into common and advanced flags 2022-05-23 10:15:34 +02:00
bors
c51cd7a3fd Auto merge of #2146 - RalfJung:int2ptr, r=RalfJung
clean up int2ptr code a bit

Follow-up to https://github.com/rust-lang/miri/pull/2059
2022-05-23 08:07:43 +00:00
Ralf Jung
697dca2e0e clean up int2ptr code a bit 2022-05-23 10:03:33 +02:00
bors
ab03d32622 Auto merge of #2059 - carbotaniuman:master, r=RalfJung
Initial work on Miri permissive-exposed-provenance

Miri portions of the changes for portions of a permissive ptr-to-int model for Miri. This is more restrictive than what we currently have so it will probably need a flag once I figure out how to hook that up.

> This implements a form of permissive exposed-address provenance, wherein the only way to expose the address is with a cast to usize (ideally expose_addr). This is more restrictive than C in that stuff like reading the representation bytes (via unions, type-punning, transmute) does not expose the address, only expose_addr. This is less restrictive than C in that a pointer casted from an integer has union provenance of all exposed pointers, not any udi stuff.

There's a few TODOs here, namely related to `fn memory_read` and friends. We pass it the maybe/unreified provenance before `ptr_get_alloc` reifies it into a concrete one, so it doesn't have the `AllocId` (or the SB tag, but that's getting ahead of ourselves). One way this could be fixed is changing `ptr_get_alloc` and (`ptr_try_get_alloc_id` on the rustc side) to return a pointer with the tag fixed up. We could also take in different arguments, but I'm not sure what works best.

The other TODOs here are how permissive this model could be. This currently does not enforce that a ptr-to-int cast happens before the corresponding int-to-ptr (colloquial meaning of happens before, not atomic meaning). Example:

```
let ptr = 0x2000 as *const i32;
let a: i32 = 5;
let a_ptr = &a as *const i32;

// value is 0x2000;
a_ptr as usize;

println!("{}", unsafe { *ptr }); // this is valid
```

We also allow the resulting pointer to dereference different non-contiguous allocations (the "not any udi stuff" mentioned above), which I'm not sure if is allowed by LLVM.

This is the Miri side of https://github.com/rust-lang/rust/pull/95826.
2022-05-23 07:24:33 +00:00
Ralf Jung
f8f2255a91 readme: document permissive-provenance flag 2022-05-23 09:07:32 +02:00