Commit Graph

1005 Commits

Author SHA1 Message Date
Ralf Jung
46ff257b4e test that partially uninit MaybeUninit works correctly 2022-04-05 18:30:39 -04:00
Ralf Jung
1d79b60a1e make strict-provenance imply check-number-validity 2022-04-01 23:59:16 -04:00
bors
732461b4cd Auto merge of #2045 - RalfJung:strict-provenance, r=RalfJung
add -Zmiri-strict-provenance

This implements [strict provenance](https://github.com/rust-lang/rust/issues/95228) in Miri. The only change is that casting an integer to a pointer does not even attempt to produce a good provenance for the given address; instead, it always uses the invalid provenance. This stricter than even `-Zmiri-tag-raw-pointers` in that it also rejects the following example (which does not even involve Stacked Borrows):
```rust
fn main() {
    let x = 22;
    let ptr = &x as *const _ as *const u8;
    let roundtrip = ptr as usize as *const u8;
    let _ = unsafe { roundtrip.offset(1) };
}
```
The new flag also implies `-Zmiri-tag-raw-pointers` since the only reason one would *not* want to tag raw pointers is to support ptr-int-ptr roundtrips.

Note that the flag does *not* check against ptr-to-int *transmutes*; that still requires `-Zmiri-check-number-validity`. You can also check for strict provenance *without* Stacked Borrows by adding `-Zmiri-disable-stacked-borrows`.

The new "Miri hard mode" flags for maximal checking are `-Zmiri-strict-provenance -Zmiri-check-number-validity`. (Add `-Zmiri-symbolic-alignment-check` if you feel extra spicy today.)
2022-04-01 22:40:26 +00:00
Ralf Jung
aa04dc1eeb Rust values can be up to isize::MAX in size 2022-04-01 17:22:01 -04:00
Ralf Jung
9af03bf342 add -Zmiri-strict-provenance 2022-04-01 14:10:24 -04:00
Ralf Jung
811e6dd71d test int_log functions 2022-03-31 11:20:24 -04:00
Ralf Jung
5d7c495de5 channels do ptr-int transmutes so move them to non-check-number-validity test 2022-03-26 14:33:17 -04:00
Ralf Jung
951ac65f26 regression test for reverse() unsoundness 2022-03-22 14:28:36 -04:00
Ralf Jung
694846f8b4 vec test: check number validity 2022-03-22 14:26:40 -04:00
Ralf Jung
aafc0694fc test arbitrary-self dyn receivers 2022-03-20 14:03:46 -04:00
Ralf Jung
65469fe85b test remove_dir_all 2022-03-20 10:36:27 -04:00
bors
57786678d4 Auto merge of #1975 - DrMeepster:backtrace_fix, r=RalfJung
Make backtraces work with #[global_allocator]

Currently, backtraces break when the global allocator is overridden because the allocator will attempt to deallocate memory allocated directly by Miri.

~~This PR fixes that by using a new memory kind and providing a function to deallocate it. We can't call the custom allocator to allocate because it's not possible to call a function in the middle of a shim.~~

This PR fixes that by adding a new version of the backtrace API accessible by setting `flags` to 1. Existing code still functions.

backtrace-rs PR: rust-lang/backtrace-rs#462

Fixes https://github.com/rust-lang/miri/issues/1996
2022-03-20 02:37:09 +00:00
DrMeepster
2c670b10df add new version of backtrace api using flags=1 2022-03-19 18:14:11 -07:00
Ralf Jung
1b1321a685 fix simd_bitmask shorter than a byte on big-endian 2022-03-17 13:14:16 -04:00
Ralf Jung
bfed3c4f0d implement simd bitmask intrinsics 2022-03-17 13:08:01 -04:00
Ralf Jung
4fd5dca27c implement SIMD sqrt and fma 2022-03-16 22:13:43 -04:00
Ralf Jung
1f237b3b7d implement SIMD float rounding functions 2022-03-16 18:53:36 -04:00
Ralf Jung
f338b0229b test integer SIMD min/max 2022-03-14 09:53:49 -04:00
Jubilee Young
61bfa8afe8 Fixup renamed fn for Simd 2022-03-13 19:03:08 -07:00
Ralf Jung
41ffce1145 implement simd_scatter 2022-03-09 19:29:05 -05:00
Ralf Jung
576e2bbed5 implement gather 2022-03-09 19:29:05 -05:00
Ralf Jung
3eba7fcf73 implement simd_shuffle 2022-03-09 19:29:05 -05:00
Ralf Jung
6d3506adef fs: add and test for DirectoryNotEmpty error variant 2022-03-07 18:30:12 -05:00
Tavian Barnes
0886419524 Implement a readdir64() shim for Linux
Partial fix for #1966.
2022-03-07 16:19:03 -05:00
Ralf Jung
735bee2736 implement simd_saturating intrinsics 2022-03-07 14:12:59 -05:00
Ralf Jung
b87a9c90e1 fix handling of NaNs in simd max/min 2022-03-07 09:49:35 -05:00
Ralf Jung
2f97eb68a0 implement simd_fmax/fmin 2022-03-07 09:40:23 -05:00
Ralf Jung
9851b743c1 implement simd_reduce_min/max 2022-03-07 09:40:23 -05:00
Ralf Jung
db06d4998f implement simd_cast, simd_as 2022-03-07 09:40:23 -05:00
bors
a25d905ddf Auto merge of #2003 - RalfJung:simd-reduce-test, r=RalfJung
also test f32/f64 simd_reduce

Forgot to include this in https://github.com/rust-lang/miri/pull/2001
2022-03-06 04:22:12 +00:00
Ralf Jung
21d36ffd04 also test f32/f64 simd_reduce 2022-03-05 23:03:14 -05:00
Ralf Jung
9810a147a7 add extra tests for shifts with negative offsets 2022-03-05 22:59:23 -05:00
Ralf Jung
b491b72673 implement simd_reduce_{add,mul} 2022-03-05 19:02:00 -05:00
Ralf Jung
3ed8ad4423 avoid repeated string matching, and add more simd_reduce intrinsics 2022-03-05 18:46:14 -05:00
bors
3854a76ace Auto merge of #1970 - asquared31415:open_unix_varargs, r=RalfJung
Allow varargs for libc::open when it is allowed by the second argument

This PR allows `libc::open` to be called using two or three arguments as defined in https://man7.org/linux/man-pages/man2/open.2.html

The presence of the third argument depends on the value of the second argument.  If the second argument dictates that the third argument is *required* miri will emit an error if the argument is missing.  If the second argument does *not* require a third argument, then the argument is ignored and passed as 0 internally (it would be ignored by libc anyway)
2022-03-05 22:47:51 +00:00
asquared31415
8e97599af4 allow varargs for libc::open when it is allowed by the second argument 2022-03-05 17:29:48 -05:00
Ralf Jung
ec0e513c64 rustup 2022-03-05 17:26:32 -05:00
bors
926af6493b Auto merge of #1999 - RalfJung:forward-env, r=oli-obk
add flag to forward specific env vars (while isolation remains enabled)

The flag is called `-Zmiri-env-forward=<var>`, but I am open to bikeshedding. ;)
2022-03-05 19:36:10 +00:00
Ralf Jung
90207a5484 implement missing SIMD comparison operators, simd_xor, and simd_reduce_all 2022-03-05 13:45:13 -05:00
Ralf Jung
3adc203c1c add flag to forward specific env vars (while isolation remains enabled) 2022-03-05 11:14:37 -05:00
Ralf Jung
0d4902f12f implement simd_neg and simd_fabs 2022-03-03 14:54:54 -05:00
Ralf Jung
97ddcf1f6b adjust for div/rem overflow being UB 2022-03-03 12:14:24 -05:00
Ralf Jung
363236e2d4 test overflowing Div/Rem 2022-03-01 18:44:37 -05:00
Ralf Jung
aa4f82ea48 implement simd_select 2022-03-01 18:40:40 -05:00
Ralf Jung
c347b04e82 add test for rust issue 94371 2022-02-27 15:27:34 -05:00
Ralf Jung
e9b140b4a5 update fn ptr tests 2022-02-25 12:06:10 -05:00
Ralf Jung
444396d620 rustup 2022-02-24 10:55:40 -05:00
Ralf Jung
1ac1e55f3b implement simd_eq and simd_reduce_any 2022-02-21 21:41:52 -05:00
Ralf Jung
6b8baee339 rustup; implement simd_and/or 2022-02-04 17:56:08 +01:00
Ralf Jung
3d5eb52cbd rustup: disable read_dir test for now 2022-02-04 17:17:28 +01:00
Miguel Ojeda
922962f662 Remove spurious maybe_uninit_extra
Signed-off-by: Miguel Ojeda <ojeda@kernel.org>
2022-01-11 16:17:52 +01:00
bors
deb9bfd246 Auto merge of #1952 - RalfJung:self-referential, r=RalfJung
exclude mutable references to !Unpin types from uniqueness guarantees

This basically works around https://github.com/rust-lang/unsafe-code-guidelines/issues/148 by not requiring uniqueness any more for mutable references to self-referential generators. That corresponds to [the same work-around that was applied in rustc itself](b815532674/compiler/rustc_middle/src/ty/layout.rs (L2482)).

I am not entirely sure if this is a good idea since it might hide too many errors in case types are "accidentally" `!Unpin`. OTOH, our test suite still passes, and to my knowledge the vast majority of types is `Unpin`. (`place.layout.ty` is monomorphic, we should always exactly know which type this is.)
2022-01-09 14:10:00 +00:00
Ralf Jung
9376bf5d4d rustup 2022-01-08 17:27:48 +01:00
Ralf Jung
77cec811b4 exclude mutable references to !Unpin types from uniqueness guarantees 2022-01-01 19:01:46 +01:00
Ralf Jung
d8f7b831e7 add regression test 2021-12-15 19:11:08 +01:00
bors
dadcbebfbd Auto merge of #1934 - RalfJung:rustup, r=RalfJung
rustup

Cc https://github.com/rust-lang/rust/issues/91649
2021-12-08 15:19:55 +00:00
Ralf Jung
50b9b701ab rustup 2021-12-08 10:01:51 -05:00
bors
23a9d02748 Auto merge of #1933 - 5225225:1931-condvar-false-positive, r=RalfJung
Fix false positive use of uninit bytes when calling `libc::pthread_condattr_destroy`

Fixes: #1931
2021-12-08 14:51:53 +00:00
5225225
a4b2fc0c5a Adjust pthread tests 2021-12-06 21:50:14 +00:00
bors
81e59e6b92 Auto merge of #1930 - tavianator:avoid-adjacent-allocations, r=RalfJung
intptrcast: Never allocate two objects directly adjecent

When two objects directly follow each other in memory, what is the
provenance of an integer cast to a pointer that points directly between
them?  For a zero-size region, it could point into the end of the first
object, or the start of the second.

We can avoid answering this difficult question by simply never
allocating two objects directly beside each other.  This fixes some of
the false positives from #1866.
2021-12-06 01:33:55 +00:00
Ralf Jung
6a98c64c8b
final tweaks 2021-12-05 20:33:20 -05:00
5225225
eadeedde42 Handle uninit data in pthread_condattr_destroy 2021-12-05 19:47:29 +00:00
Ralf Jung
d537ed401d rustup 2021-12-05 11:02:20 -05:00
Tavian Barnes
b0a463334c intptrcast: Never allocate two objects directly adjecent
When two objects directly follow each other in memory, what is the
provenance of an integer cast to a pointer that points directly between
them?  For a zero-size region, it could point into the end of the first
object, or the start of the second.

We can avoid answering this difficult question by simply never
allocating two objects directly beside each other.  This fixes some of
the false positives from #1866.
2021-12-03 17:00:06 -05:00
Ralf Jung
ee666d8987 add tests for alignment on array initialization 2021-11-28 10:07:31 -05:00
Ralf Jung
4414d96323 implement shl and shr SIMD intrinsics 2021-11-25 17:26:37 -05:00
Ralf Jung
a534bbbf8a portable SIMD: add rem intrinsic; test div and rem intrinsic UB 2021-11-25 17:13:33 -05:00
bors
4f0faed6d2 Auto merge of #1922 - RalfJung:async-run-fut, r=RalfJung
async-fn test: make run_fut more general and entirely safe
2021-11-23 19:44:55 +00:00
Ralf Jung
c4502cbbe8 async-fn test: make run_fut more general and entirely safe 2021-11-23 14:33:00 -05:00
Ralf Jung
7dd1f0571c test for overflow-checks=off 2021-11-23 14:07:46 -05:00
Ralf Jung
b816cb94e7 implement SIMD sub, mul, div; also test i32 binops 2021-11-20 22:30:49 -05:00
Ralf Jung
0766da6fbe implement simd_add 2021-11-20 22:30:49 -05:00
Ralf Jung
d8bee92aee rename track-raw-pointers flag to tag-raw-pointers 2021-11-13 15:48:27 -05:00
Noah Lev
b3be6b44b6 Add tests for -Zmiri-check-number-validity 2021-11-10 11:36:42 -08:00
Ralf Jung
a6b12c229b rustup; add swap_remove test 2021-10-21 09:49:19 -04:00
Ralf Jung
f040413af8 rustup 2021-10-12 11:39:06 -04:00
Noah Lev
e751c7b04e rustup 2021-10-07 11:52:11 -07:00
DrMeepster
e6a27a68fa implement #[global_allocator] 2021-09-28 20:32:53 -07:00
hyd-dev
9a877b80fe
Add #[allow(dead_code)] in some tests 2021-09-11 18:58:57 +08:00
DrMeepster
84b058ac47 add support for #[start] 2021-09-02 15:41:10 -07:00
hyd-dev
7301fe118a
Move #[allow(unreachable_code)] in tests/run-pass/generator.rs 2021-08-26 16:16:43 +08:00
hyd-dev
33a67c6b33
Add #[allow(unreachable_code)] to drop(x) in tests/run-pass/generator.rs 2021-08-24 18:50:41 +08:00
niluxv
083e5e604c Add test for volatile_set_memory 2021-08-23 12:42:13 +02:00
hyd-dev
838ed1d754
Update tests for #[no_mangle] associated functions 2021-08-15 17:21:33 +08:00
hyd-dev
af7eb369b1
Fix tests for C-unwind ABI changes 2021-08-07 15:57:54 +08:00
bors
02f78b089c Auto merge of #1858 - RalfJung:thread-leaks, r=oli-obk
also ignore 'thread leaks' with -Zmiri-ignore-leaks

This is a step towards https://github.com/rust-lang/miri/issues/1371. The remaining hard part would be supporting checking for memory leaks when there are threads still running. For now we elegantly avoid this problem by using the same flag to control both of these checks. :)
2021-07-27 12:23:56 +00:00
Ralf Jung
78bcd12b17 make sure we only terminate main thread once TLS is initialized 2021-07-27 14:05:37 +02:00
Ralf Jung
66aa3d0247 make the loop infinite 2021-07-27 13:58:55 +02:00
Ralf Jung
679d10f98b no concurrency on windows 2021-07-25 14:38:02 +02:00
Ralf Jung
71efd950d1 also ignore 'thread leaks' with -Zmiri-ignore-leaks 2021-07-25 14:21:06 +02:00
Smit Soni
da6880427a Update error code for fs ops in isolation
Change the code to either `EACCES` (if the op is performed on the
path), or `EBADF` (if the op is performed the fd)

Updated ops: `stat`, `opendir`, `ftruncate64`, and `readlink`

Add a new test for fs ops in isolation.
2021-07-20 08:23:51 -07:00
Ralf Jung
6ce77164c1 rustup 2021-07-20 12:18:59 +02:00
Ralf Jung
bf8b2aa8dc add test for better ptr handling in enum niches 2021-07-17 13:59:58 +02:00
Aaron Hill
811423e761
Rustup for #[track_caller] trait object changes
Change test to assert that we get the correct location
even through a trait object call.
2021-07-10 11:51:00 -05:00
Ralf Jung
833dff994f rustup 2021-07-07 09:33:01 +02:00
hyd-dev
2644647053
Update backtraces 2021-06-20 15:12:11 +08:00
bors
486b5dfe74 Auto merge of #1832 - hyd-dev:1776-follow-up, r=RalfJung
Report an error if a `#[no_mangle]`/`#[export_name = ...]` function has the same symbol name as a built-in shim

Implements https://github.com/rust-lang/miri/pull/1776#issuecomment-821322605.

The error looks like this:
```
error: found `malloc` symbol definition that clashes with a built-in shim
  --> tests/compile-fail/function_calls/exported_symbol_shim_clashing.rs:12:9
   |
12 |         malloc(0);
   |         ^^^^^^^^^ found `malloc` symbol definition that clashes with a built-in shim
   |
help: the `malloc` symbol is defined here

  --> tests/compile-fail/function_calls/exported_symbol_shim_clashing.rs:2:1
   |
2  | / extern "C" fn malloc(_: usize) -> *mut std::ffi::c_void {
3  | |     //~^ HELP the `malloc` symbol is defined here
4  | |     unreachable!()
5  | | }
   | |_^
   = note: inside `main` at tests/compile-fail/function_calls/exported_symbol_shim_clashing.rs:12:9
```

This does not implement "better error messages than we do currently for arg/ABI mismatches" in https://github.com/rust-lang/miri/pull/1776#issuecomment-821343175 -- I failed to remove all `check_arg_count()` and `check_abi()` (they are still used in `src/shims/intrinsics.rs` and `call_dlsym()`) and they don't receive the name of the shim.
2021-06-15 09:53:05 +00:00
hyd-dev
dfd7a6d5aa
Rustup 2021-06-15 16:12:47 +08:00
hyd-dev
c822ec59aa
Implement cache for not found symbols 2021-06-11 15:24:51 +08:00
hyd-dev
6aef1d687d
Remove erroneous exit() and ExitProcess() in tests/run-pass/function_calls/exported_symbol.rs 2021-06-11 13:32:00 +08:00