Commit Graph

6171 Commits

Author SHA1 Message Date
bors
0e2def5c12 Auto merge of #2054 - m-ou-se:futex-wait-bitset, r=RalfJung
Add support for FUTEX_{WAIT,WAKE}_BITSET

FUTEX_WAIT_BITSET and FUTEX_WAKE_BITSET are extensions of FUTEX_WAIT and FUTEX_WAKE that allow tagging each waiting thread with up to 32 'labels', and then only wake up threads that match certain labels. The non-bitset operations behave like their bitset was fully set (u32::MAX), meaning that they'll wait for anything, and wake up anything.

The only other difference is that FUTEX_WAIT_BITSET uses an absolute timeout instead of an relative timeout like FUTEX_WAIT.

Often, FUTEX_WAIT_BITSET is used not for its bitset functionality, but only for its absolute timeout functionality. It is then used with a bitset of u32::MAX.

~~This adds support for only that use case to Miri, as that's all `std` currently needs. Any other bitset is still unsupported.~~

Update: This adds full support for both these syscalls.
2022-04-06 22:20:11 +00:00
Mara Bos
4fdda315cc Put 306ba8357f in rust-version. 2022-04-07 00:02:20 +02:00
Mara Bos
03417de176 Use let = if; instead of let; if. 2022-04-06 23:55:02 +02:00
Mara Bos
5581e33806 Add test for FUTEX_*_BITSET. 2022-04-06 23:48:26 +02:00
Mara Bos
53ed500c92 Fully support FUTEX_*_BITSET. 2022-04-06 23:48:14 +02:00
Mara Bos
12c88886b0 Formatting. 2022-04-06 23:13:47 +02:00
Mara Bos
a72a929b19 Add test for FUTEX_WAIT_BITSET. 2022-04-06 23:06:27 +02:00
Mara Bos
37cefa32d2 Add support for FUTEX_WAIT_BITSET(bitset=MAX). 2022-04-06 23:03:52 +02:00
bors
fb01df538e Auto merge of #2050 - RalfJung:partially-uninit, r=RalfJung
test that partially uninit MaybeUninit works correctly

This got finally fixed by https://github.com/rust-lang/rust/pull/94527 :)
2022-04-05 22:31:24 +00:00
Ralf Jung
46ff257b4e test that partially uninit MaybeUninit works correctly 2022-04-05 18:30:39 -04:00
bors
955bacc103 Auto merge of #2047 - RalfJung:no-extras, r=RalfJung
adjust for MemoryExtra being merged into Machine

The Miri side of https://github.com/rust-lang/rust/pull/95620
2022-04-05 15:14:12 +00:00
Ralf Jung
0512b2a376 rustup 2022-04-05 11:11:53 -04:00
Ralf Jung
6e1f3cd8ff adjust for MemoryExtra being merged into Machine 2022-04-05 11:11:53 -04:00
bors
95559c92b7 Auto merge of #2049 - atouchet:lic, r=RalfJung
Use SPDX license format
2022-04-05 02:29:21 +00:00
Alex Touchet
79a1001b39 Use SPDX license format 2022-04-04 15:52:09 -07:00
bors
ec51594521 Auto merge of #2046 - RalfJung:very-strict, r=RalfJung
make strict-provenance imply check-number-validity

I feel like Miri not catching [this example](https://github.com/rust-lang/unsafe-code-guidelines/issues/286#issuecomment-1085144431) with strict provenance checking enabled is surprising.

OTOH, Miri suddenly complaining about uninit data in integers with `-Zmiri-strict-provenance` also might be surprising. Which one is more surprising? I don't know. We *could* go out of our way and have a mode where uninit integers are okay but provenance is not, but I am not sure if that is truly worth it. It'd be quite annoying to implement.
2022-04-04 19:54:01 +00:00
bors
fc2165dd78 Auto merge of #2048 - RalfJung:rustup, r=RalfJung
rustup
2022-04-04 00:01:53 +00:00
Ralf Jung
830cc58f8a rustup 2022-04-03 20:00:03 -04:00
Ralf Jung
3dcba56349 add test for nasty example 2022-04-02 00:05:27 -04:00
Ralf Jung
1d79b60a1e make strict-provenance imply check-number-validity 2022-04-01 23:59:16 -04:00
bors
732461b4cd Auto merge of #2045 - RalfJung:strict-provenance, r=RalfJung
add -Zmiri-strict-provenance

This implements [strict provenance](https://github.com/rust-lang/rust/issues/95228) in Miri. The only change is that casting an integer to a pointer does not even attempt to produce a good provenance for the given address; instead, it always uses the invalid provenance. This stricter than even `-Zmiri-tag-raw-pointers` in that it also rejects the following example (which does not even involve Stacked Borrows):
```rust
fn main() {
    let x = 22;
    let ptr = &x as *const _ as *const u8;
    let roundtrip = ptr as usize as *const u8;
    let _ = unsafe { roundtrip.offset(1) };
}
```
The new flag also implies `-Zmiri-tag-raw-pointers` since the only reason one would *not* want to tag raw pointers is to support ptr-int-ptr roundtrips.

Note that the flag does *not* check against ptr-to-int *transmutes*; that still requires `-Zmiri-check-number-validity`. You can also check for strict provenance *without* Stacked Borrows by adding `-Zmiri-disable-stacked-borrows`.

The new "Miri hard mode" flags for maximal checking are `-Zmiri-strict-provenance -Zmiri-check-number-validity`. (Add `-Zmiri-symbolic-alignment-check` if you feel extra spicy today.)
2022-04-01 22:40:26 +00:00
bors
5d5d8b17cc Auto merge of #2043 - RalfJung:max-size, r=RalfJung
Rust values can be up to isize::MAX in size

Needs https://github.com/rust-lang/rust/pull/95388
2022-04-01 21:22:59 +00:00
Ralf Jung
e13668092c rustup 2022-04-01 17:22:11 -04:00
Ralf Jung
aa04dc1eeb Rust values can be up to isize::MAX in size 2022-04-01 17:22:01 -04:00
Ralf Jung
9af03bf342 add -Zmiri-strict-provenance 2022-04-01 14:10:24 -04:00
bors
6e1ed17295 Auto merge of #2044 - RalfJung:int_log, r=RalfJung
test int_log functions

I'll have to disable many of their tests in libcore since they take too long, so let's add some of them back on our side here.
2022-03-31 15:22:18 +00:00
Ralf Jung
811e6dd71d test int_log functions 2022-03-31 11:20:24 -04:00
bors
c1bbf078f3 Auto merge of #2040 - RalfJung:pnvi, r=RalfJung
ensure that -Zmiri-check-number-validity detects integers with provenance

This actually currently *fails* for the non-array case; I will have to fix this on the rustc side.
2022-03-27 14:02:02 +00:00
bors
80fe3b1246 Auto merge of #2042 - TaKO8Ki:add-vscode-dir-to-gitignore, r=RalfJung
Add `.vscode` directory to `.gitignore`

Add `.vscode` directory to `.gitignore` for configuring `rust-analyzer`
2022-03-27 13:41:38 +00:00
Ralf Jung
f3c35d5105 rustup 2022-03-27 09:40:46 -04:00
Takayuki Maeda
0beb318b04 add .vscode to .gitignore 2022-03-27 18:41:40 +09:00
Ralf Jung
5d7c495de5 channels do ptr-int transmutes so move them to non-check-number-validity test 2022-03-26 14:33:17 -04:00
Ralf Jung
552b77e3b9 fix types in env shim to avoid ptr-int transmutes 2022-03-26 14:33:13 -04:00
Ralf Jung
ede470e1fc ensure that -Zmiri-check-number-validity detects integers with provenance 2022-03-26 14:33:13 -04:00
bors
017b0fb737 Auto merge of #2039 - RalfJung:too-big, r=RalfJung
another test for too big type

The existing test covers "slice is bigger than largest supported object" but we had no test covering "total size is bigger than largest supported object", which happens when the unsized tail itself is okay in terms of size, but together with the sized prefix it becomes too big.

Cc https://github.com/rust-lang/rust/issues/95334
2022-03-26 15:08:43 +00:00
Ralf Jung
9772c85ebc another test for too big type 2022-03-26 11:08:11 -04:00
bors
346f8f2219 Auto merge of #2036 - RalfJung:vec, r=RalfJung
regression test for reverse() unsoundness

Cc https://github.com/rust-lang/rust/pull/90821
2022-03-24 14:33:02 +00:00
bors
d46b648f85 Auto merge of #2038 - RalfJung:rustup, r=RalfJung
rustup
2022-03-24 14:07:06 +00:00
Ralf Jung
3275df31ea rustup 2022-03-24 10:06:33 -04:00
Ralf Jung
951ac65f26 regression test for reverse() unsoundness 2022-03-22 14:28:36 -04:00
Ralf Jung
694846f8b4 vec test: check number validity 2022-03-22 14:26:40 -04:00
bors
16c69fd290 Auto merge of #2033 - RalfJung:arbitrary-self-dyn, r=RalfJung
test arbitrary-self dyn receivers

Requires https://github.com/rust-lang/rust/pull/95071
2022-03-20 18:04:55 +00:00
Ralf Jung
b066856f34 rustup 2022-03-20 14:04:05 -04:00
Ralf Jung
aafc0694fc test arbitrary-self dyn receivers 2022-03-20 14:03:46 -04:00
bors
a64e6fd1b6 Auto merge of #2022 - RalfJung:remove_dir_all, r=RalfJung
test remove_dir_all

Blocked on https://github.com/rust-lang/rust/pull/94749

Cc https://github.com/rust-lang/miri/issues/1966
2022-03-20 14:38:27 +00:00
Ralf Jung
1cda05e174 rustup 2022-03-20 10:36:44 -04:00
Ralf Jung
65469fe85b test remove_dir_all 2022-03-20 10:36:27 -04:00
bors
57786678d4 Auto merge of #1975 - DrMeepster:backtrace_fix, r=RalfJung
Make backtraces work with #[global_allocator]

Currently, backtraces break when the global allocator is overridden because the allocator will attempt to deallocate memory allocated directly by Miri.

~~This PR fixes that by using a new memory kind and providing a function to deallocate it. We can't call the custom allocator to allocate because it's not possible to call a function in the middle of a shim.~~

This PR fixes that by adding a new version of the backtrace API accessible by setting `flags` to 1. Existing code still functions.

backtrace-rs PR: rust-lang/backtrace-rs#462

Fixes https://github.com/rust-lang/miri/issues/1996
2022-03-20 02:37:09 +00:00
DrMeepster
2c670b10df add new version of backtrace api using flags=1 2022-03-19 18:14:11 -07:00
bors
5d72cd987b Auto merge of #2024 - saethlin:better-local-check, r=RalfJung
Consider the cargo workspace when checking if a frame is local

`DefId::is_local` returns a result which is technically correct, but doesn't match the user's intuition when running integration tests or doctests. This incorporates the workspace crates mentioned in `cargo metadata` into the check for whether a frame is local to match user intuition.

For example, here is the backtrace you get from `MIRIFLAGS=-Zmiri-tag-raw-pointers cargo miri test` in `bytes` 1.1.0:
```
   --> /home/ben/.rustup/toolchains/miri/lib/rustlib/src/rust/library/core/src/slice/raw.rs:131:14
    |
131 |     unsafe { &mut *ptr::slice_from_raw_parts_mut(data, len) }
    |              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ trying to reborrow for Unique at alloc67158, but parent tag <untagged> does not have an appropriate item in the borrow stack
    |
    = help: this indicates a potential bug in the program: it performed an invalid operation, but the rules it violated are still experimental
    = help: see https://github.com/rust-lang/unsafe-code-guidelines/blob/master/wip/stacked-borrows.md for further information

    = note: inside `std::slice::from_raw_parts_mut::<u8>` at /home/ben/.rustup/toolchains/miri/lib/rustlib/src/rust/library/core/src/slice/raw.rs:131:14
    = note: inside `bytes::bytes::rebuild_boxed_slice` at /tmp/bytes-1.1.0/src/bytes.rs:938:19
    = note: inside closure at /tmp/bytes-1.1.0/src/bytes.rs:904:18
    = note: inside `<std::sync::atomic::AtomicPtr<()> as bytes::loom::sync::atomic::AtomicMut<()>>::with_mut::<[closure@bytes::bytes::promotable_even_drop::{closure#0}], ()>` at /tmp/bytes-1.1.0/src/loom.rs:17:17
    = note: inside `bytes::bytes::promotable_even_drop` at /tmp/bytes-1.1.0/src/bytes.rs:895:5
    = note: inside `<bytes::Bytes as std::ops::Drop>::drop` at /tmp/bytes-1.1.0/src/bytes.rs:515:18
    = note: inside `std::ptr::drop_in_place::<bytes::Bytes> - shim(Some(bytes::Bytes))` at /home/ben/.rustup/toolchains/miri/lib/rustlib/src/rust/library/core/src/ptr/mod.rs:188:1
note: inside `copy_to_bytes_less` at tests/test_buf.rs:112:1
   --> tests/test_buf.rs:112:1
    |
112 | }
    | ^
note: inside closure at tests/test_buf.rs:106:1
   --> tests/test_buf.rs:106:1
    |
105 |   #[test]
    |   ------- in this procedural macro expansion
106 | / fn copy_to_bytes_less() {
107 | |     let mut buf = &b"hello world"[..];
108 | |
109 | |     let bytes = buf.copy_to_bytes(5);
110 | |     assert_eq!(bytes, &b"hello"[..]);
111 | |     assert_eq!(buf, &b" world"[..])
112 | | }
    | |_^
    = note: this error originates in the attribute macro `test` (in Nightly builds, run with -Z macro-backtrace for more info)
```
We get these because the integration tests are occurring in a crate called `test`, not the actual `bytes` crate. With this PR, we get this:
```
    = note: inside `std::slice::from_raw_parts_mut::<u8>` at /home/ben/.rustup/toolchains/miri/lib/rustlib/src/rust/library/core/src/slice/raw.rs:131:14
note: inside `bytes::bytes::rebuild_boxed_slice` at /tmp/bytes-1.1.0/src/bytes.rs:938:19
   --> /tmp/bytes-1.1.0/src/bytes.rs:938:19
    |
938 |     Box::from_raw(slice::from_raw_parts_mut(buf, cap))
    |                   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
note: inside closure at /tmp/bytes-1.1.0/src/bytes.rs:904:18
   --> /tmp/bytes-1.1.0/src/bytes.rs:904:18
    |
904 |             drop(rebuild_boxed_slice(buf, ptr, len));
    |                  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
note: inside `<std::sync::atomic::AtomicPtr<()> as bytes::loom::sync::atomic::AtomicMut<()>>::with_mut::<[closure@bytes::bytes::promotable_even_drop::{closure#0}], ()>` at /tmp/bytes-1.1.0/src/loom.rs:17:17
   --> /tmp/bytes-1.1.0/src/loom.rs:17:17
    |
17  |                 f(self.get_mut())
    |                 ^^^^^^^^^^^^^^^^^
note: inside `bytes::bytes::promotable_even_drop` at /tmp/bytes-1.1.0/src/bytes.rs:895:5
   --> /tmp/bytes-1.1.0/src/bytes.rs:895:5
    |
895 | /     data.with_mut(|shared| {
896 | |         let shared = *shared;
897 | |         let kind = shared as usize & KIND_MASK;
898 | |
...   |
905 | |         }
906 | |     });
    | |______^
note: inside `<bytes::Bytes as std::ops::Drop>::drop` at /tmp/bytes-1.1.0/src/bytes.rs:515:18
   --> /tmp/bytes-1.1.0/src/bytes.rs:515:18
    |
515 |         unsafe { (self.vtable.drop)(&mut self.data, self.ptr, self.len) }
    |                  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
    = note: inside `std::ptr::drop_in_place::<bytes::Bytes> - shim(Some(bytes::Bytes))` at /home/ben/.rustup/toolchains/miri/lib/rustlib/src/rust/library/core/src/ptr/mod.rs:188:1
note: inside `copy_to_bytes_less` at tests/test_buf.rs:112:1
   --> tests/test_buf.rs:112:1
    |
112 | }
    | ^
note: inside closure at tests/test_buf.rs:106:1
   --> tests/test_buf.rs:106:1
    |
105 |   #[test]
    |   ------- in this procedural macro expansion
106 | / fn copy_to_bytes_less() {
107 | |     let mut buf = &b"hello world"[..];
108 | |
109 | |     let bytes = buf.copy_to_bytes(5);
110 | |     assert_eq!(bytes, &b"hello"[..]);
111 | |     assert_eq!(buf, &b" world"[..])
112 | | }
    | |_^
    = note: this error originates in the attribute macro `test` (in Nightly builds, run with -Z macro-backtrace for more info)
```

Note that this kind of inflation is rather rare to see. Most backtraces change not at all or only a tiny bit.

I originally implemented this to support another improvement to Miri diagnostics, but I think this is hairy enough to deserve its own PR, if somewhat poorly-motivated.
2022-03-18 20:38:37 +00:00