on a signed deref check, mention the right pointer in the error
This commit is contained in:
parent
70591dc15d
commit
de78cb56b2
34 changed files with 192 additions and 141 deletions
|
@ -88,10 +88,18 @@ const_eval_exact_div_has_remainder =
|
|||
exact_div: {$a} cannot be divided by {$b} without remainder
|
||||
|
||||
const_eval_expected_inbounds_pointer =
|
||||
expected {$inbounds_size ->
|
||||
[0] a pointer to some allocation
|
||||
[1] a pointer to 1 byte of memory
|
||||
*[x] a pointer to {$inbounds_size} bytes of memory
|
||||
expected a pointer to {$inbounds_size_abs ->
|
||||
[0] some allocation
|
||||
*[x] {$inbounds_size_is_neg ->
|
||||
[false] {$inbounds_size_abs ->
|
||||
[1] 1 byte of memory
|
||||
*[x] {$inbounds_size_abs} bytes of memory
|
||||
}
|
||||
*[true] the end of {$inbounds_size_abs ->
|
||||
[1] 1 byte of memory
|
||||
*[x] {$inbounds_size_abs} bytes of memory
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
const_eval_extern_static =
|
||||
|
@ -243,7 +251,7 @@ const_eval_offset_from_different_allocations =
|
|||
const_eval_offset_from_overflow =
|
||||
`{$name}` called when first pointer is too far ahead of second
|
||||
const_eval_offset_from_test =
|
||||
out-of-bounds `offset_from`
|
||||
out-of-bounds `offset_from` origin
|
||||
const_eval_offset_from_underflow =
|
||||
`{$name}` called when first pointer is too far before second
|
||||
const_eval_offset_from_unsigned_overflow =
|
||||
|
@ -274,12 +282,19 @@ const_eval_pointer_arithmetic_test = out-of-bounds pointer arithmetic
|
|||
const_eval_pointer_out_of_bounds =
|
||||
{$bad_pointer_message}: {const_eval_expected_inbounds_pointer}, but got {$pointer} {$ptr_offset_is_neg ->
|
||||
[true] which points to before the beginning of the allocation
|
||||
*[false] {$alloc_size_minus_ptr_offset ->
|
||||
[0] which is at or beyond the end of the allocation of size {$alloc_size ->
|
||||
[1] 1 byte
|
||||
*[x] {$alloc_size} bytes
|
||||
*[false] {$inbounds_size_is_neg ->
|
||||
[true] {$ptr_offset_abs ->
|
||||
[0] which is at the beginning of the allocation
|
||||
*[other] which does not have enough space to the beginning of the allocation
|
||||
}
|
||||
*[false] {$alloc_size_minus_ptr_offset ->
|
||||
[0] which is at or beyond the end of the allocation of size {$alloc_size ->
|
||||
[1] 1 byte
|
||||
*[x] {$alloc_size} bytes
|
||||
}
|
||||
[1] which is only 1 byte from the end of the allocation
|
||||
*[x] which is only {$alloc_size_minus_ptr_offset} bytes from the end of the allocation
|
||||
}
|
||||
*[x] and there are only {$alloc_size_minus_ptr_offset} bytes starting at that pointer
|
||||
}
|
||||
}
|
||||
const_eval_pointer_use_after_free =
|
||||
|
|
|
@ -295,7 +295,7 @@ impl<'tcx> CompileTimeInterpCx<'tcx> {
|
|||
);
|
||||
}
|
||||
|
||||
match self.ptr_try_get_alloc_id(ptr) {
|
||||
match self.ptr_try_get_alloc_id(ptr, 0) {
|
||||
Ok((alloc_id, offset, _extra)) => {
|
||||
let (_size, alloc_align, _kind) = self.get_alloc_info(alloc_id);
|
||||
|
||||
|
@ -510,7 +510,7 @@ impl<'tcx> interpret::Machine<'tcx> for CompileTimeMachine<'tcx> {
|
|||
|
||||
// If an allocation is created in an another const,
|
||||
// we don't deallocate it.
|
||||
let (alloc_id, _, _) = ecx.ptr_get_alloc_id(ptr)?;
|
||||
let (alloc_id, _, _) = ecx.ptr_get_alloc_id(ptr, 0)?;
|
||||
let is_allocated_in_another_const = matches!(
|
||||
ecx.tcx.try_get_global_alloc(alloc_id),
|
||||
Some(interpret::GlobalAlloc::Memory(_))
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
use std::borrow::Cow;
|
||||
use std::fmt::Write;
|
||||
|
||||
use either::Either;
|
||||
use rustc_errors::codes::*;
|
||||
|
@ -15,7 +16,7 @@ use rustc_middle::mir::interpret::{
|
|||
use rustc_middle::ty::{self, Mutability, Ty};
|
||||
use rustc_span::Span;
|
||||
use rustc_target::abi::call::AdjustForForeignAbiError;
|
||||
use rustc_target::abi::{Size, WrappingRange};
|
||||
use rustc_target::abi::WrappingRange;
|
||||
|
||||
use crate::interpret::InternKind;
|
||||
|
||||
|
@ -575,18 +576,21 @@ impl<'a> ReportErrorExt for UndefinedBehaviorInfo<'a> {
|
|||
.arg("bad_pointer_message", bad_pointer_message(msg, dcx));
|
||||
}
|
||||
PointerOutOfBounds { alloc_id, alloc_size, ptr_offset, inbounds_size, msg } => {
|
||||
diag.arg("alloc_size", alloc_size.bytes())
|
||||
.arg("inbounds_size", inbounds_size.bytes())
|
||||
.arg("bad_pointer_message", bad_pointer_message(msg, dcx));
|
||||
diag.arg(
|
||||
"pointer",
|
||||
Pointer::new(
|
||||
Some(CtfeProvenance::from(alloc_id)),
|
||||
Size::from_bytes(ptr_offset as u64),
|
||||
)
|
||||
.to_string(),
|
||||
);
|
||||
diag.arg("alloc_size", alloc_size.bytes());
|
||||
diag.arg("bad_pointer_message", bad_pointer_message(msg, dcx));
|
||||
diag.arg("pointer", {
|
||||
let mut out = format!("{:?}", alloc_id);
|
||||
if ptr_offset > 0 {
|
||||
write!(out, "+{:#x}", ptr_offset).unwrap();
|
||||
} else if ptr_offset < 0 {
|
||||
write!(out, "-{:#x}", ptr_offset.unsigned_abs()).unwrap();
|
||||
}
|
||||
out
|
||||
});
|
||||
diag.arg("inbounds_size_is_neg", inbounds_size < 0);
|
||||
diag.arg("inbounds_size_abs", inbounds_size.unsigned_abs());
|
||||
diag.arg("ptr_offset_is_neg", ptr_offset < 0);
|
||||
diag.arg("ptr_offset_abs", ptr_offset.unsigned_abs());
|
||||
diag.arg(
|
||||
"alloc_size_minus_ptr_offset",
|
||||
alloc_size.bytes().saturating_sub(ptr_offset as u64),
|
||||
|
@ -600,7 +604,8 @@ impl<'a> ReportErrorExt for UndefinedBehaviorInfo<'a> {
|
|||
);
|
||||
}
|
||||
|
||||
diag.arg("inbounds_size", inbounds_size.bytes());
|
||||
diag.arg("inbounds_size_is_neg", inbounds_size < 0);
|
||||
diag.arg("inbounds_size_abs", inbounds_size.unsigned_abs());
|
||||
diag.arg("bad_pointer_message", bad_pointer_message(msg, dcx));
|
||||
}
|
||||
AlignmentCheckFailed(Misalignment { required, has }, msg) => {
|
||||
|
|
|
@ -243,7 +243,7 @@ impl<'tcx, M: Machine<'tcx>> InterpCx<'tcx, M> {
|
|||
let (a_offset, b_offset, is_addr) = if M::Provenance::OFFSET_IS_ADDR {
|
||||
(a.addr().bytes(), b.addr().bytes(), /*is_addr*/ true)
|
||||
} else {
|
||||
match (self.ptr_try_get_alloc_id(a), self.ptr_try_get_alloc_id(b)) {
|
||||
match (self.ptr_try_get_alloc_id(a, 0), self.ptr_try_get_alloc_id(b, 0)) {
|
||||
(Err(a), Err(b)) => {
|
||||
// Neither pointer points to an allocation, so they are both absolute.
|
||||
(a, b, /*is_addr*/ true)
|
||||
|
@ -312,7 +312,7 @@ impl<'tcx, M: Machine<'tcx>> InterpCx<'tcx, M> {
|
|||
};
|
||||
|
||||
// Check that the memory between them is dereferenceable at all, starting from the
|
||||
// base pointer: `dist` is `a - b`, so it is based on `b`.
|
||||
// origin pointer: `dist` is `a - b`, so it is based on `b`.
|
||||
self.check_ptr_access_signed(b, dist, CheckInAllocMsg::OffsetFromTest)?;
|
||||
// Then check that this is also dereferenceable from `a`. This ensures that they are
|
||||
// derived from the same allocation.
|
||||
|
|
|
@ -321,15 +321,21 @@ pub trait Machine<'tcx>: Sized {
|
|||
ptr: Pointer<Self::Provenance>,
|
||||
) -> InterpResult<'tcx>;
|
||||
|
||||
/// Convert a pointer with provenance into an allocation-offset pair
|
||||
/// and extra provenance info.
|
||||
/// Convert a pointer with provenance into an allocation-offset pair and extra provenance info.
|
||||
/// `size` says how many bytes of memory are expected at that pointer. The *sign* of `size` can
|
||||
/// be used to disambiguate situations where a wildcard pointer sits right in between two
|
||||
/// allocations.
|
||||
///
|
||||
/// The returned `AllocId` must be the same as `ptr.provenance.get_alloc_id()`.
|
||||
/// If `ptr.provenance.get_alloc_id()` is `Some(p)`, the returned `AllocId` must be `p`.
|
||||
/// The resulting `AllocId` will just be used for that one step and the forgotten again
|
||||
/// (i.e., we'll never turn the data returned here back into a `Pointer` that might be
|
||||
/// stored in machine state).
|
||||
///
|
||||
/// When this fails, that means the pointer does not point to a live allocation.
|
||||
fn ptr_get_alloc(
|
||||
ecx: &InterpCx<'tcx, Self>,
|
||||
ptr: Pointer<Self::Provenance>,
|
||||
size: i64,
|
||||
) -> Option<(AllocId, Size, Self::ProvenanceExtra)>;
|
||||
|
||||
/// Called to adjust global allocations to the Provenance and AllocExtra of this machine.
|
||||
|
@ -658,6 +664,7 @@ pub macro compile_time_machine(<$tcx: lifetime>) {
|
|||
fn ptr_get_alloc(
|
||||
_ecx: &InterpCx<$tcx, Self>,
|
||||
ptr: Pointer<CtfeProvenance>,
|
||||
_size: i64,
|
||||
) -> Option<(AllocId, Size, Self::ProvenanceExtra)> {
|
||||
// We know `offset` is relative to the allocation, so we can use `into_parts`.
|
||||
let (prov, offset) = ptr.into_parts();
|
||||
|
|
|
@ -261,7 +261,7 @@ impl<'tcx, M: Machine<'tcx>> InterpCx<'tcx, M> {
|
|||
new_align: Align,
|
||||
kind: MemoryKind<M::MemoryKind>,
|
||||
) -> InterpResult<'tcx, Pointer<M::Provenance>> {
|
||||
let (alloc_id, offset, _prov) = self.ptr_get_alloc_id(ptr)?;
|
||||
let (alloc_id, offset, _prov) = self.ptr_get_alloc_id(ptr, 0)?;
|
||||
if offset.bytes() != 0 {
|
||||
throw_ub_custom!(
|
||||
fluent::const_eval_realloc_or_alloc_with_offset,
|
||||
|
@ -291,7 +291,7 @@ impl<'tcx, M: Machine<'tcx>> InterpCx<'tcx, M> {
|
|||
old_size_and_align: Option<(Size, Align)>,
|
||||
kind: MemoryKind<M::MemoryKind>,
|
||||
) -> InterpResult<'tcx> {
|
||||
let (alloc_id, offset, prov) = self.ptr_get_alloc_id(ptr)?;
|
||||
let (alloc_id, offset, prov) = self.ptr_get_alloc_id(ptr, 0)?;
|
||||
trace!("deallocating: {alloc_id:?}");
|
||||
|
||||
if offset.bytes() != 0 {
|
||||
|
@ -383,6 +383,7 @@ impl<'tcx, M: Machine<'tcx>> InterpCx<'tcx, M> {
|
|||
ptr: Pointer<Option<M::Provenance>>,
|
||||
size: Size,
|
||||
) -> InterpResult<'tcx, Option<(AllocId, Size, M::ProvenanceExtra)>> {
|
||||
let size = i64::try_from(size.bytes()).unwrap(); // it would be an error to even ask for more than isize::MAX bytes
|
||||
self.check_and_deref_ptr(
|
||||
ptr,
|
||||
size,
|
||||
|
@ -404,6 +405,7 @@ impl<'tcx, M: Machine<'tcx>> InterpCx<'tcx, M> {
|
|||
size: Size,
|
||||
msg: CheckInAllocMsg,
|
||||
) -> InterpResult<'tcx> {
|
||||
let size = i64::try_from(size.bytes()).unwrap(); // it would be an error to even ask for more than isize::MAX bytes
|
||||
self.check_and_deref_ptr(ptr, size, msg, |alloc_id, _, _| {
|
||||
let (size, align) = self.get_live_alloc_size_and_align(alloc_id, msg)?;
|
||||
Ok((size, align, ()))
|
||||
|
@ -420,19 +422,17 @@ impl<'tcx, M: Machine<'tcx>> InterpCx<'tcx, M> {
|
|||
size: i64,
|
||||
msg: CheckInAllocMsg,
|
||||
) -> InterpResult<'tcx> {
|
||||
if let Ok(size) = u64::try_from(size) {
|
||||
self.check_ptr_access(ptr, Size::from_bytes(size), msg)
|
||||
} else {
|
||||
// Compute the pointer at the beginning of the range, and do the standard
|
||||
// dereferenceability check from there.
|
||||
let begin_ptr = ptr.wrapping_signed_offset(size, self);
|
||||
self.check_ptr_access(begin_ptr, Size::from_bytes(size.unsigned_abs()), msg)
|
||||
}
|
||||
self.check_and_deref_ptr(ptr, size, msg, |alloc_id, _, _| {
|
||||
let (size, align) = self.get_live_alloc_size_and_align(alloc_id, msg)?;
|
||||
Ok((size, align, ()))
|
||||
})?;
|
||||
Ok(())
|
||||
}
|
||||
|
||||
/// Low-level helper function to check if a ptr is in-bounds and potentially return a reference
|
||||
/// to the allocation it points to. Supports both shared and mutable references, as the actual
|
||||
/// checking is offloaded to a helper closure.
|
||||
/// checking is offloaded to a helper closure. Supports signed sizes for checks "to the left" of
|
||||
/// a pointer.
|
||||
///
|
||||
/// `alloc_size` will only get called for non-zero-sized accesses.
|
||||
///
|
||||
|
@ -440,7 +440,7 @@ impl<'tcx, M: Machine<'tcx>> InterpCx<'tcx, M> {
|
|||
fn check_and_deref_ptr<T>(
|
||||
&self,
|
||||
ptr: Pointer<Option<M::Provenance>>,
|
||||
size: Size,
|
||||
size: i64,
|
||||
msg: CheckInAllocMsg,
|
||||
alloc_size: impl FnOnce(
|
||||
AllocId,
|
||||
|
@ -449,24 +449,31 @@ impl<'tcx, M: Machine<'tcx>> InterpCx<'tcx, M> {
|
|||
) -> InterpResult<'tcx, (Size, Align, T)>,
|
||||
) -> InterpResult<'tcx, Option<T>> {
|
||||
// Everything is okay with size 0.
|
||||
if size.bytes() == 0 {
|
||||
if size == 0 {
|
||||
return Ok(None);
|
||||
}
|
||||
|
||||
Ok(match self.ptr_try_get_alloc_id(ptr) {
|
||||
Ok(match self.ptr_try_get_alloc_id(ptr, size) {
|
||||
Err(addr) => {
|
||||
// We couldn't get a proper allocation.
|
||||
throw_ub!(DanglingIntPointer { addr, inbounds_size: size, msg });
|
||||
}
|
||||
Ok((alloc_id, offset, prov)) => {
|
||||
let (alloc_size, _alloc_align, ret_val) = alloc_size(alloc_id, offset, prov)?;
|
||||
// Test bounds.
|
||||
// It is sufficient to check this for the end pointer. Also check for overflow!
|
||||
if offset.checked_add(size, &self.tcx).is_none_or(|end| end > alloc_size) {
|
||||
let offset = offset.bytes();
|
||||
// Compute absolute begin and end of the range.
|
||||
let (begin, end) = if size >= 0 {
|
||||
(Some(offset), offset.checked_add(size as u64))
|
||||
} else {
|
||||
(offset.checked_sub(size.unsigned_abs()), Some(offset))
|
||||
};
|
||||
// Ensure both are within bounds.
|
||||
let in_bounds = begin.is_some() && end.is_some_and(|e| e <= alloc_size.bytes());
|
||||
if !in_bounds {
|
||||
throw_ub!(PointerOutOfBounds {
|
||||
alloc_id,
|
||||
alloc_size,
|
||||
ptr_offset: self.target_usize_to_isize(offset.bytes()),
|
||||
ptr_offset: self.target_usize_to_isize(offset),
|
||||
inbounds_size: size,
|
||||
msg,
|
||||
})
|
||||
|
@ -498,7 +505,7 @@ impl<'tcx, M: Machine<'tcx>> InterpCx<'tcx, M> {
|
|||
}
|
||||
|
||||
#[inline]
|
||||
fn offset_misalignment(offset: u64, align: Align) -> Option<Misalignment> {
|
||||
fn is_offset_misaligned(offset: u64, align: Align) -> Option<Misalignment> {
|
||||
if offset % align.bytes() == 0 {
|
||||
None
|
||||
} else {
|
||||
|
@ -508,8 +515,8 @@ impl<'tcx, M: Machine<'tcx>> InterpCx<'tcx, M> {
|
|||
}
|
||||
}
|
||||
|
||||
match self.ptr_try_get_alloc_id(ptr) {
|
||||
Err(addr) => offset_misalignment(addr, align),
|
||||
match self.ptr_try_get_alloc_id(ptr, 0) {
|
||||
Err(addr) => is_offset_misaligned(addr, align),
|
||||
Ok((alloc_id, offset, _prov)) => {
|
||||
let (_size, alloc_align, kind) = self.get_alloc_info(alloc_id);
|
||||
if let Some(misalign) =
|
||||
|
@ -517,14 +524,13 @@ impl<'tcx, M: Machine<'tcx>> InterpCx<'tcx, M> {
|
|||
{
|
||||
Some(misalign)
|
||||
} else if M::Provenance::OFFSET_IS_ADDR {
|
||||
// `use_addr_for_alignment_check` can only be true if `OFFSET_IS_ADDR` is true.
|
||||
offset_misalignment(ptr.addr().bytes(), align)
|
||||
is_offset_misaligned(ptr.addr().bytes(), align)
|
||||
} else {
|
||||
// Check allocation alignment and offset alignment.
|
||||
if alloc_align.bytes() < align.bytes() {
|
||||
Some(Misalignment { has: alloc_align, required: align })
|
||||
} else {
|
||||
offset_misalignment(offset.bytes(), align)
|
||||
is_offset_misaligned(offset.bytes(), align)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -660,9 +666,10 @@ impl<'tcx, M: Machine<'tcx>> InterpCx<'tcx, M> {
|
|||
size: Size,
|
||||
) -> InterpResult<'tcx, Option<AllocRef<'a, 'tcx, M::Provenance, M::AllocExtra, M::Bytes>>>
|
||||
{
|
||||
let size_i64 = i64::try_from(size.bytes()).unwrap(); // it would be an error to even ask for more than isize::MAX bytes
|
||||
let ptr_and_alloc = self.check_and_deref_ptr(
|
||||
ptr,
|
||||
size,
|
||||
size_i64,
|
||||
CheckInAllocMsg::MemoryAccessTest,
|
||||
|alloc_id, offset, prov| {
|
||||
let alloc = self.get_alloc_raw(alloc_id)?;
|
||||
|
@ -673,7 +680,7 @@ impl<'tcx, M: Machine<'tcx>> InterpCx<'tcx, M> {
|
|||
// accesses. That means we cannot rely on the closure above or the `Some` branch below. We
|
||||
// do this after `check_and_deref_ptr` to ensure some basic sanity has already been checked.
|
||||
if !self.memory.validation_in_progress.get() {
|
||||
if let Ok((alloc_id, ..)) = self.ptr_try_get_alloc_id(ptr) {
|
||||
if let Ok((alloc_id, ..)) = self.ptr_try_get_alloc_id(ptr, size_i64) {
|
||||
M::before_alloc_read(self, alloc_id)?;
|
||||
}
|
||||
}
|
||||
|
@ -894,7 +901,7 @@ impl<'tcx, M: Machine<'tcx>> InterpCx<'tcx, M> {
|
|||
ptr: Pointer<Option<M::Provenance>>,
|
||||
) -> InterpResult<'tcx, FnVal<'tcx, M::ExtraFnVal>> {
|
||||
trace!("get_ptr_fn({:?})", ptr);
|
||||
let (alloc_id, offset, _prov) = self.ptr_get_alloc_id(ptr)?;
|
||||
let (alloc_id, offset, _prov) = self.ptr_get_alloc_id(ptr, 0)?;
|
||||
if offset.bytes() != 0 {
|
||||
throw_ub!(InvalidFunctionPointer(Pointer::new(alloc_id, offset)))
|
||||
}
|
||||
|
@ -910,7 +917,7 @@ impl<'tcx, M: Machine<'tcx>> InterpCx<'tcx, M> {
|
|||
expected_trait: Option<&'tcx ty::List<ty::PolyExistentialPredicate<'tcx>>>,
|
||||
) -> InterpResult<'tcx, Ty<'tcx>> {
|
||||
trace!("get_ptr_vtable({:?})", ptr);
|
||||
let (alloc_id, offset, _tag) = self.ptr_get_alloc_id(ptr)?;
|
||||
let (alloc_id, offset, _tag) = self.ptr_get_alloc_id(ptr, 0)?;
|
||||
if offset.bytes() != 0 {
|
||||
throw_ub!(InvalidVTablePointer(Pointer::new(alloc_id, offset)))
|
||||
}
|
||||
|
@ -1391,7 +1398,7 @@ impl<'tcx, M: Machine<'tcx>> InterpCx<'tcx, M> {
|
|||
Err(_) => {
|
||||
// Can only happen during CTFE.
|
||||
let ptr = scalar.to_pointer(self)?;
|
||||
match self.ptr_try_get_alloc_id(ptr) {
|
||||
match self.ptr_try_get_alloc_id(ptr, 0) {
|
||||
Ok((alloc_id, offset, _)) => {
|
||||
let (size, _align, _kind) = self.get_alloc_info(alloc_id);
|
||||
// If the pointer is out-of-bounds, it may be null.
|
||||
|
@ -1407,6 +1414,12 @@ impl<'tcx, M: Machine<'tcx>> InterpCx<'tcx, M> {
|
|||
/// Turning a "maybe pointer" into a proper pointer (and some information
|
||||
/// about where it points), or an absolute address.
|
||||
///
|
||||
/// `size` says how many bytes of memory are expected at that pointer. This is largely only used
|
||||
/// for error messages; however, the *sign* of `size` can be used to disambiguate situations
|
||||
/// where a wildcard pointer sits right in between two allocations.
|
||||
/// It is almost always okay to just set the size to 0; this will be treated like a positive size
|
||||
/// for handling wildcard pointers.
|
||||
///
|
||||
/// The result must be used immediately; it is not allowed to convert
|
||||
/// the returned data back into a `Pointer` and store that in machine state.
|
||||
/// (In fact that's not even possible since `M::ProvenanceExtra` is generic and
|
||||
|
@ -1414,9 +1427,10 @@ impl<'tcx, M: Machine<'tcx>> InterpCx<'tcx, M> {
|
|||
pub fn ptr_try_get_alloc_id(
|
||||
&self,
|
||||
ptr: Pointer<Option<M::Provenance>>,
|
||||
size: i64,
|
||||
) -> Result<(AllocId, Size, M::ProvenanceExtra), u64> {
|
||||
match ptr.into_pointer_or_addr() {
|
||||
Ok(ptr) => match M::ptr_get_alloc(self, ptr) {
|
||||
Ok(ptr) => match M::ptr_get_alloc(self, ptr, size) {
|
||||
Some((alloc_id, offset, extra)) => Ok((alloc_id, offset, extra)),
|
||||
None => {
|
||||
assert!(M::Provenance::OFFSET_IS_ADDR);
|
||||
|
@ -1430,6 +1444,12 @@ impl<'tcx, M: Machine<'tcx>> InterpCx<'tcx, M> {
|
|||
|
||||
/// Turning a "maybe pointer" into a proper pointer (and some information about where it points).
|
||||
///
|
||||
/// `size` says how many bytes of memory are expected at that pointer. This is largely only used
|
||||
/// for error messages; however, the *sign* of `size` can be used to disambiguate situations
|
||||
/// where a wildcard pointer sits right in between two allocations.
|
||||
/// It is almost always okay to just set the size to 0; this will be treated like a positive size
|
||||
/// for handling wildcard pointers.
|
||||
///
|
||||
/// The result must be used immediately; it is not allowed to convert
|
||||
/// the returned data back into a `Pointer` and store that in machine state.
|
||||
/// (In fact that's not even possible since `M::ProvenanceExtra` is generic and
|
||||
|
@ -1438,12 +1458,12 @@ impl<'tcx, M: Machine<'tcx>> InterpCx<'tcx, M> {
|
|||
pub fn ptr_get_alloc_id(
|
||||
&self,
|
||||
ptr: Pointer<Option<M::Provenance>>,
|
||||
size: i64,
|
||||
) -> InterpResult<'tcx, (AllocId, Size, M::ProvenanceExtra)> {
|
||||
self.ptr_try_get_alloc_id(ptr).map_err(|offset| {
|
||||
self.ptr_try_get_alloc_id(ptr, size).map_err(|offset| {
|
||||
err_ub!(DanglingIntPointer {
|
||||
addr: offset,
|
||||
// We don't know the actually required size.
|
||||
inbounds_size: Size::ZERO,
|
||||
inbounds_size: size,
|
||||
msg: CheckInAllocMsg::InboundsTest
|
||||
})
|
||||
.into()
|
||||
|
|
|
@ -13,10 +13,9 @@ use rustc_target::abi::{Abi, Align, HasDataLayout, Size};
|
|||
use tracing::{instrument, trace};
|
||||
|
||||
use super::{
|
||||
alloc_range, mir_assign_valid_types, throw_ub, AllocRef, AllocRefMut, CheckAlignMsg,
|
||||
CtfeProvenance, ImmTy, Immediate, InterpCx, InterpResult, Machine, MemoryKind, Misalignment,
|
||||
OffsetMode, OpTy, Operand, Pointer, PointerArithmetic, Projectable, Provenance, Readable,
|
||||
Scalar,
|
||||
alloc_range, mir_assign_valid_types, AllocRef, AllocRefMut, CheckAlignMsg, CtfeProvenance,
|
||||
ImmTy, Immediate, InterpCx, InterpResult, Machine, MemoryKind, Misalignment, OffsetMode, OpTy,
|
||||
Operand, Pointer, Projectable, Provenance, Readable, Scalar,
|
||||
};
|
||||
|
||||
#[derive(Copy, Clone, Hash, PartialEq, Eq, Debug)]
|
||||
|
@ -85,9 +84,6 @@ impl<Prov: Provenance> MemPlace<Prov> {
|
|||
!meta.has_meta() || self.meta.has_meta(),
|
||||
"cannot use `offset_with_meta` to add metadata to a place"
|
||||
);
|
||||
if offset > ecx.data_layout().max_size_of_val() {
|
||||
throw_ub!(PointerArithOverflow);
|
||||
}
|
||||
let ptr = match mode {
|
||||
OffsetMode::Inbounds => {
|
||||
ecx.ptr_offset_inbounds(self.ptr, offset.bytes().try_into().unwrap())?
|
||||
|
|
|
@ -455,7 +455,7 @@ impl<'rt, 'tcx, M: Machine<'tcx>> ValidityVisitor<'rt, 'tcx, M> {
|
|||
};
|
||||
// Proceed recursively even for ZST, no reason to skip them!
|
||||
// `!` is a ZST and we want to validate it.
|
||||
if let Ok((alloc_id, _offset, _prov)) = self.ecx.ptr_try_get_alloc_id(place.ptr()) {
|
||||
if let Ok((alloc_id, _offset, _prov)) = self.ecx.ptr_try_get_alloc_id(place.ptr(), 0) {
|
||||
let mut skip_recursive_check = false;
|
||||
if let Some(GlobalAlloc::Static(did)) = self.ecx.tcx.try_get_global_alloc(alloc_id)
|
||||
{
|
||||
|
|
|
@ -334,14 +334,15 @@ pub enum UndefinedBehaviorInfo<'tcx> {
|
|||
alloc_size: Size,
|
||||
ptr_offset: i64,
|
||||
/// The size of the memory range that was expected to be in-bounds.
|
||||
inbounds_size: Size,
|
||||
inbounds_size: i64,
|
||||
msg: CheckInAllocMsg,
|
||||
},
|
||||
/// Using an integer as a pointer in the wrong way.
|
||||
DanglingIntPointer {
|
||||
addr: u64,
|
||||
/// The size of the memory range that was expected to be in-bounds (or 0 if we don't know).
|
||||
inbounds_size: Size,
|
||||
/// The size of the memory range that was expected to be in-bounds (or 0 if we need an
|
||||
/// allocation but not any actual memory there, e.g. for function pointers).
|
||||
inbounds_size: i64,
|
||||
msg: CheckInAllocMsg,
|
||||
},
|
||||
/// Used a pointer with bad alignment.
|
||||
|
|
|
@ -181,12 +181,9 @@ impl Provenance for CtfeProvenance {
|
|||
fn fmt(ptr: &Pointer<Self>, f: &mut fmt::Formatter<'_>) -> fmt::Result {
|
||||
// Print AllocId.
|
||||
fmt::Debug::fmt(&ptr.provenance.alloc_id(), f)?; // propagates `alternate` flag
|
||||
// Print offset only if it is non-zero. Print it signed.
|
||||
let signed_offset = ptr.offset.bytes() as i64;
|
||||
if signed_offset > 0 {
|
||||
write!(f, "+{:#x}", signed_offset)?;
|
||||
} else if signed_offset < 0 {
|
||||
write!(f, "-{:#x}", signed_offset.unsigned_abs())?;
|
||||
// Print offset only if it is non-zero.
|
||||
if ptr.offset.bytes() > 0 {
|
||||
write!(f, "+{:#x}", ptr.offset.bytes())?;
|
||||
}
|
||||
// Print immutable status.
|
||||
if ptr.provenance.immutable() {
|
||||
|
|
|
@ -105,15 +105,17 @@ impl<'tcx> EvalContextExtPriv<'tcx> for crate::MiriInterpCx<'tcx> {}
|
|||
trait EvalContextExtPriv<'tcx>: crate::MiriInterpCxExt<'tcx> {
|
||||
// Returns the exposed `AllocId` that corresponds to the specified addr,
|
||||
// or `None` if the addr is out of bounds
|
||||
fn alloc_id_from_addr(&self, addr: u64) -> Option<AllocId> {
|
||||
fn alloc_id_from_addr(&self, addr: u64, size: i64) -> Option<AllocId> {
|
||||
let ecx = self.eval_context_ref();
|
||||
let global_state = ecx.machine.alloc_addresses.borrow();
|
||||
assert!(global_state.provenance_mode != ProvenanceMode::Strict);
|
||||
|
||||
// We always search the allocation to the right of this address. So if the size is structly
|
||||
// negative, we have to search for `addr-1` instead.
|
||||
let addr = if size >= 0 { addr } else { addr.saturating_sub(1) };
|
||||
let pos = global_state.int_to_ptr_map.binary_search_by_key(&addr, |(addr, _)| *addr);
|
||||
|
||||
// Determine the in-bounds provenance for this pointer.
|
||||
// (This is only called on an actual access, so in-bounds is the only possible kind of provenance.)
|
||||
let alloc_id = match pos {
|
||||
Ok(pos) => Some(global_state.int_to_ptr_map[pos].1),
|
||||
Err(0) => None,
|
||||
|
@ -318,7 +320,11 @@ pub trait EvalContextExt<'tcx>: crate::MiriInterpCxExt<'tcx> {
|
|||
|
||||
/// When a pointer is used for a memory access, this computes where in which allocation the
|
||||
/// access is going.
|
||||
fn ptr_get_alloc(&self, ptr: interpret::Pointer<Provenance>) -> Option<(AllocId, Size)> {
|
||||
fn ptr_get_alloc(
|
||||
&self,
|
||||
ptr: interpret::Pointer<Provenance>,
|
||||
size: i64,
|
||||
) -> Option<(AllocId, Size)> {
|
||||
let ecx = self.eval_context_ref();
|
||||
|
||||
let (tag, addr) = ptr.into_parts(); // addr is absolute (Tag provenance)
|
||||
|
@ -327,7 +333,7 @@ pub trait EvalContextExt<'tcx>: crate::MiriInterpCxExt<'tcx> {
|
|||
alloc_id
|
||||
} else {
|
||||
// A wildcard pointer.
|
||||
ecx.alloc_id_from_addr(addr.bytes())?
|
||||
ecx.alloc_id_from_addr(addr.bytes(), size)?
|
||||
};
|
||||
|
||||
// This cannot fail: since we already have a pointer with that provenance, adjust_alloc_root_pointer
|
||||
|
|
|
@ -673,7 +673,7 @@ trait EvalContextPrivExt<'tcx, 'ecx>: crate::MiriInterpCxExt<'tcx> {
|
|||
// attempt to use it for a non-zero-sized access.
|
||||
// Dangling slices are a common case here; it's valid to get their length but with raw
|
||||
// pointer tagging for example all calls to get_unchecked on them are invalid.
|
||||
if let Ok((alloc_id, base_offset, orig_tag)) = this.ptr_try_get_alloc_id(place.ptr()) {
|
||||
if let Ok((alloc_id, base_offset, orig_tag)) = this.ptr_try_get_alloc_id(place.ptr(), 0) {
|
||||
log_creation(this, Some((alloc_id, base_offset, orig_tag)))?;
|
||||
// Still give it the new provenance, it got retagged after all.
|
||||
return Ok(Some(Provenance::Concrete { alloc_id, tag: new_tag }));
|
||||
|
@ -685,7 +685,7 @@ trait EvalContextPrivExt<'tcx, 'ecx>: crate::MiriInterpCxExt<'tcx> {
|
|||
}
|
||||
}
|
||||
|
||||
let (alloc_id, base_offset, orig_tag) = this.ptr_get_alloc_id(place.ptr())?;
|
||||
let (alloc_id, base_offset, orig_tag) = this.ptr_get_alloc_id(place.ptr(), 0)?;
|
||||
log_creation(this, Some((alloc_id, base_offset, orig_tag)))?;
|
||||
|
||||
trace!(
|
||||
|
|
|
@ -223,7 +223,7 @@ trait EvalContextPrivExt<'tcx>: crate::MiriInterpCxExt<'tcx> {
|
|||
};
|
||||
|
||||
trace!("Reborrow of size {:?}", ptr_size);
|
||||
let (alloc_id, base_offset, parent_prov) = match this.ptr_try_get_alloc_id(place.ptr()) {
|
||||
let (alloc_id, base_offset, parent_prov) = match this.ptr_try_get_alloc_id(place.ptr(), 0) {
|
||||
Ok(data) => {
|
||||
// Unlike SB, we *do* a proper retag for size 0 if can identify the allocation.
|
||||
// After all, the pointer may be lazily initialized outside this initial range.
|
||||
|
|
|
@ -1180,7 +1180,7 @@ trait EvalContextPrivExt<'tcx>: MiriInterpCxExt<'tcx> {
|
|||
// We avoid `get_ptr_alloc` since we do *not* want to run the access hooks -- the actual
|
||||
// access will happen later.
|
||||
let (alloc_id, _offset, _prov) = this
|
||||
.ptr_try_get_alloc_id(place.ptr())
|
||||
.ptr_try_get_alloc_id(place.ptr(), 0)
|
||||
.expect("there are no zero-sized atomic accesses");
|
||||
if this.get_alloc_mutability(alloc_id)? == Mutability::Not {
|
||||
// See if this is fine.
|
||||
|
@ -1307,7 +1307,7 @@ trait EvalContextPrivExt<'tcx>: MiriInterpCxExt<'tcx> {
|
|||
if let Some(data_race) = &this.machine.data_race {
|
||||
if data_race.race_detecting() {
|
||||
let size = place.layout.size;
|
||||
let (alloc_id, base_offset, _prov) = this.ptr_get_alloc_id(place.ptr())?;
|
||||
let (alloc_id, base_offset, _prov) = this.ptr_get_alloc_id(place.ptr(), 0)?;
|
||||
// Load and log the atomic operation.
|
||||
// Note that atomic loads are possible even from read-only allocations, so `get_alloc_extra_mut` is not an option.
|
||||
let alloc_meta = this.get_alloc_extra(alloc_id)?.data_race.as_ref().unwrap();
|
||||
|
|
|
@ -468,7 +468,7 @@ pub(super) trait EvalContextExt<'tcx>: crate::MiriInterpCxExt<'tcx> {
|
|||
init: Scalar,
|
||||
) -> InterpResult<'tcx> {
|
||||
let this = self.eval_context_mut();
|
||||
let (alloc_id, base_offset, ..) = this.ptr_get_alloc_id(place.ptr())?;
|
||||
let (alloc_id, base_offset, ..) = this.ptr_get_alloc_id(place.ptr(), 0)?;
|
||||
if let (
|
||||
crate::AllocExtra { weak_memory: Some(alloc_buffers), .. },
|
||||
crate::MiriMachine { data_race: Some(global), threads, .. },
|
||||
|
@ -495,7 +495,7 @@ pub(super) trait EvalContextExt<'tcx>: crate::MiriInterpCxExt<'tcx> {
|
|||
) -> InterpResult<'tcx, Scalar> {
|
||||
let this = self.eval_context_ref();
|
||||
if let Some(global) = &this.machine.data_race {
|
||||
let (alloc_id, base_offset, ..) = this.ptr_get_alloc_id(place.ptr())?;
|
||||
let (alloc_id, base_offset, ..) = this.ptr_get_alloc_id(place.ptr(), 0)?;
|
||||
if let Some(alloc_buffers) = this.get_alloc_extra(alloc_id)?.weak_memory.as_ref() {
|
||||
if atomic == AtomicReadOrd::SeqCst {
|
||||
global.sc_read(&this.machine.threads);
|
||||
|
@ -535,7 +535,7 @@ pub(super) trait EvalContextExt<'tcx>: crate::MiriInterpCxExt<'tcx> {
|
|||
init: Scalar,
|
||||
) -> InterpResult<'tcx> {
|
||||
let this = self.eval_context_mut();
|
||||
let (alloc_id, base_offset, ..) = this.ptr_get_alloc_id(dest.ptr())?;
|
||||
let (alloc_id, base_offset, ..) = this.ptr_get_alloc_id(dest.ptr(), 0)?;
|
||||
if let (
|
||||
crate::AllocExtra { weak_memory: Some(alloc_buffers), .. },
|
||||
crate::MiriMachine { data_race: Some(global), threads, .. },
|
||||
|
@ -585,7 +585,7 @@ pub(super) trait EvalContextExt<'tcx>: crate::MiriInterpCxExt<'tcx> {
|
|||
global.sc_read(&this.machine.threads);
|
||||
}
|
||||
let size = place.layout.size;
|
||||
let (alloc_id, base_offset, ..) = this.ptr_get_alloc_id(place.ptr())?;
|
||||
let (alloc_id, base_offset, ..) = this.ptr_get_alloc_id(place.ptr(), 0)?;
|
||||
if let Some(alloc_buffers) = this.get_alloc_extra(alloc_id)?.weak_memory.as_ref() {
|
||||
let buffer = alloc_buffers
|
||||
.get_or_create_store_buffer(alloc_range(base_offset, size), init)?;
|
||||
|
|
|
@ -1198,19 +1198,23 @@ impl<'tcx> Machine<'tcx> for MiriMachine<'tcx> {
|
|||
}
|
||||
}
|
||||
|
||||
/// Convert a pointer with provenance into an allocation-offset pair,
|
||||
/// or a `None` with an absolute address if that conversion is not possible.
|
||||
/// Convert a pointer with provenance into an allocation-offset pair and extra provenance info.
|
||||
/// `size` says how many bytes of memory are expected at that pointer. The *sign* of `size` can
|
||||
/// be used to disambiguate situations where a wildcard pointer sits right in between two
|
||||
/// allocations.
|
||||
///
|
||||
/// This is called when a pointer is about to be used for memory access,
|
||||
/// an in-bounds check, or anything else that requires knowing which allocation it points to.
|
||||
/// If `ptr.provenance.get_alloc_id()` is `Some(p)`, the returned `AllocId` must be `p`.
|
||||
/// The resulting `AllocId` will just be used for that one step and the forgotten again
|
||||
/// (i.e., we'll never turn the data returned here back into a `Pointer` that might be
|
||||
/// stored in machine state).
|
||||
///
|
||||
/// When this fails, that means the pointer does not point to a live allocation.
|
||||
fn ptr_get_alloc(
|
||||
ecx: &MiriInterpCx<'tcx>,
|
||||
ptr: StrictPointer,
|
||||
size: i64,
|
||||
) -> Option<(AllocId, Size, Self::ProvenanceExtra)> {
|
||||
let rel = ecx.ptr_get_alloc(ptr);
|
||||
let rel = ecx.ptr_get_alloc(ptr, size);
|
||||
|
||||
rel.map(|(alloc_id, size)| {
|
||||
let tag = match ptr.provenance {
|
||||
|
|
|
@ -116,7 +116,7 @@ pub trait EvalContextExt<'tcx>: crate::MiriInterpCxExt<'tcx> {
|
|||
|
||||
let ptr = this.read_pointer(ptr)?;
|
||||
// Take apart the pointer, we need its pieces. The offset encodes the span.
|
||||
let (alloc_id, offset, _prov) = this.ptr_get_alloc_id(ptr)?;
|
||||
let (alloc_id, offset, _prov) = this.ptr_get_alloc_id(ptr, 0)?;
|
||||
|
||||
// This has to be an actual global fn ptr, not a dlsym function.
|
||||
let fn_instance = if let Some(GlobalAlloc::Function { instance, .. }) =
|
||||
|
|
|
@ -278,7 +278,7 @@ trait EvalContextExtPriv<'tcx>: crate::MiriInterpCxExt<'tcx> {
|
|||
"miri_get_alloc_id" => {
|
||||
let [ptr] = this.check_shim(abi, Abi::Rust, link_name, args)?;
|
||||
let ptr = this.read_pointer(ptr)?;
|
||||
let (alloc_id, _, _) = this.ptr_get_alloc_id(ptr).map_err(|_e| {
|
||||
let (alloc_id, _, _) = this.ptr_get_alloc_id(ptr, 0).map_err(|_e| {
|
||||
err_machine_stop!(TerminationInfo::Abort(format!(
|
||||
"pointer passed to `miri_get_alloc_id` must not be dangling, got {ptr:?}"
|
||||
)))
|
||||
|
@ -311,7 +311,7 @@ trait EvalContextExtPriv<'tcx>: crate::MiriInterpCxExt<'tcx> {
|
|||
"miri_static_root" => {
|
||||
let [ptr] = this.check_shim(abi, Abi::Rust, link_name, args)?;
|
||||
let ptr = this.read_pointer(ptr)?;
|
||||
let (alloc_id, offset, _) = this.ptr_get_alloc_id(ptr)?;
|
||||
let (alloc_id, offset, _) = this.ptr_get_alloc_id(ptr, 0)?;
|
||||
if offset != Size::ZERO {
|
||||
throw_unsup_format!(
|
||||
"pointer passed to `miri_static_root` must point to beginning of an allocated block"
|
||||
|
@ -392,7 +392,7 @@ trait EvalContextExtPriv<'tcx>: crate::MiriInterpCxExt<'tcx> {
|
|||
"`miri_promise_symbolic_alignment`: pointer is not actually aligned"
|
||||
);
|
||||
}
|
||||
if let Ok((alloc_id, offset, ..)) = this.ptr_try_get_alloc_id(ptr) {
|
||||
if let Ok((alloc_id, offset, ..)) = this.ptr_try_get_alloc_id(ptr, 0) {
|
||||
let (_size, alloc_align, _kind) = this.get_alloc_info(alloc_id);
|
||||
// If the newly promised alignment is bigger than the native alignment of this
|
||||
// allocation, and bigger than the previously promised alignment, then set it.
|
||||
|
@ -584,8 +584,8 @@ trait EvalContextExtPriv<'tcx>: crate::MiriInterpCxExt<'tcx> {
|
|||
let n = Size::from_bytes(this.read_target_usize(n)?);
|
||||
|
||||
// C requires that this must always be a valid pointer (C18 §7.1.4).
|
||||
this.ptr_get_alloc_id(left)?;
|
||||
this.ptr_get_alloc_id(right)?;
|
||||
this.ptr_get_alloc_id(left, 0)?;
|
||||
this.ptr_get_alloc_id(right, 0)?;
|
||||
|
||||
let result = {
|
||||
let left_bytes = this.read_bytes_ptr_strip_provenance(left, n)?;
|
||||
|
@ -612,7 +612,7 @@ trait EvalContextExtPriv<'tcx>: crate::MiriInterpCxExt<'tcx> {
|
|||
let val = val as u8;
|
||||
|
||||
// C requires that this must always be a valid pointer (C18 §7.1.4).
|
||||
this.ptr_get_alloc_id(ptr)?;
|
||||
this.ptr_get_alloc_id(ptr, 0)?;
|
||||
|
||||
if let Some(idx) = this
|
||||
.read_bytes_ptr_strip_provenance(ptr, Size::from_bytes(num))?
|
||||
|
@ -639,7 +639,7 @@ trait EvalContextExtPriv<'tcx>: crate::MiriInterpCxExt<'tcx> {
|
|||
let val = val as u8;
|
||||
|
||||
// C requires that this must always be a valid pointer (C18 §7.1.4).
|
||||
this.ptr_get_alloc_id(ptr)?;
|
||||
this.ptr_get_alloc_id(ptr, 0)?;
|
||||
|
||||
let idx = this
|
||||
.read_bytes_ptr_strip_provenance(ptr, Size::from_bytes(num))?
|
||||
|
@ -681,8 +681,8 @@ trait EvalContextExtPriv<'tcx>: crate::MiriInterpCxExt<'tcx> {
|
|||
|
||||
// C requires that this must always be a valid pointer, even if `n` is zero, so we better check that.
|
||||
// (This is more than Rust requires, so `mem_copy` is not sufficient.)
|
||||
this.ptr_get_alloc_id(ptr_dest)?;
|
||||
this.ptr_get_alloc_id(ptr_src)?;
|
||||
this.ptr_get_alloc_id(ptr_dest, 0)?;
|
||||
this.ptr_get_alloc_id(ptr_src, 0)?;
|
||||
|
||||
this.mem_copy(ptr_src, ptr_dest, Size::from_bytes(n), true)?;
|
||||
this.write_pointer(ptr_dest, dest)?;
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
error: Undefined Behavior: memory access failed: expected a pointer to 129 bytes of memory, but got ALLOC and there are only 128 bytes starting at that pointer
|
||||
error: Undefined Behavior: memory access failed: expected a pointer to 129 bytes of memory, but got ALLOC which is only 128 bytes from the end of the allocation
|
||||
--> $DIR/affinity.rs:LL:CC
|
||||
|
|
||||
LL | let err = unsafe { sched_setaffinity(PID, size_of::<cpu_set_t>() + 1, &cpuset) };
|
||||
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ memory access failed: expected a pointer to 129 bytes of memory, but got ALLOC and there are only 128 bytes starting at that pointer
|
||||
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ memory access failed: expected a pointer to 129 bytes of memory, but got ALLOC which is only 128 bytes from the end of the allocation
|
||||
|
|
||||
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
|
||||
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
error: Undefined Behavior: out-of-bounds pointer use: expected a pointer to 4 bytes of memory, but got ALLOC and there are only 2 bytes starting at that pointer
|
||||
error: Undefined Behavior: out-of-bounds pointer use: expected a pointer to 4 bytes of memory, but got ALLOC which is only 2 bytes from the end of the allocation
|
||||
--> RUSTLIB/alloc/src/boxed.rs:LL:CC
|
||||
|
|
||||
LL | Box(unsafe { Unique::new_unchecked(raw) }, alloc)
|
||||
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ out-of-bounds pointer use: expected a pointer to 4 bytes of memory, but got ALLOC and there are only 2 bytes starting at that pointer
|
||||
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ out-of-bounds pointer use: expected a pointer to 4 bytes of memory, but got ALLOC which is only 2 bytes from the end of the allocation
|
||||
|
|
||||
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
|
||||
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
error: Undefined Behavior: out-of-bounds pointer use: expected a pointer to 4 bytes of memory, but got ALLOC and there are only 2 bytes starting at that pointer
|
||||
error: Undefined Behavior: out-of-bounds pointer use: expected a pointer to 4 bytes of memory, but got ALLOC which is only 2 bytes from the end of the allocation
|
||||
--> RUSTLIB/alloc/src/boxed.rs:LL:CC
|
||||
|
|
||||
LL | Box(unsafe { Unique::new_unchecked(raw) }, alloc)
|
||||
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ out-of-bounds pointer use: expected a pointer to 4 bytes of memory, but got ALLOC and there are only 2 bytes starting at that pointer
|
||||
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ out-of-bounds pointer use: expected a pointer to 4 bytes of memory, but got ALLOC which is only 2 bytes from the end of the allocation
|
||||
|
|
||||
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
|
||||
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
error: Undefined Behavior: out-of-bounds pointer arithmetic: expected a pointer to 8 bytes of memory, but got ALLOC and there are only 4 bytes starting at that pointer
|
||||
error: Undefined Behavior: out-of-bounds pointer arithmetic: expected a pointer to 8 bytes of memory, but got ALLOC which is only 4 bytes from the end of the allocation
|
||||
--> $DIR/out_of_bounds_project.rs:LL:CC
|
||||
|
|
||||
LL | let _field = addr_of!((*ptr).2);
|
||||
| ^^^^^^^^^^^^^^^^^^ out-of-bounds pointer arithmetic: expected a pointer to 8 bytes of memory, but got ALLOC and there are only 4 bytes starting at that pointer
|
||||
| ^^^^^^^^^^^^^^^^^^ out-of-bounds pointer arithmetic: expected a pointer to 8 bytes of memory, but got ALLOC which is only 4 bytes from the end of the allocation
|
||||
|
|
||||
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
|
||||
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
error: Undefined Behavior: out-of-bounds pointer arithmetic: expected a pointer to 5 bytes of memory, but got ALLOC and there are only 4 bytes starting at that pointer
|
||||
error: Undefined Behavior: out-of-bounds pointer arithmetic: expected a pointer to 5 bytes of memory, but got ALLOC which is only 4 bytes from the end of the allocation
|
||||
--> $DIR/out_of_bounds_ptr_1.rs:LL:CC
|
||||
|
|
||||
LL | let x = unsafe { x.offset(5) };
|
||||
| ^^^^^^^^^^^ out-of-bounds pointer arithmetic: expected a pointer to 5 bytes of memory, but got ALLOC and there are only 4 bytes starting at that pointer
|
||||
| ^^^^^^^^^^^ out-of-bounds pointer arithmetic: expected a pointer to 5 bytes of memory, but got ALLOC which is only 4 bytes from the end of the allocation
|
||||
|
|
||||
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
|
||||
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
fn main() {
|
||||
let v = [0i8; 4];
|
||||
let x = &v as *const i8;
|
||||
let x = unsafe { x.offset(-1) }; //~ERROR: expected a pointer to 1 byte of memory
|
||||
let x = unsafe { x.offset(-1) }; //~ERROR: expected a pointer to the end of 1 byte of memory
|
||||
panic!("this should never print: {:?}", x);
|
||||
}
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
error: Undefined Behavior: out-of-bounds pointer arithmetic: expected a pointer to 1 byte of memory, but got ALLOC-0x1 which points to before the beginning of the allocation
|
||||
error: Undefined Behavior: out-of-bounds pointer arithmetic: expected a pointer to the end of 1 byte of memory, but got ALLOC which is at the beginning of the allocation
|
||||
--> $DIR/out_of_bounds_ptr_3.rs:LL:CC
|
||||
|
|
||||
LL | let x = unsafe { x.offset(-1) };
|
||||
| ^^^^^^^^^^^^ out-of-bounds pointer arithmetic: expected a pointer to 1 byte of memory, but got ALLOC-0x1 which points to before the beginning of the allocation
|
||||
| ^^^^^^^^^^^^ out-of-bounds pointer arithmetic: expected a pointer to the end of 1 byte of memory, but got ALLOC which is at the beginning of the allocation
|
||||
|
|
||||
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
|
||||
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
error: Undefined Behavior: out-of-bounds `offset_from`: expected a pointer to 1 byte of memory, but got 0xa[noalloc] which is a dangling pointer (it has no provenance)
|
||||
error: Undefined Behavior: out-of-bounds `offset_from` origin: expected a pointer to the end of 1 byte of memory, but got 0xb[noalloc] which is a dangling pointer (it has no provenance)
|
||||
--> $DIR/ptr_offset_from_different_ints.rs:LL:CC
|
||||
|
|
||||
LL | let _ = p1.byte_offset_from(p2);
|
||||
| ^^^^^^^^^^^^^^^^^^^^^^^ out-of-bounds `offset_from`: expected a pointer to 1 byte of memory, but got 0xa[noalloc] which is a dangling pointer (it has no provenance)
|
||||
| ^^^^^^^^^^^^^^^^^^^^^^^ out-of-bounds `offset_from` origin: expected a pointer to the end of 1 byte of memory, but got 0xb[noalloc] which is a dangling pointer (it has no provenance)
|
||||
|
|
||||
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
|
||||
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information
|
||||
|
|
|
@ -118,7 +118,7 @@ LL | pub static R1: &[()] = unsafe { from_ptr_range(ptr::null()..ptr::null()) };
|
|||
error[E0080]: could not evaluate static initializer
|
||||
--> $SRC_DIR/core/src/ptr/const_ptr.rs:LL:COL
|
||||
|
|
||||
= note: out-of-bounds pointer arithmetic: expected a pointer to 8 bytes of memory, but got ALLOC10 and there are only 4 bytes starting at that pointer
|
||||
= note: out-of-bounds pointer arithmetic: expected a pointer to 8 bytes of memory, but got ALLOC10 which is only 4 bytes from the end of the allocation
|
||||
|
|
||||
note: inside `std::ptr::const_ptr::<impl *const u32>::add`
|
||||
--> $SRC_DIR/core/src/ptr/const_ptr.rs:LL:COL
|
||||
|
@ -177,7 +177,7 @@ LL | pub static R7: &[u16] = unsafe {
|
|||
error[E0080]: could not evaluate static initializer
|
||||
--> $SRC_DIR/core/src/ptr/const_ptr.rs:LL:COL
|
||||
|
|
||||
= note: out-of-bounds pointer arithmetic: expected a pointer to 8 bytes of memory, but got ALLOC11+0x1 and there are only 7 bytes starting at that pointer
|
||||
= note: out-of-bounds pointer arithmetic: expected a pointer to 8 bytes of memory, but got ALLOC11+0x1 which is only 7 bytes from the end of the allocation
|
||||
|
|
||||
note: inside `std::ptr::const_ptr::<impl *const u64>::add`
|
||||
--> $SRC_DIR/core/src/ptr/const_ptr.rs:LL:COL
|
||||
|
|
|
@ -20,13 +20,13 @@ error[E0080]: evaluation of constant value failed
|
|||
--> $DIR/const-compare-bytes-ub.rs:22:9
|
||||
|
|
||||
LL | compare_bytes([1, 2, 3].as_ptr(), [1, 2, 3, 4].as_ptr(), 4)
|
||||
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ memory access failed: expected a pointer to 4 bytes of memory, but got ALLOC0 and there are only 3 bytes starting at that pointer
|
||||
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ memory access failed: expected a pointer to 4 bytes of memory, but got ALLOC0 which is only 3 bytes from the end of the allocation
|
||||
|
||||
error[E0080]: evaluation of constant value failed
|
||||
--> $DIR/const-compare-bytes-ub.rs:26:9
|
||||
|
|
||||
LL | compare_bytes([1, 2, 3, 4].as_ptr(), [1, 2, 3].as_ptr(), 4)
|
||||
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ memory access failed: expected a pointer to 4 bytes of memory, but got ALLOC1 and there are only 3 bytes starting at that pointer
|
||||
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ memory access failed: expected a pointer to 4 bytes of memory, but got ALLOC1 which is only 3 bytes from the end of the allocation
|
||||
|
||||
error[E0080]: evaluation of constant value failed
|
||||
--> $DIR/const-compare-bytes-ub.rs:30:9
|
||||
|
|
|
@ -35,7 +35,7 @@ error[E0080]: evaluation of constant value failed
|
|||
--> $DIR/raw-pointer-ub.rs:41:16
|
||||
|
|
||||
LL | let _val = *ptr;
|
||||
| ^^^^ memory access failed: expected a pointer to 8 bytes of memory, but got ALLOC0 and there are only 4 bytes starting at that pointer
|
||||
| ^^^^ memory access failed: expected a pointer to 8 bytes of memory, but got ALLOC0 which is only 4 bytes from the end of the allocation
|
||||
|
||||
error: aborting due to 5 previous errors
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ error[E0080]: evaluation of constant value failed
|
|||
--> $DIR/ub-nonnull.rs:20:29
|
||||
|
|
||||
LL | let out_of_bounds_ptr = &ptr[255];
|
||||
| ^^^^^^^^^ out-of-bounds pointer arithmetic: expected a pointer to 255 bytes of memory, but got ALLOC1 and there are only 1 bytes starting at that pointer
|
||||
| ^^^^^^^^^ out-of-bounds pointer arithmetic: expected a pointer to 255 bytes of memory, but got ALLOC1 which is only 1 byte from the end of the allocation
|
||||
|
||||
error[E0080]: it is undefined behavior to use this value
|
||||
--> $DIR/ub-nonnull.rs:24:1
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
//@ normalize-stderr-test: "to \d+ bytes of memory" -> "to $$BYTES bytes of memory"
|
||||
//@ normalize-stderr-test: "\d+ bytes" -> "$$BYTES bytes"
|
||||
#![feature(const_ptr_sub_ptr)]
|
||||
#![feature(core_intrinsics)]
|
||||
|
||||
|
@ -55,7 +55,7 @@ const OUT_OF_BOUNDS_2: isize = {
|
|||
let end_ptr = (start_ptr).wrapping_add(length);
|
||||
// Second ptr is out of bounds
|
||||
unsafe { ptr_offset_from(start_ptr, end_ptr) } //~ERROR evaluation of constant value failed
|
||||
//~| expected a pointer to 10 bytes of memory
|
||||
//~| expected a pointer to the end of 10 bytes of memory
|
||||
};
|
||||
|
||||
pub const DIFFERENT_ALLOC_UNSIGNED: usize = {
|
||||
|
|
|
@ -27,19 +27,19 @@ error[E0080]: evaluation of constant value failed
|
|||
--> $DIR/offset_from_ub.rs:39:14
|
||||
|
|
||||
LL | unsafe { ptr_offset_from(ptr2, ptr1) }
|
||||
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^ out-of-bounds `offset_from`: expected a pointer to $BYTES bytes of memory, but got 0x8[noalloc] which is a dangling pointer (it has no provenance)
|
||||
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^ out-of-bounds `offset_from` origin: expected a pointer to $BYTES bytes of memory, but got 0x8[noalloc] which is a dangling pointer (it has no provenance)
|
||||
|
||||
error[E0080]: evaluation of constant value failed
|
||||
--> $DIR/offset_from_ub.rs:48:14
|
||||
|
|
||||
LL | unsafe { ptr_offset_from(end_ptr, start_ptr) }
|
||||
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ out-of-bounds `offset_from`: expected a pointer to $BYTES bytes of memory, but got ALLOC0 and there are only 4 bytes starting at that pointer
|
||||
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ out-of-bounds `offset_from` origin: expected a pointer to $BYTES bytes of memory, but got ALLOC0 which is only $BYTES bytes from the end of the allocation
|
||||
|
||||
error[E0080]: evaluation of constant value failed
|
||||
--> $DIR/offset_from_ub.rs:57:14
|
||||
|
|
||||
LL | unsafe { ptr_offset_from(start_ptr, end_ptr) }
|
||||
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ out-of-bounds `offset_from`: expected a pointer to $BYTES bytes of memory, but got ALLOC1 and there are only 4 bytes starting at that pointer
|
||||
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ out-of-bounds `offset_from` origin: expected a pointer to the end of $BYTES bytes of memory, but got ALLOC1+0xa which does not have enough space to the beginning of the allocation
|
||||
|
||||
error[E0080]: evaluation of constant value failed
|
||||
--> $DIR/offset_from_ub.rs:66:14
|
||||
|
@ -80,7 +80,7 @@ LL | unsafe { ptr_offset_from_unsigned(ptr2, ptr1) }
|
|||
error[E0080]: evaluation of constant value failed
|
||||
--> $SRC_DIR/core/src/ptr/const_ptr.rs:LL:COL
|
||||
|
|
||||
= note: out-of-bounds `offset_from`: expected a pointer to $BYTES bytes of memory, but got a null pointer
|
||||
= note: out-of-bounds `offset_from` origin: expected a pointer to $BYTES bytes of memory, but got a null pointer
|
||||
|
|
||||
note: inside `std::ptr::const_ptr::<impl *const u8>::offset_from`
|
||||
--> $SRC_DIR/core/src/ptr/const_ptr.rs:LL:COL
|
||||
|
|
|
@ -2,7 +2,7 @@ use std::ptr;
|
|||
|
||||
//@ normalize-stderr-test: "0xf+" -> "0xf..f"
|
||||
//@ normalize-stderr-test: "0x7f+" -> "0x7f..f"
|
||||
//@ normalize-stderr-test: "to \d+ bytes of memory" -> "to $$BYTES bytes of memory"
|
||||
//@ normalize-stderr-test: "\d+ bytes" -> "$$BYTES bytes"
|
||||
|
||||
|
||||
pub const BEFORE_START: *const u8 = unsafe { (&0u8 as *const u8).offset(-1) }; //~NOTE
|
||||
|
|
|
@ -14,7 +14,7 @@ LL | pub const BEFORE_START: *const u8 = unsafe { (&0u8 as *const u8).offset(-1)
|
|||
error[E0080]: evaluation of constant value failed
|
||||
--> $SRC_DIR/core/src/ptr/const_ptr.rs:LL:COL
|
||||
|
|
||||
= note: out-of-bounds pointer arithmetic: expected a pointer to $BYTES bytes of memory, but got ALLOC0 and there are only 1 bytes starting at that pointer
|
||||
= note: out-of-bounds pointer arithmetic: expected a pointer to $BYTES bytes of memory, but got ALLOC0 which is only 1 byte from the end of the allocation
|
||||
|
|
||||
note: inside `std::ptr::const_ptr::<impl *const u8>::offset`
|
||||
--> $SRC_DIR/core/src/ptr/const_ptr.rs:LL:COL
|
||||
|
@ -27,7 +27,7 @@ LL | pub const AFTER_END: *const u8 = unsafe { (&0u8 as *const u8).offset(2) };
|
|||
error[E0080]: evaluation of constant value failed
|
||||
--> $SRC_DIR/core/src/ptr/const_ptr.rs:LL:COL
|
||||
|
|
||||
= note: out-of-bounds pointer arithmetic: expected a pointer to $BYTES bytes of memory, but got ALLOC1 and there are only 100 bytes starting at that pointer
|
||||
= note: out-of-bounds pointer arithmetic: expected a pointer to $BYTES bytes of memory, but got ALLOC1 which is only $BYTES bytes from the end of the allocation
|
||||
|
|
||||
note: inside `std::ptr::const_ptr::<impl *const u8>::offset`
|
||||
--> $SRC_DIR/core/src/ptr/const_ptr.rs:LL:COL
|
||||
|
@ -92,7 +92,7 @@ LL | pub const UNDERFLOW_ADDRESS_SPACE: *const u8 = unsafe { (1 as *const u8).of
|
|||
error[E0080]: evaluation of constant value failed
|
||||
--> $SRC_DIR/core/src/ptr/const_ptr.rs:LL:COL
|
||||
|
|
||||
= note: out-of-bounds pointer arithmetic: expected a pointer to $BYTES bytes of memory, but got ALLOC2-0x4 which points to before the beginning of the allocation
|
||||
= note: out-of-bounds pointer arithmetic: expected a pointer to the end of $BYTES bytes of memory, but got ALLOC2-0x2 which points to before the beginning of the allocation
|
||||
|
|
||||
note: inside `std::ptr::const_ptr::<impl *const u8>::offset`
|
||||
--> $SRC_DIR/core/src/ptr/const_ptr.rs:LL:COL
|
||||
|
@ -105,7 +105,7 @@ LL | pub const NEGATIVE_OFFSET: *const u8 = unsafe { [0u8; 1].as_ptr().wrapping_
|
|||
error[E0080]: evaluation of constant value failed
|
||||
--> $SRC_DIR/core/src/ptr/const_ptr.rs:LL:COL
|
||||
|
|
||||
= note: out-of-bounds pointer arithmetic: expected a pointer to 1 byte of memory, but got ALLOC3 which is at or beyond the end of the allocation of size 0 bytes
|
||||
= note: out-of-bounds pointer arithmetic: expected a pointer to 1 byte of memory, but got ALLOC3 which is at or beyond the end of the allocation of size $BYTES bytes
|
||||
|
|
||||
note: inside `std::ptr::const_ptr::<impl *const u8>::offset`
|
||||
--> $SRC_DIR/core/src/ptr/const_ptr.rs:LL:COL
|
||||
|
@ -131,7 +131,7 @@ LL | pub const DANGLING: *const u8 = unsafe { ptr::NonNull::<u8>::dangling().as_
|
|||
error[E0080]: evaluation of constant value failed
|
||||
--> $SRC_DIR/core/src/ptr/const_ptr.rs:LL:COL
|
||||
|
|
||||
= note: out-of-bounds pointer arithmetic: expected a pointer to $BYTES bytes of memory, but got 0x7f..f[noalloc] which is a dangling pointer (it has no provenance)
|
||||
= note: out-of-bounds pointer arithmetic: expected a pointer to the end of $BYTES bytes of memory, but got 0xf..f[noalloc] which is a dangling pointer (it has no provenance)
|
||||
|
|
||||
note: inside `std::ptr::const_ptr::<impl *const u8>::offset`
|
||||
--> $SRC_DIR/core/src/ptr/const_ptr.rs:LL:COL
|
||||
|
|
Loading…
Add table
Reference in a new issue