-
Notifications
You must be signed in to change notification settings - Fork 355
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Auto merge of #3114 - RalfJung:fn-call-tests, r=RalfJung
ensure RET assignments do not get propagated on unwinding Mostly this adds a test for rust-lang/unsafe-code-guidelines#468, and then also some other related tests I thought of while writing that test.
- Loading branch information
Showing
6 changed files
with
135 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
40 changes: 40 additions & 0 deletions
40
tests/fail/function_calls/return_pointer_aliasing2.stack.stderr
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,40 @@ | ||
error: Undefined Behavior: attempting a write access using <TAG> at ALLOC[0x0], but that tag does not exist in the borrow stack for this location | ||
--> $DIR/return_pointer_aliasing2.rs:LL:CC | ||
| | ||
LL | unsafe { ptr.write(0) }; | ||
| ^^^^^^^^^^^^ | ||
| | | ||
| attempting a write access using <TAG> at ALLOC[0x0], but that tag does not exist in the borrow stack for this location | ||
| this error occurs as part of an access at ALLOC[0x0..0x4] | ||
| | ||
= help: this indicates a potential bug in the program: it performed an invalid operation, but the Stacked Borrows rules it violated are still experimental | ||
= help: see https://github.com/rust-lang/unsafe-code-guidelines/blob/master/wip/stacked-borrows.md for further information | ||
help: <TAG> was created by a SharedReadWrite retag at offsets [0x0..0x4] | ||
--> $DIR/return_pointer_aliasing2.rs:LL:CC | ||
| | ||
LL | / mir! { | ||
LL | | { | ||
LL | | let _x = 0; | ||
LL | | let ptr = &raw mut _x; | ||
... | | ||
LL | | } | ||
LL | | } | ||
| |_____^ | ||
help: <TAG> was later invalidated at offsets [0x0..0x4] by a Unique in-place function argument/return passing protection | ||
--> $DIR/return_pointer_aliasing2.rs:LL:CC | ||
| | ||
LL | unsafe { ptr.write(0) }; | ||
| ^^^^^^^^^^^^^^^^^^^^^^^ | ||
= note: BACKTRACE (of the first span): | ||
= note: inside `myfun` at $DIR/return_pointer_aliasing2.rs:LL:CC | ||
note: inside `main` | ||
--> $DIR/return_pointer_aliasing2.rs:LL:CC | ||
| | ||
LL | Call(_x = myfun(ptr), after_call) | ||
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ | ||
= note: this error originates in the macro `::core::intrinsics::mir::__internal_remove_let` which comes from the expansion of the macro `mir` (in Nightly builds, run with -Z macro-backtrace for more info) | ||
|
||
note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace | ||
|
||
error: aborting due to previous error | ||
|
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,55 @@ | ||
// Doesn't need an aliasing model. | ||
//@compile-flags: -Zmiri-disable-stacked-borrows | ||
#![feature(raw_ref_op)] | ||
#![feature(core_intrinsics)] | ||
#![feature(custom_mir)] | ||
|
||
use std::intrinsics::mir::*; | ||
use std::panic; | ||
|
||
#[repr(C)] | ||
struct S(i32, [u8; 128]); | ||
|
||
#[custom_mir(dialect = "runtime", phase = "optimized")] | ||
fn docall(out: &mut S) { | ||
mir! { | ||
{ | ||
Call(*out = callee(), after_call) | ||
} | ||
|
||
after_call = { | ||
Return() | ||
} | ||
} | ||
} | ||
|
||
fn startpanic() -> () { | ||
panic!() | ||
} | ||
|
||
#[custom_mir(dialect = "runtime", phase = "optimized")] | ||
fn callee() -> S { | ||
mir! { | ||
type RET = S; | ||
let _unit: (); | ||
{ | ||
// We test whether changes done to RET before unwinding | ||
// become visible to the outside. In codegen we can see them | ||
// but Miri should detect this as UB! | ||
RET.0 = 42; | ||
Call(_unit = startpanic(), after_call) | ||
} | ||
|
||
after_call = { | ||
Return() | ||
} | ||
} | ||
} | ||
|
||
fn main() { | ||
let mut x = S(0, [0; 128]); | ||
panic::catch_unwind(panic::AssertUnwindSafe(|| docall(&mut x))).unwrap_err(); | ||
// The return place got de-initialized before the call and assigning to RET | ||
// does not propagate if we do not reach the `Return`. | ||
dbg!(x.0); //~ERROR: uninitialized | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
thread 'main' panicked at $DIR/return_pointer_on_unwind.rs:LL:CC: | ||
explicit panic | ||
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace | ||
error: Undefined Behavior: using uninitialized data, but this operation requires initialized memory | ||
--> $DIR/return_pointer_on_unwind.rs:LL:CC | ||
| | ||
LL | dbg!(x.0); | ||
| ^^^^^^^^^ using uninitialized data, but this operation requires initialized memory | ||
| | ||
= help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior | ||
= help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information | ||
= note: BACKTRACE: | ||
= note: inside `main` at RUSTLIB/std/src/macros.rs:LL:CC | ||
= note: this error originates in the macro `dbg` (in Nightly builds, run with -Z macro-backtrace for more info) | ||
|
||
note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace | ||
|
||
error: aborting due to previous error | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters