Allow testing pointers for inboundedness while forbidding dangling pointers

2018-12-19 16:26:46 +01:00 · 2018-12-19 16:26:46 +01:00 · d8ddb47fce
commit d8ddb47fce
parent 74ebf026fe
2 changed files with 6 additions and 8 deletions
--- a/src/librustc_mir/interpret/memory.rs
+++ b/src/librustc_mir/interpret/memory.rs
@ -262,7 +262,7 @@ impl<'a, 'mir, 'tcx, M: Machine<'a, 'mir, 'tcx>> Memory<'a, 'mir, 'tcx, M> {
            Scalar::Ptr(ptr) => {
                // check this is not NULL -- which we can ensure only if this is in-bounds
                // of some (potentially dead) allocation.
-                let align = self.check_bounds_ptr_maybe_dead(ptr)?;
+                let align = self.check_bounds_ptr(ptr, InboundsCheck::MaybeDead)?;
                (ptr.offset.bytes(), align)
            }
            Scalar::Bits { bits, size } => {
@ -297,17 +297,15 @@ impl<'a, 'mir, 'tcx, M: Machine<'a, 'mir, 'tcx>> Memory<'a, 'mir, 'tcx, M> {
    /// Check if the pointer is "in-bounds". Notice that a pointer pointing at the end
    /// of an allocation (i.e., at the first *inaccessible* location) *is* considered
    /// in-bounds!  This follows C's/LLVM's rules.
-    /// This function also works for deallocated allocations.
-    /// Use `.get(ptr.alloc_id)?.check_bounds_ptr(ptr)` if you want to force the allocation
-    /// to still be live.
    /// If you want to check bounds before doing a memory access, better first obtain
    /// an `Allocation` and call `check_bounds`.
-    pub fn check_bounds_ptr_maybe_dead(
+    pub fn check_bounds_ptr(
        &self,
        ptr: Pointer<M::PointerTag>,
+        liveness: InboundsCheck,
    ) -> EvalResult<'tcx, Align> {
        let (allocation_size, align) = self.get_size_and_align(ptr.alloc_id);
-        ptr.check_in_alloc(allocation_size, InboundsCheck::MaybeDead)?;
+        ptr.check_in_alloc(allocation_size, liveness)?;
        Ok(align)
    }
 }
--- a/src/librustc_mir/interpret/operand.rs
+++ b/src/librustc_mir/interpret/operand.rs
@ -17,7 +17,7 @@ use rustc::mir;
 use rustc::ty::layout::{self, Size, LayoutOf, TyLayout, HasDataLayout, IntegerExt, VariantIdx};

 use rustc::mir::interpret::{
-    GlobalId, AllocId,
+    GlobalId, AllocId, InboundsCheck,
    ConstValue, Pointer, Scalar,
    EvalResult, EvalErrorKind,
 };
@ -647,7 +647,7 @@ impl<'a, 'mir, 'tcx, M: Machine<'a, 'mir, 'tcx>> EvalContext<'a, 'mir, 'tcx, M>
                    ScalarMaybeUndef::Scalar(Scalar::Ptr(ptr)) => {
                        // The niche must be just 0 (which an inbounds pointer value never is)
                        let ptr_valid = niche_start == 0 && variants_start == variants_end &&
-                            self.memory.check_bounds_ptr_maybe_dead(ptr).is_ok();
+                            self.memory.check_bounds_ptr(ptr, InboundsCheck::MaybeDead).is_ok();
                        if !ptr_valid {
                            return err!(InvalidDiscriminant(raw_discr.erase_tag()));
                        }