Auto merge of #3150 - RalfJung:undercore-match, r=RalfJung

make sure we catch UB in match place even with _ pattern Fixes https://github.com/rust-lang/miri/issues/2360
2023-10-30 07:33:31 +00:00 · 2023-10-30 07:33:31 +00:00 · de09bf55e3
commit de09bf55e3
parent 2c9baab7fd 98eb384eab
8 changed files with 87 additions and 16 deletions
--- a/src/tools/miri/tests/fail/dangling_pointers/dangling_pointer_project_underscore_let.rs
+++ b/src/tools/miri/tests/fail/dangling_pointers/dangling_pointer_project_underscore_let.rs
--- a/src/tools/miri/tests/fail/dangling_pointers/dangling_pointer_project_underscore_let.stderr
+++ b/src/tools/miri/tests/fail/dangling_pointers/dangling_pointer_project_underscore_let.stderr
@ -1,5 +1,5 @@
 error: Undefined Behavior: out-of-bounds pointer arithmetic: ALLOC has been freed, so this pointer is dangling
-  --> $DIR/dangling_pointer_project_underscore.rs:LL:CC
+  --> $DIR/dangling_pointer_project_underscore_let.rs:LL:CC
   |
 LL |         let _ = (*p).1;
   |                 ^^^^^^ out-of-bounds pointer arithmetic: ALLOC has been freed, so this pointer is dangling
@ -7,17 +7,17 @@ LL |         let _ = (*p).1;
   = help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
   = help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information
 help: ALLOC was allocated here:
-  --> $DIR/dangling_pointer_project_underscore.rs:LL:CC
+  --> $DIR/dangling_pointer_project_underscore_let.rs:LL:CC
   |
 LL |         let b = Box::new(42);
   |                 ^^^^^^^^^^^^
 help: ALLOC was deallocated here:
-  --> $DIR/dangling_pointer_project_underscore.rs:LL:CC
+  --> $DIR/dangling_pointer_project_underscore_let.rs:LL:CC
   |
 LL |     };
   |     ^
   = note: BACKTRACE (of the first span):
-   = note: inside `main` at $DIR/dangling_pointer_project_underscore.rs:LL:CC
+   = note: inside `main` at $DIR/dangling_pointer_project_underscore_let.rs:LL:CC

 note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace

--- a/src/tools/miri/tests/fail/dangling_pointers/dangling_pointer_project_underscore_let_type_annotation.rs
+++ b/src/tools/miri/tests/fail/dangling_pointers/dangling_pointer_project_underscore_let_type_annotation.rs
@ -0,0 +1,12 @@
+// Make sure we find these even with many checks disabled.
+//@compile-flags: -Zmiri-disable-alignment-check -Zmiri-disable-stacked-borrows -Zmiri-disable-validation
+
+fn main() {
+    let p = {
+        let b = Box::new(42);
+        &*b as *const i32 as *const (u8, u8, u8, u8)
+    };
+    unsafe {
+        let _: u8 = (*p).1; //~ ERROR: out-of-bounds pointer arithmetic
+    }
+}
--- a/src/tools/miri/tests/fail/dangling_pointers/dangling_pointer_project_underscore_let_type_annotation.stderr
+++ b/src/tools/miri/tests/fail/dangling_pointers/dangling_pointer_project_underscore_let_type_annotation.stderr
@ -0,0 +1,25 @@
+error: Undefined Behavior: out-of-bounds pointer arithmetic: ALLOC has been freed, so this pointer is dangling
+  --> $DIR/dangling_pointer_project_underscore_let_type_annotation.rs:LL:CC
+   |
+LL |         let _: u8 = (*p).1;
+   |                     ^^^^^^ out-of-bounds pointer arithmetic: ALLOC has been freed, so this pointer is dangling
+   |
+   = help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
+   = help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information
+help: ALLOC was allocated here:
+  --> $DIR/dangling_pointer_project_underscore_let_type_annotation.rs:LL:CC
+   |
+LL |         let b = Box::new(42);
+   |                 ^^^^^^^^^^^^
+help: ALLOC was deallocated here:
+  --> $DIR/dangling_pointer_project_underscore_let_type_annotation.rs:LL:CC
+   |
+LL |     };
+   |     ^
+   = note: BACKTRACE (of the first span):
+   = note: inside `main` at $DIR/dangling_pointer_project_underscore_let_type_annotation.rs:LL:CC
+
+note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace
+
+error: aborting due to previous error
+
--- a/src/tools/miri/tests/fail/dangling_pointers/dangling_pointer_project_underscore_match.rs
+++ b/src/tools/miri/tests/fail/dangling_pointers/dangling_pointer_project_underscore_match.rs
@ -0,0 +1,15 @@
+// Make sure we find these even with many checks disabled.
+//@compile-flags: -Zmiri-disable-alignment-check -Zmiri-disable-stacked-borrows -Zmiri-disable-validation
+
+fn main() {
+    let p = {
+        let b = Box::new(42);
+        &*b as *const i32 as *const (u8, u8, u8, u8)
+    };
+    unsafe {
+        match (*p).1 {
+            //~^ ERROR: out-of-bounds pointer arithmetic
+            _ => {}
+        }
+    }
+}
--- a/src/tools/miri/tests/fail/dangling_pointers/dangling_pointer_project_underscore_match.stderr
+++ b/src/tools/miri/tests/fail/dangling_pointers/dangling_pointer_project_underscore_match.stderr
@ -0,0 +1,25 @@
+error: Undefined Behavior: out-of-bounds pointer arithmetic: ALLOC has been freed, so this pointer is dangling
+  --> $DIR/dangling_pointer_project_underscore_match.rs:LL:CC
+   |
+LL |         match (*p).1 {
+   |               ^^^^^^ out-of-bounds pointer arithmetic: ALLOC has been freed, so this pointer is dangling
+   |
+   = help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
+   = help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information
+help: ALLOC was allocated here:
+  --> $DIR/dangling_pointer_project_underscore_match.rs:LL:CC
+   |
+LL |         let b = Box::new(42);
+   |                 ^^^^^^^^^^^^
+help: ALLOC was deallocated here:
+  --> $DIR/dangling_pointer_project_underscore_match.rs:LL:CC
+   |
+LL |     };
+   |     ^
+   = note: BACKTRACE (of the first span):
+   = note: inside `main` at $DIR/dangling_pointer_project_underscore_match.rs:LL:CC
+
+note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace
+
+error: aborting due to previous error
+
--- a/src/tools/miri/tests/pass/underscore_pattern.rs
+++ b/src/tools/miri/tests/pass/underscore_pattern.rs
@ -3,15 +3,15 @@
 use std::ptr;

 fn main() {
-    dangling_deref_match();
-    union_uninhabited_match();
+    dangling_match();
+    invalid_match();
    dangling_let();
    invalid_let();
    dangling_let_type_annotation();
    invalid_let_type_annotation();
 }

-fn dangling_deref_match() {
+fn dangling_match() {
    let p = {
        let b = Box::new(42);
        &*b as *const i32
@ -23,20 +23,15 @@ fn dangling_deref_match() {
    }
 }

-fn union_uninhabited_match() {
-    #[derive(Copy, Clone)]
-    enum Void {}
+fn invalid_match() {
    union Uninit<T: Copy> {
        value: T,
        uninit: (),
    }
    unsafe {
-        let x: Uninit<Void> = Uninit { uninit: () };
+        let x: Uninit<bool> = Uninit { uninit: () };
        match x.value {
-            // rustc warns about un unreachable pattern,
-            // but is wrong in unsafe code.
-            #[allow(unreachable_patterns)]
-            _ => println!("hi from the void!"),
+            _ => {}
        }
    }
 }
--- a/src/tools/miri/tests/pass/underscore_pattern.stdout
+++ b/src/tools/miri/tests/pass/underscore_pattern.stdout
@ -1 +0,0 @@
-hi from the void!