Auto merge of #2195 - RalfJung:vtable-validation, r=RalfJung

test for Stacked Borrows error during vtable validation

Fixes #2123
Needs rust-lang/rust#97761

rust-version

@@ -1 +1 @@
-09d52bc5d4260bac8b9a2ea8ac7a07c5c72906f1
+99930ac7f8cbb5d9b319b2e2e92794fd6f24f556

src/diagnostics.rs

@@ -16,10 +16,9 @@ pub enum TerminationInfo {
     Exit(i64),
     Abort(String),
     UnsupportedInIsolation(String),
-    ExperimentalUb {
+    StackedBorrowsUb {
         msg: String,
         help: Option<String>,
-        url: String,
         history: Option<TagHistory>,
     },
     Deadlock,
@@ -43,7 +42,7 @@ impl fmt::Display for TerminationInfo {
             Exit(code) => write!(f, "the evaluated program completed with exit code {}", code),
             Abort(msg) => write!(f, "{}", msg),
             UnsupportedInIsolation(msg) => write!(f, "{}", msg),
-            ExperimentalUb { msg, .. } => write!(f, "{}", msg),
+            StackedBorrowsUb { msg, .. } => write!(f, "{}", msg),
             Deadlock => write!(f, "the evaluated program deadlocked"),
             MultipleSymbolDefinitions { link_name, .. } =>
                 write!(f, "multiple definitions of symbol `{}`", link_name),
@@ -146,7 +145,7 @@ pub fn report_error<'tcx, 'mir>(
                 Exit(code) => return Some(*code),
                 Abort(_) => Some("abnormal termination"),
                 UnsupportedInIsolation(_) => Some("unsupported operation"),
-                ExperimentalUb { .. } => Some("Undefined Behavior"),
+                StackedBorrowsUb { .. } => Some("Undefined Behavior"),
                 Deadlock => Some("deadlock"),
                 MultipleSymbolDefinitions { .. } | SymbolShimClashing { .. } => None,
             };
@@ -157,11 +156,12 @@ pub fn report_error<'tcx, 'mir>(
                         (None, format!("pass the flag `-Zmiri-disable-isolation` to disable isolation;")),
                         (None, format!("or pass `-Zmiri-isolation-error=warn` to configure Miri to return an error code from isolated operations (if supported for that operation) and continue with a warning")),
                     ],
-                ExperimentalUb { url, help, history, .. } => {
+                StackedBorrowsUb { help, history, .. } => {
+                    let url = "https://github.com/rust-lang/unsafe-code-guidelines/blob/master/wip/stacked-borrows.md";
                     msg.extend(help.clone());
                     let mut helps = vec![
-                        (None, format!("this indicates a potential bug in the program: it performed an invalid operation, but the rules it violated are still experimental")),
-                        (None, format!("see {} for further information", url)),
+                        (None, format!("this indicates a potential bug in the program: it performed an invalid operation, but the Stacked Borrows rules it violated are still experimental")),
+                        (None, format!("see {url} for further information")),
                     ];
                     match history {
                         Some(TagHistory::Tagged {tag, created: (created_range, created_span), invalidated, protected }) => {

src/stacked_borrows.rs

@@ -250,14 +250,7 @@ pub fn err_sb_ub<'tcx>(
     help: Option<String>,
     history: Option<TagHistory>,
 ) -> InterpError<'tcx> {
-    err_machine_stop!(TerminationInfo::ExperimentalUb {
-        msg,
-        help,
-        url: format!(
-            "https://github.com/rust-lang/unsafe-code-guidelines/blob/master/wip/stacked-borrows.md"
-        ),
-        history
-    })
+    err_machine_stop!(TerminationInfo::StackedBorrowsUb { msg, help, history })
 }
 
 // # Stacked Borrows Core Begin

tests/fail/stacked_borrows/vtable.rs

@@ -0,0 +1,19 @@
+// error-pattern: vtable pointer does not have permission
+#![feature(ptr_metadata)]
+
+trait Foo {}
+
+impl Foo for u32 {}
+
+fn uwu(thin: *const (), meta: &'static ()) -> *const dyn Foo {
+    core::ptr::from_raw_parts(thin, unsafe { core::mem::transmute(meta) })
+}
+
+fn main() {
+    unsafe {
+        let orig = 1_u32;
+        let x = &orig as &dyn Foo;
+        let (ptr, meta) = (x as *const dyn Foo).to_raw_parts();
+        let _ = uwu(ptr, core::mem::transmute(meta));
+    }
+}

tests/fail/stacked_borrows/vtable.stderr

@@ -0,0 +1,25 @@
+error: Undefined Behavior: type validation failed: encountered vtable pointer does not have permission to read drop function pointer
+  --> RUSTLIB/core/src/ptr/metadata.rs:LL:CC
+   |
+LL |     unsafe { PtrRepr { components: PtrComponents { data_address, metadata } }.const_ptr }
+   |              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ type validation failed: encountered vtable pointer does not have permission to read drop function pointer
+   |
+   = help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
+   = help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information
+
+   = note: inside `std::ptr::from_raw_parts::<dyn Foo>` at RUSTLIB/core/src/ptr/metadata.rs:LL:CC
+note: inside `uwu` at $DIR/vtable.rs:LL:CC
+  --> $DIR/vtable.rs:LL:CC
+   |
+LL |     core::ptr::from_raw_parts(thin, unsafe { core::mem::transmute(meta) })
+   |     ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+note: inside `main` at $DIR/vtable.rs:LL:CC
+  --> $DIR/vtable.rs:LL:CC
+   |
+LL |         let _ = uwu(ptr, core::mem::transmute(meta));
+   |                 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace
+
+error: aborting due to previous error
+