-
Notifications
You must be signed in to change notification settings - Fork 323
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Auto merge of #2046 - RalfJung:very-strict, r=RalfJung
make strict-provenance imply check-number-validity I feel like Miri not catching [this example](rust-lang/unsafe-code-guidelines#286 (comment)) with strict provenance checking enabled is surprising. OTOH, Miri suddenly complaining about uninit data in integers with `-Zmiri-strict-provenance` also might be surprising. Which one is more surprising? I don't know. We *could* go out of our way and have a mode where uninit integers are okay but provenance is not, but I am not sure if that is truly worth it. It'd be quite annoying to implement.
- Loading branch information
Showing
11 changed files
with
38 additions
and
9 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
// compile-flags: -Zmiri-strict-provenance | ||
#![feature(strict_provenance)] | ||
|
||
use std::mem; | ||
|
||
// This is the example from | ||
// <https://github.com/rust-lang/unsafe-code-guidelines/issues/286#issuecomment-1085144431>. | ||
|
||
unsafe fn deref(left: *const u8, right: *const u8) { | ||
let left_int: usize = mem::transmute(left); //~ERROR expected initialized plain (non-pointer) bytes | ||
let right_int: usize = mem::transmute(right); | ||
if left_int == right_int { | ||
// The compiler is allowed to replace `left_int` by `right_int` here... | ||
let left_ptr: *const u8 = mem::transmute(left_int); | ||
// ...which however means here it could be dereferencing the wrong pointer. | ||
let _val = *left_ptr; | ||
} | ||
} | ||
|
||
fn main() { | ||
let ptr1 = &0u8 as *const u8; | ||
let ptr2 = &1u8 as *const u8; | ||
unsafe { | ||
// Two pointers with the same address but different provenance. | ||
deref(ptr1, ptr2.with_addr(ptr1.addr())); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters