When reporting a heap use-after-free, say where the allocation was allocated and deallocated #2940
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Wouldn't it make more sense to point to where the allocation was freed?
|
|
The primary response to the current diagnostic is "great, now what even is alloc1234" and this change answers that question. I agree that the next question is where the allocation is deallocated, I'll add that. |
|
I see, makes sense. I guess we can do that in a future PR.
However what would make sense for this PR is to also display the allocation span for out-of-bounds accesses.
|
RalfJung
reviewed
Jun 26, 2023
RalfJung
reviewed
Jun 26, 2023
RalfJung
reviewed
Jun 26, 2023
saethlin
force-pushed
the
use-after-free-spans
branch
from
5003bed
to
58a7f9e
Compare
|
@rustbot author |
rustbot
added
the
S-waiting-on-author
|
☔ The latest upstream changes (presumably #3007) made this pull request unmergeable. Please resolve the merge conflicts. |
|
@saethlin what are your plans for this PR? An MVP of this might be to only track spans for heap allocations for now? |
|
MVP is a good idea. I'll strip this down into a heap-only MVP then probably open an issue to permit this to work for all allocations. |
saethlin
force-pushed
the
use-after-free-spans
branch
from
58a7f9e
to
07b5601
Compare
saethlin
changed the title
saethlin
removed
the
S-waiting-on-author
RalfJung
reviewed
Aug 15, 2023
src/machine.rs
Outdated
| use self::MiriMemoryKind::*; | ||
| match self { | ||
| Rust | Miri | C | Mmap => true, | ||
| Machine | Global | ExternStatic | Tls | WinHeap | Runtime => false, |
There was a problem hiding this comment.
Why is WinHeap treated different from the other heap allocations?
There was a problem hiding this comment.
I probably pulled it into the false list then never really noticed the mistake... do we have any tests that would show a use-after-free span for WinHeap? I don't think we actually do.
There was a problem hiding this comment.
I don't think we have such a test, no.
Co-authored-by: Ralf Jung <post@ralfj.de>
|
Thanks! A nice improvement. :) |
|
☀️ Test successful - checks-actions |
RalfJung
pushed a commit
to RalfJung/rust
that referenced
this pull request
Aug 17, 2023
When reporting a heap use-after-free, say where the allocation was allocated and deallocated This is a partial solution to: rust-lang/miri#2917 Currently in the interpreter, we only have accurate information for where heap allocations are allocated and deallocated (see rust-lang/miri#2940 (comment)). So this just implements support for allocations where the information is already available, and the full support will require more interpreter tweaks.
bors
added a commit
to rust-lang-ci/rust
that referenced
this pull request
Aug 25, 2023
…lfJung Record allocation spans inside force_allocation This expands rust-lang/miri#2940 to cover locals r? `@RalfJung`
github-actions bot
pushed a commit
that referenced
this pull request
Aug 26, 2023
Record allocation spans inside force_allocation This expands #2940 to cover locals r? `@RalfJung`
lnicola
pushed a commit
to lnicola/rust-analyzer
that referenced
this pull request
Apr 7, 2024
When reporting a heap use-after-free, say where the allocation was allocated and deallocated This is a partial solution to: rust-lang/miri#2917 Currently in the interpreter, we only have accurate information for where heap allocations are allocated and deallocated (see rust-lang/miri#2940 (comment)). So this just implements support for allocations where the information is already available, and the full support will require more interpreter tweaks.
RalfJung
pushed a commit
to RalfJung/rust-analyzer
that referenced
this pull request
Apr 27, 2024
When reporting a heap use-after-free, say where the allocation was allocated and deallocated This is a partial solution to: rust-lang/miri#2917 Currently in the interpreter, we only have accurate information for where heap allocations are allocated and deallocated (see rust-lang/miri#2940 (comment)). So this just implements support for allocations where the information is already available, and the full support will require more interpreter tweaks.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is a partial solution to: #2917
Currently in the interpreter, we only have accurate information for where heap allocations are allocated and deallocated (see #2940 (comment)). So this just implements support for allocations where the information is already available, and the full support will require more interpreter tweaks.