Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Miri: Check that a ptr is aligned and inbounds already when evaluating `*` #63075

Merged
merged 7 commits into from Aug 15, 2019

Conversation

@RalfJung
Copy link
Member

commented Jul 28, 2019

This syncs Miri with what the Nomicon and the Reference say, and resolves rust-lang/miri#447.

Also this would not have worked without #62982 due to new cycles. ;)

r? @oli-obk

@RalfJung RalfJung changed the title Check that a ptr is aligned and inbounds already when evaluating `*` Miri: Check that a ptr is aligned and inbounds already when evaluating `*` Jul 28, 2019

@RalfJung

This comment has been minimized.

Copy link
Member Author

commented Jul 28, 2019

See rust-lang/miri#863 for what this does with the Miri test suite.

@rust-highfive

This comment was marked as resolved.

Copy link
Collaborator

commented Jul 28, 2019

The job x86_64-gnu-llvm-6.0 of your PR failed (raw log). Through arcane magic we have determined that the following fragments from the build log may contain information about the problem.

Click to expand the log.
2019-07-28T10:32:09.1969185Z ##[command]git remote add origin https://github.com/rust-lang/rust
2019-07-28T10:32:09.2171136Z ##[command]git config gc.auto 0
2019-07-28T10:32:09.2239819Z ##[command]git config --get-all http.https://github.com/rust-lang/rust.extraheader
2019-07-28T10:32:09.2285797Z ##[command]git config --get-all http.proxy
2019-07-28T10:32:09.2419883Z ##[command]git -c http.extraheader="AUTHORIZATION: basic ***" fetch --force --tags --prune --progress --no-recurse-submodules --depth=2 origin +refs/heads/*:refs/remotes/origin/* +refs/pull/63075/merge:refs/remotes/pull/63075/merge
---
2019-07-28T10:32:43.4644887Z do so (now or later) by using -b with the checkout command again. Example:
2019-07-28T10:32:43.4644996Z 
2019-07-28T10:32:43.4645395Z   git checkout -b <new-branch-name>
2019-07-28T10:32:43.4645429Z 
2019-07-28T10:32:43.4651055Z HEAD is now at 713a6d267 Merge 3677c5be56168508fea082e1651c774e34600ca8 into 9a239ef4ded03d155c72b68b5a2dd7aff013e141
2019-07-28T10:32:43.4814927Z ##[section]Starting: Collect CPU-usage statistics in the background
2019-07-28T10:32:43.4817925Z ==============================================================================
2019-07-28T10:32:43.4818005Z Task         : Bash
2019-07-28T10:32:43.4818058Z Description  : Run a Bash script on macOS, Linux, or Windows
---
2019-07-28T11:34:34.3265090Z ........................................F........................................................... 1400/8798
2019-07-28T11:34:40.2725241Z .................................................................................................... 1500/8798
2019-07-28T11:34:53.0998088Z .............................................................i...............i...................... 1600/8798
2019-07-28T11:35:01.0463441Z .................................................................................................... 1700/8798
2019-07-28T11:35:15.9124612Z ...............................................iiiii................................................ 1800/8798
2019-07-28T11:35:27.3163624Z .................................................................................................... 2000/8798
2019-07-28T11:35:29.9733238Z .................................................................................................... 2100/8798
2019-07-28T11:35:33.9946110Z .................................................................................................... 2200/8798
2019-07-28T11:35:41.2462624Z .................................................................................................... 2300/8798
---
2019-07-28T11:39:29.7443622Z .................................................................................................... 5200/8798
2019-07-28T11:39:40.7045545Z ...................................................................................................i 5300/8798
2019-07-28T11:39:48.8983783Z .................................................................................................... 5400/8798
2019-07-28T11:39:54.0710793Z .................................................................................................... 5500/8798
2019-07-28T11:40:05.9025998Z ............................................................................................ii...i.. 5600/8798
2019-07-28T11:40:21.5972451Z ii...........i...................................................................................... 5700/8798
2019-07-28T11:40:35.1826536Z .................................................................................................... 5900/8798
2019-07-28T11:40:35.1826536Z .................................................................................................... 5900/8798
2019-07-28T11:40:40.0122295Z ............................................................................................i..ii... 6000/8798
2019-07-28T11:41:11.3057445Z .................................................................................................... 6200/8798
2019-07-28T11:41:13.5530439Z ...................................i................................................................ 6300/8798
2019-07-28T11:41:15.6923628Z .................................................................................................... 6400/8798
2019-07-28T11:41:18.0487799Z ....i............................................................................................... 6500/8798
---
2019-07-28T11:45:21.8911626Z 
2019-07-28T11:45:21.8912568Z ---- [ui] ui/consts/const-eval/ub-nonnull.rs stdout ----
2019-07-28T11:45:21.8913025Z diff of stderr:
2019-07-28T11:45:21.8913086Z 
2019-07-28T11:45:21.8913858Z 7    = note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rust compiler repository if you believe it should not be considered undefined behavior
2019-07-28T11:45:21.8914007Z 9 error[E0080]: it is undefined behavior to use this value
2019-07-28T11:45:21.8914267Z -   --> $DIR/ub-nonnull.rs:14:1
2019-07-28T11:45:21.8914498Z -    |
2019-07-28T11:45:21.8914498Z -    |
2019-07-28T11:45:21.8914746Z - LL | / const OUT_OF_BOUNDS_PTR: NonNull<u8> = { unsafe {
2019-07-28T11:45:21.8914953Z - LL | |
2019-07-28T11:45:21.8915230Z - LL | |     let ptr: &(u8, u8, u8) = mem::transmute(&0u8); // &0 gets promoted so it does not dangle
2019-07-28T11:45:21.8915640Z - LL | |     let out_of_bounds_ptr = &ptr.2; // use address-of-field for pointer arithmetic
2019-07-28T11:45:21.8916084Z - LL | |     mem::transmute(out_of_bounds_ptr)
2019-07-28T11:45:21.8916250Z - LL | | } };
2019-07-28T11:45:21.8916553Z -    | |____^ type validation failed: encountered a potentially NULL pointer, but expected something that cannot possibly fail to be greater or equal to 1
2019-07-28T11:45:21.8916721Z -    |
2019-07-28T11:45:21.8917059Z -    = note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rust compiler repository if you believe it should not be considered undefined behavior
2019-07-28T11:45:21.8917462Z - error[E0080]: it is undefined behavior to use this value
2019-07-28T11:45:21.8917663Z 23   --> $DIR/ub-nonnull.rs:21:1
2019-07-28T11:45:21.8917720Z 24    |
2019-07-28T11:45:21.8917720Z 24    |
2019-07-28T11:45:21.8917761Z 25 LL | const NULL_U8: NonZeroU8 = unsafe { mem::transmute(0u8) };
2019-07-28T11:45:21.8917839Z 59    |
2019-07-28T11:45:21.8917839Z 59    |
2019-07-28T11:45:21.8918183Z 60    = note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rust compiler repository if you believe it should not be considered undefined behavior
2019-07-28T11:45:21.8918528Z - error: aborting due to 7 previous errors
2019-07-28T11:45:21.8918572Z + error: aborting due to 6 previous errors
2019-07-28T11:45:21.8918608Z 63 
2019-07-28T11:45:21.8918848Z 64 For more information about this error, try `rustc --explain E0080`.
2019-07-28T11:45:21.8918848Z 64 For more information about this error, try `rustc --explain E0080`.
2019-07-28T11:45:21.8918888Z 65 
2019-07-28T11:45:21.8918912Z 
2019-07-28T11:45:21.8918934Z 
2019-07-28T11:45:21.8919156Z The actual stderr differed from the expected stderr.
2019-07-28T11:45:21.8919472Z Actual stderr saved to /checkout/obj/build/x86_64-unknown-linux-gnu/test/ui/consts/const-eval/ub-nonnull/ub-nonnull.stderr
2019-07-28T11:45:21.8919814Z To update references, rerun the tests and pass the `--bless` flag
2019-07-28T11:45:21.8920098Z To only update this specific test, also pass `--test-args consts/const-eval/ub-nonnull.rs`
2019-07-28T11:45:21.8920172Z error: 1 errors occurred comparing output.
2019-07-28T11:45:21.8920230Z status: exit code: 1
2019-07-28T11:45:21.8920230Z status: exit code: 1
2019-07-28T11:45:21.8921210Z command: "/checkout/obj/build/x86_64-unknown-linux-gnu/stage2/bin/rustc" "/checkout/src/test/ui/consts/const-eval/ub-nonnull.rs" "-Zthreads=1" "--target=x86_64-unknown-linux-gnu" "--error-format" "json" "-Zui-testing" "-C" "prefer-dynamic" "--out-dir" "/checkout/obj/build/x86_64-unknown-linux-gnu/test/ui/consts/const-eval/ub-nonnull" "-Crpath" "-O" "-Cdebuginfo=0" "-Zunstable-options" "-Lnative=/checkout/obj/build/x86_64-unknown-linux-gnu/native/rust-test-helpers" "-L" "/checkout/obj/build/x86_64-unknown-linux-gnu/test/ui/consts/const-eval/ub-nonnull/auxiliary" "-A" "unused"
2019-07-28T11:45:21.8921546Z ------------------------------------------
2019-07-28T11:45:21.8921578Z 
2019-07-28T11:45:21.8921802Z ------------------------------------------
2019-07-28T11:45:21.8921846Z stderr:
2019-07-28T11:45:21.8921846Z stderr:
2019-07-28T11:45:21.8922048Z ------------------------------------------
2019-07-28T11:45:21.8922095Z error[E0080]: it is undefined behavior to use this value
2019-07-28T11:45:21.8922837Z   --> /checkout/src/test/ui/consts/const-eval/ub-nonnull.rs:11:1
2019-07-28T11:45:21.8922900Z    |
2019-07-28T11:45:21.8922948Z LL | const NULL_PTR: NonNull<u8> = unsafe { mem::transmute(0usize) };
2019-07-28T11:45:21.8923028Z    | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ type validation failed: encountered 0, but expected something greater or equal to 1
2019-07-28T11:45:21.8923081Z    |
2019-07-28T11:45:21.8923505Z    = note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rust compiler repository if you believe it should not be considered undefined behavior
2019-07-28T11:45:21.8923611Z error[E0080]: it is undefined behavior to use this value
2019-07-28T11:45:21.8923878Z   --> /checkout/src/test/ui/consts/const-eval/ub-nonnull.rs:21:1
2019-07-28T11:45:21.8923930Z    |
2019-07-28T11:45:21.8923930Z    |
2019-07-28T11:45:21.8923978Z LL | const NULL_U8: NonZeroU8 = unsafe { mem::transmute(0u8) };
2019-07-28T11:45:21.8924055Z    | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ type validation failed: encountered 0, but expected something greater or equal to 1
2019-07-28T11:45:21.8924107Z    |
2019-07-28T11:45:21.8924504Z    = note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rust compiler repository if you believe it should not be considered undefined behavior
2019-07-28T11:45:21.8924621Z error[E0080]: it is undefined behavior to use this value
2019-07-28T11:45:21.8924878Z   --> /checkout/src/test/ui/consts/const-eval/ub-nonnull.rs:23:1
2019-07-28T11:45:21.8924945Z    |
2019-07-28T11:45:21.8924945Z    |
2019-07-28T11:45:21.8924994Z LL | const NULL_USIZE: NonZeroUsize = unsafe { mem::transmute(0usize) };
2019-07-28T11:45:21.8925055Z    | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ type validation failed: encountered 0, but expected something greater or equal to 1
2019-07-28T11:45:21.8925124Z    |
2019-07-28T11:45:21.8925507Z    = note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rust compiler repository if you believe it should not be considered undefined behavior
2019-07-28T11:45:21.8925731Z error[E0080]: it is undefined behavior to use this value
2019-07-28T11:45:21.8926061Z   --> /checkout/src/test/ui/consts/const-eval/ub-nonnull.rs:30:1
2019-07-28T11:45:21.8926133Z    |
2019-07-28T11:45:21.8926133Z    |
2019-07-28T11:45:21.8926175Z LL | const UNINIT: NonZeroU8 = unsafe { Transmute { uninit: () }.out };
2019-07-28T11:45:21.8926291Z    | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ type validation failed: encountered uninitialized bytes, but expected something greater or equal to 1
2019-07-28T11:45:21.8926355Z    |
2019-07-28T11:45:21.8926725Z    = note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rust compiler repository if you believe it should not be considered undefined behavior
2019-07-28T11:45:21.8926824Z error[E0080]: it is undefined behavior to use this value
2019-07-28T11:45:21.8927038Z   --> /checkout/src/test/ui/consts/const-eval/ub-nonnull.rs:38:1
2019-07-28T11:45:21.8927081Z    |
2019-07-28T11:45:21.8927081Z    |
2019-07-28T11:45:21.8927141Z LL | const BAD_RANGE1: RestrictedRange1 = unsafe { RestrictedRange1(42) };
2019-07-28T11:45:21.8927203Z    | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ type validation failed: encountered 42, but expected something in the range 10..=30
2019-07-28T11:45:21.8927271Z    |
2019-07-28T11:45:21.8927613Z    = note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rust compiler repository if you believe it should not be considered undefined behavior
2019-07-28T11:45:21.8927710Z error[E0080]: it is undefined behavior to use this value
2019-07-28T11:45:21.8927922Z   --> /checkout/src/test/ui/consts/const-eval/ub-nonnull.rs:44:1
2019-07-28T11:45:21.8927966Z    |
2019-07-28T11:45:21.8927966Z    |
2019-07-28T11:45:21.8928024Z LL | const BAD_RANGE2: RestrictedRange2 = unsafe { RestrictedRange2(20) };
2019-07-28T11:45:21.8928081Z    | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ type validation failed: encountered 20, but expected something less or equal to 10, or greater or equal to 30
2019-07-28T11:45:21.8928135Z    |
2019-07-28T11:45:21.8928609Z    = note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rust compiler repository if you believe it should not be considered undefined behavior
2019-07-28T11:45:21.8928701Z error: aborting due to 6 previous errors
2019-07-28T11:45:21.8928748Z 
2019-07-28T11:45:21.8928978Z For more information about this error, try `rustc --explain E0080`.
2019-07-28T11:45:21.8929011Z 
---
2019-07-28T11:45:21.8966109Z thread 'main' panicked at 'Some tests failed', src/tools/compiletest/src/main.rs:534:22
2019-07-28T11:45:21.8966206Z note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace.
2019-07-28T11:45:21.8980195Z 
2019-07-28T11:45:21.8980291Z 
2019-07-28T11:45:21.8995360Z command did not execute successfully: "/checkout/obj/build/x86_64-unknown-linux-gnu/stage0-tools-bin/compiletest" "--compile-lib-path" "/checkout/obj/build/x86_64-unknown-linux-gnu/stage2/lib" "--run-lib-path" "/checkout/obj/build/x86_64-unknown-linux-gnu/stage2/lib/rustlib/x86_64-unknown-linux-gnu/lib" "--rustc-path" "/checkout/obj/build/x86_64-unknown-linux-gnu/stage2/bin/rustc" "--src-base" "/checkout/src/test/ui" "--build-base" "/checkout/obj/build/x86_64-unknown-linux-gnu/test/ui" "--stage-id" "stage2-x86_64-unknown-linux-gnu" "--mode" "ui" "--target" "x86_64-unknown-linux-gnu" "--host" "x86_64-unknown-linux-gnu" "--llvm-filecheck" "/usr/lib/llvm-6.0/bin/FileCheck" "--host-rustcflags" "-Crpath -O -Cdebuginfo=0 -Zunstable-options  -Lnative=/checkout/obj/build/x86_64-unknown-linux-gnu/native/rust-test-helpers" "--target-rustcflags" "-Crpath -O -Cdebuginfo=0 -Zunstable-options  -Lnative=/checkout/obj/build/x86_64-unknown-linux-gnu/native/rust-test-helpers" "--docck-python" "/usr/bin/python2.7" "--lldb-python" "/usr/bin/python2.7" "--gdb" "/usr/bin/gdb" "--quiet" "--llvm-version" "6.0.0\n" "--system-llvm" "--cc" "" "--cxx" "" "--cflags" "" "--llvm-components" "" "--llvm-cxxflags" "" "--adb-path" "adb" "--adb-test-dir" "/data/tmp/work" "--android-cross-path" "" "--color" "always"
2019-07-28T11:45:21.8995750Z 
2019-07-28T11:45:21.8995782Z 
2019-07-28T11:45:21.9001063Z failed to run: /checkout/obj/build/bootstrap/debug/bootstrap test
2019-07-28T11:45:21.9001154Z Build completed unsuccessfully in 1:06:06
2019-07-28T11:45:21.9001154Z Build completed unsuccessfully in 1:06:06
2019-07-28T11:45:22.6621725Z ##[error]Bash exited with code '1'.
2019-07-28T11:45:22.6669837Z ##[section]Starting: Checkout
2019-07-28T11:45:22.6671530Z ==============================================================================
2019-07-28T11:45:22.6671600Z Task         : Get sources
2019-07-28T11:45:22.6671644Z Description  : Get sources from a repository. Supports Git, TfsVC, and SVN repositories.

I'm a bot! I can only do what humans tell me to, so if this was not helpful or you have suggestions for improvements, please ping or otherwise contact @TimNN. (Feature Requests)

@RalfJung RalfJung referenced this pull request Jul 28, 2019

Open

implement intptrcast model #224

6 of 9 tasks complete
@RalfJung

This comment has been minimized.

Copy link
Member Author

commented Jul 31, 2019

@mjbshaw I just realized that this PR as-is would break your CTFE version of offset_of!. I wrote this PR purely to make Miri better in catching UB (concretely, as a reaction to this discussion, I wanted to align what Miri checks with what the Nomicon has said all along), but it turns out that this breaks your macro.

I am not sure what to do about this. On the one hand this makes this PR a breaking change, on the other hand the unsafe CTFE code that it breaks is UB and has been called out as such in the reference since forever, and on yet another hand I don't know of anything else you can currently do in CTFE to do offset_of!.

@mjbshaw

This comment has been minimized.

Copy link
Contributor

commented Jul 31, 2019

Thanks for the heads up, @RalfJung.

On the one hand this makes this PR a breaking change

I don't really see it as a breaking change (at least not the kind that break's Rust's promises). I'm relying on UB, and I know that. UB can change (including break) at any time, which I'm okay with.

I've got mixed feelings here. On the one hand, I always knew this day would come and I can't blame you/anyone for making improvements like this. On the other hand, it sucks not being able to implement offset_of!. It's been a frustrating journey. I'll try to set aside some time though to work on a magic-macro-based implementation of offset_of!.

@oli-obk

This comment has been minimized.

Copy link
Contributor

commented Jul 31, 2019

Could you use a Union to create an undef value of your type, take a reference to the field you want, make it a pointer, subtract that from the base pointer? Undef values are pretty well defined in miri

@RalfJung

This comment has been minimized.

Copy link
Member Author

commented Jul 31, 2019

use a Union to create an undef value of your type

That only works for Copy types, or you have to use MaybeUninit.

@mjbshaw

This comment has been minimized.

Copy link
Contributor

commented Jul 31, 2019

@oli-obk No. It's not possible to use a real object at all because Miri won't let you. Doing this requires:

  • #![feature(const_raw_ptr_deref)] because of the expression &(*base).field.
  • #![feature(const_raw_ptr_to_usize_cast)] to case the pointers to usize (so you can subtract them).
  • Transmuting the *const MaybeUninit<T> to *const T since MaybeUninit::as_ptr() is non-const.

But even with all of that, Miri won't let you use the offset value.

@RalfJung

This comment has been minimized.

Copy link
Member Author

commented Jul 31, 2019

Why doesn't the error say what the actual problem is...?

error: any use of this value will cause an error
     | 
    ::: <source>:13:1
     |
13   | / pub const OFFSET: usize = {
14   | |     let uninit = std::mem::MaybeUninit::<Struct>::uninit();
15   | |     let base_ptr: *const Struct = unsafe { TransmuteHack { from: &uninit }.to };
16   | |     let field_ptr = unsafe { &(*base_ptr).field as *const _ };
17   | |     let offset = unsafe { (field_ptr as usize).wrapping_sub(base_ptr as usize) };
18   | |     offset
19   | | };
     | |__-
     |
     = note: `#[deny(const_err)]` on by default

My guess is that wrapping_sub errors, the CTFE engine is not able to subtract pointers from each other. And once #62946 lands, actually the field_ptr as usize will already fail as it will try to get the raw bits of a pointer, which is not possible in CTFE.

Miri won't let you

Nit: Miri-the-tool has no issue with any of this. The problem here is the variant of the Miri engine used by CTFE.

@oli-obk

This comment has been minimized.

Copy link
Contributor

commented Jul 31, 2019

Let's make wrapping_offset_from const fn. there's no reason it isn't.

Also yea, what's up with that horrible diagnostic

@RalfJung

This comment has been minimized.

Copy link
Member Author

commented Jul 31, 2019

Let's make wrapping_offset_from const fn. there's no reason it isn't.

Uh, implementing this in general requires ptr-to-int casts... CTFE can only do this for pointers to the same object.

@oli-obk

This comment has been minimized.

Copy link
Contributor

commented Jul 31, 2019

Sure, but that's fine imo. Casting raw pointers to usize will error for non-integer values, so calling wrapping_offset_from will error for pointers into distinct allocations. Or we just support offset_from which is unsafe and states

Both the starting and other pointer must be either in bounds or one byte past the end of the same allocated object.

@RalfJung

This comment has been minimized.

Copy link
Member Author

commented Jul 31, 2019

But then I don't see how this helps...
Which implementation of offset_of! is helped by an integer-only wrapping_offset_from?

@oli-obk

This comment has been minimized.

Copy link
Contributor

commented Jul 31, 2019

Why integer-only?. wrapping_offset_from using ptr to int casts is an implementation detail. We can add an intrinsic for it.

@RalfJung

This comment has been minimized.

Copy link
Member Author

commented Jul 31, 2019

So you want to have a wrapping_offset_from that, despite being a safe function, fails for some inputs?

This is an "unconst" function. We should likely not allow calling it outside unsafe blocks in const context.

@oli-obk

This comment has been minimized.

Copy link
Contributor

commented Jul 31, 2019

Oops, sorry, I meant offset_from. We don't need the wrapping version

@RalfJung

This comment has been minimized.

Copy link
Member Author

commented Jul 31, 2019

That I guess we could do. It would have to become an intrinsic or so I suppose.

@RalfJung

This comment has been minimized.

Copy link
Member Author

commented Aug 3, 2019

@oli-obk so should we land this and then find a way to make a CTFE offset_of macro work? Or should that block landing?

@oli-obk

This comment has been minimized.

Copy link
Contributor

commented Aug 3, 2019

I almost have a PR ready, so if you aren't blocked on anything from this PR, let's wait. If you prefer to have it merged fast, then let's do that and nightly users will have to wait a few days for offset_of to work again

@RalfJung

This comment has been minimized.

Copy link
Member Author

commented Aug 3, 2019

I am not blocked, no. Just wanted to see this PR land because it closes a long-standing gap in our UB detection. ;)

@JohnTitor

This comment has been minimized.

Copy link
Member

commented Aug 11, 2019

Ping from triage: @oli-obk @RalfJung what's the state for this? Marking as S-blocked?

@RalfJung

This comment has been minimized.

Copy link
Member Author

commented Aug 11, 2019

@oli-obk I'd say after the beta-cutoff maybe we can land this even if your PR isn't ready yet? I'd like to close this gap in Miri's UB detection -- and then we have a full cycle to figure out some way to support UB-exploiting const code, if we want to.

@RalfJung

This comment has been minimized.

Copy link
Member Author

commented Aug 14, 2019

@oli-obk the beta has branched. So maybe can we land this now?

@oli-obk

This comment has been minimized.

Copy link
Contributor

commented Aug 14, 2019

@bors r+

@bors

This comment has been minimized.

Copy link
Contributor

commented Aug 14, 2019

📌 Commit 647c0e0 has been approved by oli-obk

Centril added a commit to Centril/rust that referenced this pull request Aug 14, 2019

Rollup merge of rust-lang#63075 - RalfJung:deref-checks, r=oli-obk
Miri: Check that a ptr is aligned and inbounds already when evaluating `*`

This syncs Miri with what the Nomicon and the Reference say, and resolves rust-lang/miri#447.

Also this would not have worked without rust-lang#62982 due to new cycles. ;)

r? @oli-obk

Centril added a commit to Centril/rust that referenced this pull request Aug 14, 2019

Rollup merge of rust-lang#63075 - RalfJung:deref-checks, r=oli-obk
Miri: Check that a ptr is aligned and inbounds already when evaluating `*`

This syncs Miri with what the Nomicon and the Reference say, and resolves rust-lang/miri#447.

Also this would not have worked without rust-lang#62982 due to new cycles. ;)

r? @oli-obk

bors added a commit that referenced this pull request Aug 14, 2019

Auto merge of #63557 - Centril:rollup-r1c65e7, r=Centril
Rollup of 10 pull requests

Successful merges:

 - #62984 (Add lint for excess trailing semicolons)
 - #63075 (Miri: Check that a ptr is aligned and inbounds already when evaluating `*`)
 - #63175 (rustc: implement argsfiles for command line)
 - #63490 (libsyntax: cleanup and refactor `pat.rs`)
 - #63495 ( Remove redundant `ty` fields from `mir::Constant` and `hair::pattern::PatternRange`.)
 - #63509 (Point at the right enclosing scope when using `await` in non-async fn)
 - #63528 (syntax: Remove `DummyResult::expr_only`)
 - #63534 (Bump to 1.39)
 - #63537 (expand: Unimplement `MutVisitor` on `MacroExpander`)
 - #63542 (Add NodeId for Arm, Field and FieldPat)

Failed merges:

r? @ghost

Centril added a commit to Centril/rust that referenced this pull request Aug 14, 2019

Rollup merge of rust-lang#63075 - RalfJung:deref-checks, r=oli-obk
Miri: Check that a ptr is aligned and inbounds already when evaluating `*`

This syncs Miri with what the Nomicon and the Reference say, and resolves rust-lang/miri#447.

Also this would not have worked without rust-lang#62982 due to new cycles. ;)

r? @oli-obk

bors added a commit that referenced this pull request Aug 14, 2019

Auto merge of #63563 - Centril:rollup-j9nld0c, r=Centril
Rollup of 10 pull requests

Successful merges:

 - #62984 (Add lint for excess trailing semicolons)
 - #63075 (Miri: Check that a ptr is aligned and inbounds already when evaluating `*`)
 - #63490 (libsyntax: cleanup and refactor `pat.rs`)
 - #63495 ( Remove redundant `ty` fields from `mir::Constant` and `hair::pattern::PatternRange`.)
 - #63509 (Point at the right enclosing scope when using `await` in non-async fn)
 - #63528 (syntax: Remove `DummyResult::expr_only`)
 - #63534 (Bump to 1.39)
 - #63537 (expand: Unimplement `MutVisitor` on `MacroExpander`)
 - #63542 (Add NodeId for Arm, Field and FieldPat)
 - #63560 (move test that shouldn't be in test/run-pass/)

Failed merges:

r? @ghost

Centril added a commit to Centril/rust that referenced this pull request Aug 14, 2019

Rollup merge of rust-lang#63075 - RalfJung:deref-checks, r=oli-obk
Miri: Check that a ptr is aligned and inbounds already when evaluating `*`

This syncs Miri with what the Nomicon and the Reference say, and resolves rust-lang/miri#447.

Also this would not have worked without rust-lang#62982 due to new cycles. ;)

r? @oli-obk

bors added a commit that referenced this pull request Aug 14, 2019

Auto merge of #63571 - Centril:rollup-v2rciiu, r=Centril
Rollup of 10 pull requests

Successful merges:

 - #62984 (Add lint for excess trailing semicolons)
 - #63075 (Miri: Check that a ptr is aligned and inbounds already when evaluating `*`)
 - #63490 (libsyntax: cleanup and refactor `pat.rs`)
 - #63495 ( Remove redundant `ty` fields from `mir::Constant` and `hair::pattern::PatternRange`.)
 - #63528 (syntax: Remove `DummyResult::expr_only`)
 - #63534 (Bump to 1.39)
 - #63537 (expand: Unimplement `MutVisitor` on `MacroExpander`)
 - #63542 (Add NodeId for Arm, Field and FieldPat)
 - #63560 (move test that shouldn't be in test/run-pass/)
 - #63570 (Adjust tracking issues for `MaybeUninit<T>` gates)

Failed merges:

r? @ghost

Centril added a commit to Centril/rust that referenced this pull request Aug 14, 2019

Rollup merge of rust-lang#63075 - RalfJung:deref-checks, r=oli-obk
Miri: Check that a ptr is aligned and inbounds already when evaluating `*`

This syncs Miri with what the Nomicon and the Reference say, and resolves rust-lang/miri#447.

Also this would not have worked without rust-lang#62982 due to new cycles. ;)

r? @oli-obk

bors added a commit that referenced this pull request Aug 15, 2019

Auto merge of #63575 - Centril:rollup-anlv9g5, r=Centril
Rollup of 11 pull requests

Successful merges:

 - #62984 (Add lint for excess trailing semicolons)
 - #63075 (Miri: Check that a ptr is aligned and inbounds already when evaluating `*`)
 - #63490 (libsyntax: cleanup and refactor `pat.rs`)
 - #63507 (When needing type annotations in local bindings, account for impl Trait and closures)
 - #63509 (Point at the right enclosing scope when using `await` in non-async fn)
 - #63528 (syntax: Remove `DummyResult::expr_only`)
 - #63537 (expand: Unimplement `MutVisitor` on `MacroExpander`)
 - #63542 (Add NodeId for Arm, Field and FieldPat)
 - #63543 (Merge Variant and Variant_)
 - #63560 (move test that shouldn't be in test/run-pass/)
 - #63570 (Adjust tracking issues for `MaybeUninit<T>` gates)

Failed merges:

r? @ghost

@bors bors merged commit 647c0e0 into rust-lang:master Aug 15, 2019

4 checks passed

pr Build #20190728.57 succeeded
Details
pr (Linux mingw-check) Linux mingw-check succeeded
Details
pr (Linux x86_64-gnu-llvm-6.0) Linux x86_64-gnu-llvm-6.0 succeeded
Details
pr (LinuxTools) LinuxTools succeeded
Details

bors added a commit to rust-lang/miri that referenced this pull request Aug 15, 2019

Auto merge of #863 - RalfJung:deref-checks, r=RalfJung
adjust tests for eager pointer checks on deref

The Miri side of rust-lang/rust#63075.

Fixes #447.

@RalfJung RalfJung deleted the RalfJung:deref-checks branch Aug 15, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
6 participants
You can’t perform that action at this time.