-
Notifications
You must be signed in to change notification settings - Fork 356
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Auto merge of #1346 - RalfJung:dyn-layout-test, r=RalfJung
Test that we enforce dynamic layout properties (not just static ones of sized prefix)
- Loading branch information
Showing
3 changed files
with
34 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,13 @@ | ||
| // should find the bug even without these, but gets masked by optimizations | ||
| // compile-flags: -Zmiri-disable-validation -Zmiri-disable-stacked-borrows -Zmir-opt-level=0 | ||
|
|
||
| struct SliceWithHead(u8, [u8]); | ||
|
|
||
| fn main() { | ||
| let buf = [0u32; 1]; | ||
| // We craft a wide pointer `*const SliceWithHead` such that the unsized tail is only partially allocated. | ||
| // That should be UB, as the reference is not fully dereferencable. | ||
| let ptr: *const SliceWithHead = unsafe { std::mem::transmute((&buf, 4usize)) }; | ||
| // Re-borrow that. This should be UB. | ||
| let _ptr = unsafe { &*ptr }; //~ ERROR pointer must be in-bounds at offset 5 | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,19 @@ | ||
| // should find the bug even without these, but gets masked by optimizations | ||
| // compile-flags: -Zmiri-disable-validation -Zmiri-disable-stacked-borrows -Zmir-opt-level=0 | ||
|
|
||
| #[repr(align(256))] | ||
| #[derive(Debug)] | ||
| struct MuchAlign; | ||
|
|
||
| fn main() { | ||
| let buf = [0u32; 256]; | ||
| // `buf` is sufficiently aligned for `layout.align` on a `dyn Debug`, but not | ||
| // for the actual alignment required by `MuchAlign`. | ||
| // We craft a wide reference `&dyn Debug` with the vtable for `MuchAlign`. That should be UB, | ||
| // as the reference is not aligned to its dynamic alignment requirements. | ||
| let mut ptr = &MuchAlign as &dyn std::fmt::Debug; | ||
| // Overwrite the data part of `ptr` so it points to `buf`. | ||
| unsafe { (&mut ptr as *mut _ as *mut *const u8).write(&buf as *const _ as *const u8); } | ||
| // Re-borrow that. This should be UB. | ||
| let _ptr = &*ptr; //~ ERROR accessing memory with alignment 4, but alignment 256 is required | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters