adjust tests

tests/fail/copy_half_a_pointer.rs

@@ -0,0 +1,20 @@
+#![allow(dead_code)]
+
+// We use packed structs to get around alignment restrictions
+#[repr(packed)]
+struct Data {
+ pad: u8,
+ ptr: &'static i32,
+}
+
+static G: i32 = 0;
+
+fn main() {
+ let mut d = Data { pad: 0, ptr: &G };
+
+ // Get a pointer to the beginning of the Data struct (one u8 byte, then the pointer bytes).
+ let d_alias = &mut d as *mut _ as *mut *const u8;
+ unsafe {
+ let _x = d_alias.read_unaligned(); //~ERROR: unable to copy parts of a pointer
+ }
+}

tests/fail/copy_half_a_pointer.stderr

@@ -0,0 +1,14 @@
+error: unsupported operation: unable to copy parts of a pointer from memory at ALLOC+0x8
+ --> $DIR/copy_half_a_pointer.rs:LL:CC
+ |
+LL | let _x = d_alias.read_unaligned();
+ | ^^^^^^^^^^^^^^^^^^^^^^^^ unable to copy parts of a pointer from memory at ALLOC+0x8
+ |
+ = help: this is likely not a bug in the program; it indicates that the program performed an operation that the interpreter does not support
+ = note: backtrace:
+ = note: inside `main` at $DIR/copy_half_a_pointer.rs:LL:CC
+
+note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace
+
+error: aborting due to previous error
+

tests/fail/intrinsics/raw_eq_on_ptr.rs

@@ -6,6 +6,5 @@ extern "rust-intrinsic" {
 
 fn main() {
  let x = &0;
- // FIXME: the error message is not great (should be UB rather than 'unsupported')
- unsafe { raw_eq(&x, &x) }; //~ERROR: unsupported operation
+ unsafe { raw_eq(&x, &x) }; //~ERROR: `raw_eq` on bytes with provenance
 }

tests/fail/intrinsics/raw_eq_on_ptr.stderr

@@ -1,10 +1,11 @@
-error: unsupported operation: unable to turn pointer into raw bytes
+error: Undefined Behavior: `raw_eq` on bytes with provenance
  --> $DIR/raw_eq_on_ptr.rs:LL:CC
  |
 LL | unsafe { raw_eq(&x, &x) };
- | ^^^^^^^^^^^^^^ unable to turn pointer into raw bytes
+ | ^^^^^^^^^^^^^^ `raw_eq` on bytes with provenance
  |
- = help: this is likely not a bug in the program; it indicates that the program performed an operation that the interpreter does not support
+ = help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
+ = help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information
  = note: backtrace:
  = note: inside `main` at $DIR/raw_eq_on_ptr.rs:LL:CC
 

tests/fail/reading_half_a_pointer.rs

@@ -24,6 +24,7 @@ fn main() {
  // starts 1 byte to the right, so using it would actually be wrong!
  let d_alias = &mut w.data as *mut _ as *mut *const u8;
  unsafe {
- let _x = *d_alias; //~ ERROR: unable to turn pointer into raw bytes
+ let x = *d_alias;
+ let _val = *x; //~ERROR: is a dangling pointer (it has no provenance)
  }
 }

tests/fail/reading_half_a_pointer.stderr

@@ -1,10 +1,11 @@
-error: unsupported operation: unable to turn pointer into raw bytes
+error: Undefined Behavior: dereferencing pointer failed: $HEX[noalloc] is a dangling pointer (it has no provenance)
  --> $DIR/reading_half_a_pointer.rs:LL:CC
  |
-LL | let _x = *d_alias;
- | ^^^^^^^^ unable to turn pointer into raw bytes
+LL | let _val = *x;
+ |  ^^ dereferencing pointer failed: $HEX[noalloc] is a dangling pointer (it has no provenance)
  |
- = help: this is likely not a bug in the program; it indicates that the program performed an operation that the interpreter does not support
+ = help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
+ = help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information
  = note: backtrace:
  = note: inside `main` at $DIR/reading_half_a_pointer.rs:LL:CC
 

tests/pass/transmute_ptr.rs

@@ -0,0 +1,52 @@
+#![feature(strict_provenance)]
+use std::{mem, ptr};
+
+fn t1() {
+ // If we are careful, we can exploit data layout...
+ // This is a tricky case since we are transmuting a ScalarPair type to a non-ScalarPair type.
+ let raw = unsafe { mem::transmute::<&[u8], [*const u8; 2]>(&[42]) };
+ let ptr: *const u8 = unsafe { mem::transmute_copy(&raw) };
+ assert_eq!(unsafe { *ptr }, 42);
+}
+
+#[cfg(target_pointer_width = "64")]
+const PTR_SIZE: usize = 8;
+#[cfg(target_pointer_width = "32")]
+const PTR_SIZE: usize = 4;
+
+fn t2() {
+ let bad = unsafe { mem::transmute::<&[u8], [u8; 2 * PTR_SIZE]>(&[1u8]) };
+ let _val = bad[0] + bad[bad.len() - 1];
+}
+
+fn ptr_integer_array() {
+ let r = &mut 42;
+ let _i: [usize; 1] = unsafe { mem::transmute(r) };
+
+ let x: [u8; PTR_SIZE] = unsafe { mem::transmute(&0) };
+}
+
+fn ptr_in_two_halves() {
+ unsafe {
+ let ptr = &0 as *const i32;
+ let arr = [ptr; 2];
+ // We want to do a scalar read of a pointer at offset PTR_SIZE/2 into this array. But we
+ // cannot use a packed struct or `read_unaligned`, as those use the memcpy code path in
+ // Miri. So instead we shift the entire array by a bit and then the actual read we want to
+ // do is perfectly aligned.
+ let mut target_arr = [ptr::null::<i32>(); 3];
+ let target = target_arr.as_mut_ptr().cast::<u8>();
+ target.add(PTR_SIZE / 2).cast::<[*const i32; 2]>().write_unaligned(arr);
+ // Now target_arr[1] is a mix of the two `ptr` we had stored in `arr`.
+ let strange_ptr = target_arr[1];
+ // Check that the provenance works out.
+ assert_eq!(*strange_ptr.with_addr(ptr.addr()), 0);
+ }
+}
+
+fn main() {
+ t1();
+ t2();
+ ptr_integer_array();
+ ptr_in_two_halves();
+}