Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Properly compare unequal function pointers #581

Closed
wants to merge 2 commits into from
Closed

Properly compare unequal function pointers #581

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
dd19264
Properly compare unequal function pointers
oli-obk Dec 19, 2018
69ef831
Merge function pointer tests
oli-obk Dec 19, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 17 additions & 5 deletions src/operator.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -143,12 +143,24 @@ impl<'a, 'mir, 'tcx> EvalContextExt<'tcx> for super::MiriEvalContext<'a, 'mir, '
// somewhat fuzzy about this case, so I think for now this check is
// "good enough".
// Dead allocations in miri cannot overlap with live allocations, but
// on read hardware this can easily happen. Thus for comparisons we require
// on real hardware this can easily happen. Thus for comparisons we require
// both pointers to be live.
self.memory().get(left.alloc_id)?.check_bounds_ptr(left)?;
self.memory().get(right.alloc_id)?.check_bounds_ptr(right)?;
// Two in-bounds pointers, we can compare across allocations
left == right

let check = |ptr: Pointer<Borrow>| match self.memory().get(ptr.alloc_id) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is not nice. :/

For once, it's not correct: A pointer into a function allocation is only in-bounds if its offset is 0.

But also, the previous behavior that memory().check_bounds would accept offset-0-size-0 pointers into function allocations was fully intended. These pointers are in-bounds. There is nothing wrong with a &() pointing to a function allocation. So I don't think fixing this here is how we want to proceed.

For example, pointer_offset_inbounds now also fails to compute a 0-offset on a function pointer. This affects every user of the old check_bounds method that was converted to memory().get.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I can reintroduce the check_bounds method on Memory

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah I think that would make most sense.

Ok(alloc) => alloc.check_bounds_ptr(ptr),
// Function pointers just compare to false
Err(EvalError { kind: EvalErrorKind::DerefFunctionPointer, .. }) => Ok(()),
Err(err) => Err(err),
};

// Check bounds
check(left)?;
check(right)?;

// The above is only done to emit errors in case of oob pointers.
// We already know the pointers can't be equal
// by their alloc ids not being equal.
false
}
}
// Comparing ptr and integer
Expand Down
1 change: 1 addition & 0 deletions tests/run-pass/function_pointers.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,4 +44,5 @@ fn main() {
let g = f as fn() -> i32;
assert!(return_fn_ptr(g) == g);
assert!(return_fn_ptr(g) as unsafe fn() -> i32 == g as fn() -> i32 as unsafe fn() -> i32);
assert!(return_fn_ptr(f) != f);
}