From 9f27a13f5f620d1fcdc810b82033cee55804c3be Mon Sep 17 00:00:00 2001 From: Ralf Jung Date: Wed, 10 Mar 2021 09:21:18 +0100 Subject: [PATCH 1/2] fix copy_nonoverlapping --- compiler/rustc_mir/src/interpret/step.rs | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/compiler/rustc_mir/src/interpret/step.rs b/compiler/rustc_mir/src/interpret/step.rs index 0f365eaa41dde..2bed3b2c3adc7 100644 --- a/compiler/rustc_mir/src/interpret/step.rs +++ b/compiler/rustc_mir/src/interpret/step.rs @@ -115,11 +115,10 @@ impl<'mir, 'tcx: 'mir, M: Machine<'mir, 'tcx>> InterpCx<'mir, 'tcx, M> { } // Call CopyNonOverlapping - CopyNonOverlapping(box rustc_middle::mir::CopyNonOverlapping { dst, src, count }) => { - let count = self.eval_operand(count, None)?; - + CopyNonOverlapping(box rustc_middle::mir::CopyNonOverlapping { src, dst, count }) => { let src = self.eval_operand(src, None)?; let dst = self.eval_operand(dst, None)?; + let count = self.eval_operand(count, None)?; self.copy(&src, &dst, &count, /* nonoverlapping */ true)?; } @@ -160,16 +159,18 @@ impl<'mir, 'tcx: 'mir, M: Machine<'mir, 'tcx>> InterpCx<'mir, 'tcx, M> { let count = self.read_scalar(&count)?.to_machine_usize(self)?; let layout = self.layout_of(src.layout.ty.builtin_deref(true).unwrap().ty)?; let (size, align) = (layout.size, layout.align.abi); + let size = size.checked_mul(count, self).ok_or_else(|| { + err_ub_format!("overflow computing total size of `copy_nonoverlapping`") + })?; + + // Make sure we check both pointers for an access of the total size and aligment, + // *even if* the total size is 0. let src = self.memory.check_ptr_access(self.read_scalar(&src)?.check_init()?, size, align)?; let dst = self.memory.check_ptr_access(self.read_scalar(&dst)?.check_init()?, size, align)?; - let size = size.checked_mul(count, self).ok_or_else(|| { - err_ub_format!("overflow computing total size of `copy_nonoverlapping`") - })?; - if let (Some(src), Some(dst)) = (src, dst) { self.memory.copy(src, dst, size, nonoverlapping)?; } From 4d748624c09692c05528b7c166b2ccb9cdbdda61 Mon Sep 17 00:00:00 2001 From: Ralf Jung Date: Wed, 10 Mar 2021 10:02:39 +0100 Subject: [PATCH 2/2] add regression test --- src/test/ui/consts/copy-intrinsic.rs | 31 ++++++++++++++++++++ src/test/ui/consts/copy-intrinsic.stderr | 37 ++++++++++++++++++++++++ 2 files changed, 68 insertions(+) create mode 100644 src/test/ui/consts/copy-intrinsic.rs create mode 100644 src/test/ui/consts/copy-intrinsic.stderr diff --git a/src/test/ui/consts/copy-intrinsic.rs b/src/test/ui/consts/copy-intrinsic.rs new file mode 100644 index 0000000000000..6b46b9317d0a1 --- /dev/null +++ b/src/test/ui/consts/copy-intrinsic.rs @@ -0,0 +1,31 @@ +// ignore-tidy-linelength +#![feature(const_mut_refs, const_intrinsic_copy, const_ptr_offset)] +use std::ptr; + +const COPY_ZERO: () = unsafe { + // Since we are not copying anything, this should be allowed. + let src = (); + let mut dst = (); + ptr::copy_nonoverlapping(&src as *const _ as *const i32, &mut dst as *mut _ as *mut i32, 0); +}; + +const COPY_OOB_1: () = unsafe { + let mut x = 0i32; + let dangle = (&mut x as *mut i32).wrapping_add(10); + // Even if the first ptr is an int ptr and this is a ZST copy, we should detect dangling 2nd ptrs. + ptr::copy_nonoverlapping(0x100 as *const i32, dangle, 0); //~ ERROR any use of this value will cause an error + //~| memory access failed: pointer must be in-bounds + //~| previously accepted +}; +const COPY_OOB_2: () = unsafe { + let x = 0i32; + let dangle = (&x as *const i32).wrapping_add(10); + // Even if the second ptr is an int ptr and this is a ZST copy, we should detect dangling 1st ptrs. + ptr::copy_nonoverlapping(dangle, 0x100 as *mut i32, 0); //~ ERROR any use of this value will cause an error + //~| memory access failed: pointer must be in-bounds + //~| previously accepted +}; + + +fn main() { +} diff --git a/src/test/ui/consts/copy-intrinsic.stderr b/src/test/ui/consts/copy-intrinsic.stderr new file mode 100644 index 0000000000000..9157ba50ddeeb --- /dev/null +++ b/src/test/ui/consts/copy-intrinsic.stderr @@ -0,0 +1,37 @@ +error: any use of this value will cause an error + --> $DIR/copy-intrinsic.rs:16:5 + | +LL | / const COPY_OOB_1: () = unsafe { +LL | | let mut x = 0i32; +LL | | let dangle = (&mut x as *mut i32).wrapping_add(10); +LL | | // Even if the first ptr is an int ptr and this is a ZST copy, we should detect dangling 2nd ptrs. +LL | | ptr::copy_nonoverlapping(0x100 as *const i32, dangle, 0); + | | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ memory access failed: pointer must be in-bounds at offset 40, but is outside bounds of alloc4 which has size 4 +LL | | +LL | | +LL | | }; + | |__- + | + = note: `#[deny(const_err)]` on by default + = warning: this was previously accepted by the compiler but is being phased out; it will become a hard error in a future release! + = note: for more information, see issue #71800 + +error: any use of this value will cause an error + --> $DIR/copy-intrinsic.rs:24:5 + | +LL | / const COPY_OOB_2: () = unsafe { +LL | | let x = 0i32; +LL | | let dangle = (&x as *const i32).wrapping_add(10); +LL | | // Even if the second ptr is an int ptr and this is a ZST copy, we should detect dangling 1st ptrs. +LL | | ptr::copy_nonoverlapping(dangle, 0x100 as *mut i32, 0); + | | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ memory access failed: pointer must be in-bounds at offset 40, but is outside bounds of alloc6 which has size 4 +LL | | +LL | | +LL | | }; + | |__- + | + = warning: this was previously accepted by the compiler but is being phased out; it will become a hard error in a future release! + = note: for more information, see issue #71800 + +error: aborting due to 2 previous errors +