Skip to content

Commit

Permalink
Auto merge of #1853 - RalfJung:negative-offsets, r=RalfJung
Browse files Browse the repository at this point in the history
better errors for negative out-of-bounds offsets

This is the Miri side of rust-lang/rust#87224
  • Loading branch information
bors committed Jul 20, 2021
2 parents 37974e6 + 6328677 commit e2872a3
Show file tree
Hide file tree
Showing 3 changed files with 13 additions and 6 deletions.
2 changes: 1 addition & 1 deletion rust-version
Original file line number Diff line number Diff line change
@@ -1 +1 @@
a72c360a30f9a8160e4f40340cecc9b1ce979cd7
718d53b0cb7dde93499cb92950d60b412f5a3d05
10 changes: 5 additions & 5 deletions src/stacked_borrows.rs
Original file line number Diff line number Diff line change
Expand Up @@ -623,14 +623,14 @@ trait EvalContextPrivExt<'mir, 'tcx: 'mir>: crate::MiriEvalContextExt<'mir, 'tcx
let orig_tag = ptr.provenance.sb;

// Ensure we bail out if the pointer goes out-of-bounds (see miri#1050).
let (allocation_size, _) =
let (alloc_size, _) =
this.memory.get_size_and_align(alloc_id, AllocCheck::Dereferenceable)?;
if base_offset + size > allocation_size {
if base_offset + size > alloc_size {
throw_ub!(PointerOutOfBounds {
alloc_id,
offset: base_offset,
size,
allocation_size,
alloc_size,
ptr_offset: this.machine_usize_to_isize(base_offset.bytes()),
ptr_size: size,
msg: CheckInAllocMsg::InboundsTest
});
}
Expand Down
7 changes: 7 additions & 0 deletions tests/compile-fail/intrinsics/out_of_bounds_ptr_3.rs
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
// error-pattern: pointer to 1 byte starting at offset -1 is out-of-bounds
fn main() {
let v = [0i8; 4];
let x = &v as *const i8;
let x = unsafe { x.offset(-1) };
panic!("this should never print: {:?}", x);
}

0 comments on commit e2872a3

Please sign in to comment.