X-Git-Url: https://git.lizzy.rs/?a=blobdiff_plain;f=src%2Fintptrcast.rs;h=188ff94861bdd194a223f092f5c24149c276b725;hb=9949d9e417ff563c3cf7fbadb3ae6d865ab08c53;hp=5797895c54f809b888ad9615bd2f4269794cec7e;hpb=3525943794d2fee5b8a55c1a7bd27afceea317e6;p=rust.git

diff --git a/src/intptrcast.rs b/src/intptrcast.rs
index 5797895c54f..188ff94861b 100644
--- a/src/intptrcast.rs
+++ b/src/intptrcast.rs
@@ -1,14 +1,14 @@
 use std::cell::RefCell;
-use std::collections::{HashMap, hash_map::Entry};
 use std::cmp::max;
+use std::collections::hash_map::Entry;
 
+use log::trace;
 use rand::Rng;
 
-use rustc::ty::layout::HasDataLayout;
-use rustc_mir::interpret::{AllocId, Pointer, InterpResult, Memory, AllocCheck, PointerArithmetic};
-use rustc_target::abi::Size;
+use rustc_data_structures::fx::FxHashMap;
+use rustc_target::abi::{Size, HasDataLayout};
 
-use crate::{Evaluator, Tag, STACK_ADDR};
+use crate::*;
 
 pub type MemoryExtra = RefCell<GlobalState>;
 
@@ -21,7 +21,7 @@ pub struct GlobalState {
     /// `AllocExtra` because function pointers also have a base address, and
     /// they do not have an `AllocExtra`.
     /// This is the inverse of `int_to_ptr_map`.
-    pub base_addr: HashMap<AllocId, u64>,
+    pub base_addr: FxHashMap<AllocId, u64>,
     /// This is used as a memory address when a new pointer is casted to an integer. It
     /// is always larger than any address that was previously made part of a block.
     pub next_base_addr: u64,
@@ -31,7 +31,7 @@ impl Default for GlobalState {
     fn default() -> Self {
         GlobalState {
             int_to_ptr_map: Vec::default(),
-            base_addr: HashMap::default(),
+            base_addr: FxHashMap::default(),
             next_base_addr: STACK_ADDR,
         }
     }
@@ -40,18 +40,21 @@ fn default() -> Self {
 impl<'mir, 'tcx> GlobalState {
     pub fn int_to_ptr(
         int: u64,
-        memory: &Memory<'mir, 'tcx, Evaluator<'tcx>>,
+        memory: &Memory<'mir, 'tcx, Evaluator<'mir, 'tcx>>,
     ) -> InterpResult<'tcx, Pointer<Tag>> {
         let global_state = memory.extra.intptrcast.borrow();
-        
-        match global_state.int_to_ptr_map.binary_search_by_key(&int, |(addr, _)| *addr) {
+        let pos = global_state.int_to_ptr_map.binary_search_by_key(&int, |(addr, _)| *addr);
+
+        // The int must be in-bounds after being cast to a pointer, so we error
+        // with `CheckInAllocMsg::InboundsTest`.
+        Ok(match pos {
             Ok(pos) => {
                 let (_, alloc_id) = global_state.int_to_ptr_map[pos];
                 // `int` is equal to the starting address for an allocation, the offset should be
                 // zero. The pointer is untagged because it was created from a cast
-                Ok(Pointer::new_with_tag(alloc_id, Size::from_bytes(0), Tag::Untagged))
-            },
-            Err(0) => err!(DanglingPointerDeref), 
+                Pointer::new_with_tag(alloc_id, Size::from_bytes(0), Tag::Untagged)
+            }
+            Err(0) => throw_ub!(DanglingIntPointer(int, CheckInAllocMsg::InboundsTest)),
             Err(pos) => {
                 // This is the largest of the adresses smaller than `int`,
                 // i.e. the greatest lower bound (glb)
@@ -59,57 +62,63 @@ pub fn int_to_ptr(
                 // This never overflows because `int >= glb`
                 let offset = int - glb;
                 // If the offset exceeds the size of the allocation, this access is illegal
-                if offset <= memory.get(alloc_id)?.bytes.len() as u64 {
+                if offset <= memory.get_size_and_align(alloc_id, AllocCheck::MaybeDead)?.0.bytes() {
                     // This pointer is untagged because it was created from a cast
-                    Ok(Pointer::new_with_tag(alloc_id, Size::from_bytes(offset), Tag::Untagged))
+                    Pointer::new_with_tag(alloc_id, Size::from_bytes(offset), Tag::Untagged)
                 } else {
-                    err!(DanglingPointerDeref)
-                } 
+                    throw_ub!(DanglingIntPointer(int, CheckInAllocMsg::InboundsTest))
+                }
             }
-        }
+        })
     }
 
     pub fn ptr_to_int(
         ptr: Pointer<Tag>,
-        memory: &Memory<'mir, 'tcx, Evaluator<'tcx>>,
+        memory: &Memory<'mir, 'tcx, Evaluator<'mir, 'tcx>>,
     ) -> InterpResult<'tcx, u64> {
         let mut global_state = memory.extra.intptrcast.borrow_mut();
         let global_state = &mut *global_state;
+        let id = ptr.alloc_id;
 
         // There is nothing wrong with a raw pointer being cast to an integer only after
         // it became dangling.  Hence `MaybeDead`.
-        let (size, align) = memory.get_size_and_align(ptr.alloc_id, AllocCheck::MaybeDead)?;
+        let (size, align) = memory.get_size_and_align(id, AllocCheck::MaybeDead)?;
 
-        let base_addr = match global_state.base_addr.entry(ptr.alloc_id) {
+        let base_addr = match global_state.base_addr.entry(id) {
             Entry::Occupied(entry) => *entry.get(),
             Entry::Vacant(entry) => {
                 // This allocation does not have a base address yet, pick one.
                 // Leave some space to the previous allocation, to give it some chance to be less aligned.
                 let slack = {
-                    let mut rng = memory.extra.rng.as_ref().unwrap().borrow_mut();
+                    let mut rng = memory.extra.rng.borrow_mut();
                     // This means that `(global_state.next_base_addr + slack) % 16` is uniformly distributed.
                     rng.gen_range(0, 16)
                 };
                 // From next_base_addr + slack, round up to adjust for alignment.
-                let base_addr = Self::align_addr(global_state.next_base_addr + slack, align.bytes());
+                let base_addr = global_state.next_base_addr.checked_add(slack).unwrap();
+                let base_addr = Self::align_addr(base_addr, align.bytes());
                 entry.insert(base_addr);
                 trace!(
                     "Assigning base address {:#x} to allocation {:?} (slack: {}, align: {})",
-                    base_addr, ptr.alloc_id, slack, align.bytes(),
+                    base_addr,
+                    id,
+                    slack,
+                    align.bytes(),
                 );
 
                 // Remember next base address.  If this allocation is zero-sized, leave a gap
                 // of at least 1 to avoid two allocations having the same base address.
-                global_state.next_base_addr = base_addr + max(size.bytes(), 1);
+                global_state.next_base_addr = base_addr.checked_add(max(size.bytes(), 1)).unwrap();
                 // Given that `next_base_addr` increases in each allocation, pushing the
                 // corresponding tuple keeps `int_to_ptr_map` sorted
-                global_state.int_to_ptr_map.push((base_addr, ptr.alloc_id)); 
+                global_state.int_to_ptr_map.push((base_addr, id));
 
                 base_addr
             }
         };
 
-        debug_assert_eq!(base_addr % align.bytes(), 0); // sanity check
+        // Sanity check that the base address is aligned.
+        debug_assert_eq!(base_addr % align.bytes(), 0);
         // Add offset with the right kind of pointer-overflowing arithmetic.
         let dl = memory.data_layout();
         Ok(dl.overflowing_offset(base_addr, ptr.offset.bytes()).0)
@@ -120,7 +129,7 @@ pub fn ptr_to_int(
     fn align_addr(addr: u64, align: u64) -> u64 {
         match addr % align {
             0 => addr,
-            rem => addr + align - rem
+            rem => addr.checked_add(align).unwrap() - rem,
         }
     }
 }