test that we check dynamic actual size of object

diff --git a/tests/compile-fail/dangling_pointers/dyn_size.rs b/tests/compile-fail/dangling_pointers/dyn_size.rs
new file mode 100644 (file)
index 0000000..c8f1ee3
--- /dev/null
+++ b/tests/compile-fail/dangling_pointers/dyn_size.rs
@@ -0,0 +1,13 @@
+// should find the bug even without these
+// compile-flags: -Zmiri-disable-validation -Zmiri-disable-stacked-borrows
+
+struct SliceWithHead(u8, [u8]);
+
+fn main() {
+    let buf = [0u32; 1];
+    // We craft a wide pointer `*const SliceWithHead` such that the unsized tail is only partially allocated.
+    // That should be UB, as the reference is not fully dereferencable.
+    let ptr: *const SliceWithHead = unsafe { std::mem::transmute((&buf, 4usize)) };
+    // Re-borrow that. This should be UB.
+    let _ptr = unsafe { &*ptr }; //~ ERROR pointer must be in-bounds at offset 5
+}

diff --git a/tests/compile-fail/unaligned_pointers/dyn_alignment.rs b/tests/compile-fail/unaligned_pointers/dyn_alignment.rs
index a8cf54edc85fe4b47a8ddb5dba83da597f0fab1d..4d0b3af0952c1eb6adb8b364e34741699fb0343e 100644 (file)
--- a/tests/compile-fail/unaligned_pointers/dyn_alignment.rs
+++ b/tests/compile-fail/unaligned_pointers/dyn_alignment.rs
@@ -12,7 +12,7 @@ fn main() {
     // We craft a wide reference `&dyn Debug` with the vtable for `MuchAlign`. That should be UB,
     // as the reference is not aligned to its dynamic alignment requirements.
     let mut ptr = &MuchAlign as &dyn std::fmt::Debug;
-    // Overwrite the data part of `ptr`.
+    // Overwrite the data part of `ptr` so it points to `buf`.
     unsafe { (&mut ptr as *mut _ as *mut *const u8).write(&buf as *const _ as *const u8); }
     // Re-borrow that. This should be UB.
     let _ptr = &*ptr; //~ ERROR accessing memory with alignment 4, but alignment 256 is required