search

capnproto / capnproto-rust

Cap'n Proto for Rust
MIT License
2.06k stars 222 forks source link

Miri test failures #382

Closed marmeladema closed 1 year ago

marmeladema commented 1 year ago

It seems most tests are not passing under miri. At least it fails on the very first test:

$ cargo +nightly miri test                                                                                                                                                                                                       
Preparing a sysroot for Miri (target: x86_64-unknown-linux-gnu)... done                                                                                                                                                                                       
    Finished test [unoptimized + debuginfo] target(s) in 0.01s                                                                                                                                                                                                
     Running unittests src/lib.rs (target/miri/x86_64-unknown-linux-gnu/debug/deps/capnp-0b6f161a93e8d3c9)                                                                                                                                                    

running 37 tests                                                                                                                                                                                                                                              
test any_pointer::init_clears_value ... error: Undefined Behavior: attempting a write access using <196437> at alloc77913[0x8], but that tag does not exist in the borrow stack for this location                                                             
    --> capnp/src/private/layout.rs:602:67                                                                                                                                                                                                                    
     |                                                                                                                                                                                                                                                        
602  |                   Bit | Byte | TwoBytes | FourBytes | EightBytes => ptr::write_bytes(                                                                                                                                                                  
     |  ___________________________________________________________________^
603  | |                     ptr,
604  | |                     0u8,
605  | |                     BYTES_PER_WORD
...    |
609  | |                         ) as usize,
610  | |                 ),
     | |                 ^
     | |                 |
     | |_________________attempting a write access using <196437> at alloc77913[0x8], but that tag does not exist in the borrow stack for this location
     |                   this error occurs as part of an access at alloc77913[0x8..0x20]
     |
     = help: this indicates a potential bug in the program: it performed an invalid operation, but the Stacked Borrows rules it violated are still experimental
     = help: see https://github.com/rust-lang/unsafe-code-guidelines/blob/master/wip/stacked-borrows.md for further information 
help: <196437> was created by a SharedReadWrite retag at offsets [0x0..0x8]
    --> capnp/src/private/layout.rs:180:34
     |
180  |         let this_addr: *mut u8 = self as *mut _ as *mut _;
     |                                  ^^^^
     = note: BACKTRACE (of the first span):
     = note: inside `private::layout::wire_helpers::zero_object_helper` at capnp/src/private/layout.rs:602:67: 610:18
note: inside `private::layout::wire_helpers::zero_object`
    --> capnp/src/private/layout.rs:549:17
     |
549  |                 zero_object_helper(arena, segment_id, reff, (*reff).mut_target())
     |                 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
note: inside `private::layout::PointerBuilder::<'_>::clear`
    --> capnp/src/private/layout.rs:3327:13
     |
3327 |             wire_helpers::zero_object(self.arena, self.segment_id, self.pointer);
     |             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
note: inside `<any_pointer::Builder<'_> as traits::FromPointerBuilder<'_>>::init_pointer`
    --> capnp/src/any_pointer.rs:181:13
     |
181  |             builder.clear();
     |             ^^^^^^^^^^^^^^^
note: inside `any_pointer::Builder::<'_>::init_as::<any_pointer::Builder<'_>>`
    --> capnp/src/any_pointer.rs:150:9
     |
150  |         FromPointerBuilder::init_pointer(self.builder, 0)
     |         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
note: inside `message::Builder::<message::HeapAllocator>::init_root::<'_, any_pointer::Builder<'_>>`
    --> capnp/src/message.rs:443:9
     |
443  |         root.init_as()
     |         ^^^^^^^^^^^^^^
note: inside `any_pointer::init_clears_value`
    --> capnp/src/any_pointer.rs:260:49
     |
260  |         let root: crate::any_pointer::Builder = message.init_root();
     |                                                 ^^^^^^^^^^^^^^^^^^^
note: inside closure
    --> capnp/src/any_pointer.rs:249:24
     |
248  | #[test]
     | ------- in this procedural macro expansion
249  | fn init_clears_value() {
     |                        ^
     = note: this error originates in the attribute macro `test` (in Nightly builds, run with -Z macro-backtrace for more info)

For everyone piece of mind, I think it would be really great if capnproto-rust would not exploit UB and if all tests could pass with miri. If there is a relatively trivial fix, with some guidance, I am willing to work on it :)

dwrensha commented 1 year ago

Hm... maybe the WirePointer methods need to take self by raw pointer rather than reference?

dwrensha commented 1 year ago

Fixed in https://github.com/capnproto/capnproto-rust/pull/383.