miri: fix overflow detection for unsigned pointer offset

2 files changed, 22 insertions, 0 deletions

diff --git a/src/tools/miri/tests/fail/intrinsics/ptr_offset_unsigned_overflow.rs b/src/tools/miri/tests/fail/intrinsics/ptr_offset_unsigned_overflow.rs
new file mode 100644
index 00000000000..a2739842bc1
--- /dev/null
+++ b/src/tools/miri/tests/fail/intrinsics/ptr_offset_unsigned_overflow.rs
@@ -0,0 +1,7 @@
+fn main() {
+    let x = &[0i32; 2];
+    let x = x.as_ptr().wrapping_add(1);
+    // If the `!0` is interpreted as `isize`, it is just `-1` and hence harmless.
+    // However, this is unsigned arithmetic, so really this is `usize::MAX` and hence UB.
+    unsafe { x.byte_add(!0).read() }; //~ERROR: does not fit in an `isize`
+}
diff --git a/src/tools/miri/tests/fail/intrinsics/ptr_offset_unsigned_overflow.stderr b/src/tools/miri/tests/fail/intrinsics/ptr_offset_unsigned_overflow.stderr
new file mode 100644
index 00000000000..43cd80a6d3e
--- /dev/null
+++ b/src/tools/miri/tests/fail/intrinsics/ptr_offset_unsigned_overflow.stderr
@@ -0,0 +1,15 @@
+error: Undefined Behavior: overflowing pointer arithmetic: the total offset in bytes does not fit in an `isize`
+  --> $DIR/ptr_offset_unsigned_overflow.rs:LL:CC
+   |
+LL |     unsafe { x.byte_add(!0).read() };
+   |              ^^^^^^^^^^^^^^ overflowing pointer arithmetic: the total offset in bytes does not fit in an `isize`
+   |
+   = help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
+   = help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information
+   = note: BACKTRACE:
+   = note: inside `main` at $DIR/ptr_offset_unsigned_overflow.rs:LL:CC
+
+note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace
+
+error: aborting due to 1 previous error
+