Merge pull request #144 from RalfJung/miri

fix drain_range in Miri and add Miri to CI

Author: bluss

.travis.yml

@@ -22,6 +22,8 @@ matrix:
     - rust: nightly
       env:
       - FEATURES='array-sizes-33-128 array-sizes-129-255'
+    - name: "miri"
+      script: sh ci/miri.sh
 branches:
   only:
     - master

ci/miri.sh

@@ -0,0 +1,15 @@
+#!/usr/bin/env sh
+
+set -ex
+
+export CARGO_NET_RETRY=5
+export CARGO_NET_TIMEOUT=10
+
+MIRI_NIGHTLY=nightly-$(curl -s https://rust-lang.github.io/rustup-components-history/x86_64-unknown-linux-gnu/miri)
+echo "Installing latest nightly with Miri: $MIRI_NIGHTLY"
+rustup default "$MIRI_NIGHTLY"
+
+rustup component add miri
+cargo miri setup
+
+cargo miri test -- -- -Zunstable-options --exclude-should-panic

src/char.rs

@@ -63,6 +63,7 @@ pub unsafe fn encode_utf8(ch: char, ptr: *mut u8, len: usize) -> Result<usize, E
 
 
 #[test]
+#[cfg(not(miri))] // Miri is too slow
 fn test_encode_utf8() {
     // Test that all codepoints are encoded correctly
     let mut data = [0u8; 16];

src/lib.rs

@@ -598,12 +598,15 @@ impl<A: Array> ArrayVec<A> {
     fn drain_range(&mut self, start: usize, end: usize) -> Drain<A>
     {
         let len = self.len();
-        // bounds check happens here
+
+        // bounds check happens here (before length is changed!)
         let range_slice: *const _ = &self[start..end];
 
+        // Calling `set_len` creates a fresh and thus unique mutable references, making all
+        // older aliases we created invalid. So we cannot call that function.
+        self.len = Index::from(start);
+
         unsafe {
-            // set self.vec length's to start, to be safe in case Drain is leaked
-            self.set_len(start);
             Drain {
                 tail_start: end,
                 tail_len: len - end,

tests/tests.rs

@@ -165,6 +165,7 @@ fn test_drop() {
 }
 
 #[test]
+#[cfg(not(miri))] // Miri does not support unwinding
 fn test_drop_panics() {
     use std::cell::Cell;
     use std::panic::catch_unwind;