From 8022057ebbcc2a6a811d2c6ffbca4391ebfe0778 Mon Sep 17 00:00:00 2001 From: Camille GILLOT Date: Sun, 17 Dec 2023 19:49:48 +0000 Subject: [PATCH] Avoid overflow in GVN constant indexing. --- compiler/rustc_mir_transform/src/gvn.rs | 8 +- ...nstant_index_overflow.GVN.panic-abort.diff | 104 ++++++++++++++++++ ...stant_index_overflow.GVN.panic-unwind.diff | 104 ++++++++++++++++++ tests/mir-opt/gvn.rs | 18 +++ 4 files changed, 229 insertions(+), 5 deletions(-) create mode 100644 tests/mir-opt/gvn.constant_index_overflow.GVN.panic-abort.diff create mode 100644 tests/mir-opt/gvn.constant_index_overflow.GVN.panic-unwind.diff diff --git a/compiler/rustc_mir_transform/src/gvn.rs b/compiler/rustc_mir_transform/src/gvn.rs index b21988e179d0f..3b8adf7e86b71 100644 --- a/compiler/rustc_mir_transform/src/gvn.rs +++ b/compiler/rustc_mir_transform/src/gvn.rs @@ -644,12 +644,10 @@ impl<'body, 'tcx> VnState<'body, 'tcx> { { if let Some(offset) = self.evaluated[idx].as_ref() && let Ok(offset) = self.ecx.read_target_usize(offset) + && let Some(min_length) = offset.checked_add(1) { - projection.to_mut()[i] = ProjectionElem::ConstantIndex { - offset, - min_length: offset + 1, - from_end: false, - }; + projection.to_mut()[i] = + ProjectionElem::ConstantIndex { offset, min_length, from_end: false }; } else if let Some(new_idx) = self.try_as_local(idx, location) { projection.to_mut()[i] = ProjectionElem::Index(new_idx); self.reused_locals.insert(new_idx); diff --git a/tests/mir-opt/gvn.constant_index_overflow.GVN.panic-abort.diff b/tests/mir-opt/gvn.constant_index_overflow.GVN.panic-abort.diff new file mode 100644 index 0000000000000..4b1e337911468 --- /dev/null +++ b/tests/mir-opt/gvn.constant_index_overflow.GVN.panic-abort.diff @@ -0,0 +1,104 @@ +- // MIR for `constant_index_overflow` before GVN ++ // MIR for `constant_index_overflow` after GVN + + fn constant_index_overflow(_1: &[T]) -> () { + debug x => _1; + let mut _0: (); + let _2: usize; + let mut _4: bool; + let mut _5: usize; + let mut _6: usize; + let mut _7: &[T]; + let _8: usize; + let mut _9: usize; + let mut _10: bool; + let _11: usize; + let mut _12: usize; + let mut _13: bool; + let mut _14: T; + scope 1 { + debug a => _2; + let _3: T; + scope 2 { + debug b => _3; + } + } + + bb0: { +- StorageLive(_2); +- _2 = const _ as usize (IntToInt); ++ nop; ++ _2 = const usize::MAX; + StorageLive(_3); + StorageLive(_4); + StorageLive(_5); +- _5 = _2; ++ _5 = const usize::MAX; + StorageLive(_6); + StorageLive(_7); + _7 = &(*_1); + _6 = core::slice::::len(move _7) -> [return: bb1, unwind unreachable]; + } + + bb1: { + StorageDead(_7); +- _4 = Lt(move _5, move _6); ++ _4 = Lt(const usize::MAX, move _6); + switchInt(move _4) -> [0: bb4, otherwise: bb2]; + } + + bb2: { + StorageDead(_6); + StorageDead(_5); + StorageLive(_8); +- _8 = _2; ++ _8 = const usize::MAX; + _9 = Len((*_1)); +- _10 = Lt(_8, _9); +- assert(move _10, "index out of bounds: the length is {} but the index is {}", move _9, _8) -> [success: bb3, unwind unreachable]; ++ _10 = Lt(const usize::MAX, _9); ++ assert(move _10, "index out of bounds: the length is {} but the index is {}", move _9, const usize::MAX) -> [success: bb3, unwind unreachable]; + } + + bb3: { +- _3 = (*_1)[_8]; ++ _3 = (*_1)[_2]; + StorageDead(_8); + goto -> bb6; + } + + bb4: { + StorageDead(_6); + StorageDead(_5); + StorageLive(_11); + _11 = const 0_usize; + _12 = Len((*_1)); +- _13 = Lt(_11, _12); +- assert(move _13, "index out of bounds: the length is {} but the index is {}", move _12, _11) -> [success: bb5, unwind unreachable]; ++ _13 = Lt(const 0_usize, _12); ++ assert(move _13, "index out of bounds: the length is {} but the index is {}", move _12, const 0_usize) -> [success: bb5, unwind unreachable]; + } + + bb5: { +- _3 = (*_1)[_11]; ++ _3 = (*_1)[0 of 1]; + StorageDead(_11); + goto -> bb6; + } + + bb6: { + StorageDead(_4); + StorageLive(_14); + _14 = _3; + _0 = opaque::(move _14) -> [return: bb7, unwind unreachable]; + } + + bb7: { + StorageDead(_14); + StorageDead(_3); +- StorageDead(_2); ++ nop; + return; + } + } + diff --git a/tests/mir-opt/gvn.constant_index_overflow.GVN.panic-unwind.diff b/tests/mir-opt/gvn.constant_index_overflow.GVN.panic-unwind.diff new file mode 100644 index 0000000000000..8abcd7e9387fe --- /dev/null +++ b/tests/mir-opt/gvn.constant_index_overflow.GVN.panic-unwind.diff @@ -0,0 +1,104 @@ +- // MIR for `constant_index_overflow` before GVN ++ // MIR for `constant_index_overflow` after GVN + + fn constant_index_overflow(_1: &[T]) -> () { + debug x => _1; + let mut _0: (); + let _2: usize; + let mut _4: bool; + let mut _5: usize; + let mut _6: usize; + let mut _7: &[T]; + let _8: usize; + let mut _9: usize; + let mut _10: bool; + let _11: usize; + let mut _12: usize; + let mut _13: bool; + let mut _14: T; + scope 1 { + debug a => _2; + let _3: T; + scope 2 { + debug b => _3; + } + } + + bb0: { +- StorageLive(_2); +- _2 = const _ as usize (IntToInt); ++ nop; ++ _2 = const usize::MAX; + StorageLive(_3); + StorageLive(_4); + StorageLive(_5); +- _5 = _2; ++ _5 = const usize::MAX; + StorageLive(_6); + StorageLive(_7); + _7 = &(*_1); + _6 = core::slice::::len(move _7) -> [return: bb1, unwind continue]; + } + + bb1: { + StorageDead(_7); +- _4 = Lt(move _5, move _6); ++ _4 = Lt(const usize::MAX, move _6); + switchInt(move _4) -> [0: bb4, otherwise: bb2]; + } + + bb2: { + StorageDead(_6); + StorageDead(_5); + StorageLive(_8); +- _8 = _2; ++ _8 = const usize::MAX; + _9 = Len((*_1)); +- _10 = Lt(_8, _9); +- assert(move _10, "index out of bounds: the length is {} but the index is {}", move _9, _8) -> [success: bb3, unwind continue]; ++ _10 = Lt(const usize::MAX, _9); ++ assert(move _10, "index out of bounds: the length is {} but the index is {}", move _9, const usize::MAX) -> [success: bb3, unwind continue]; + } + + bb3: { +- _3 = (*_1)[_8]; ++ _3 = (*_1)[_2]; + StorageDead(_8); + goto -> bb6; + } + + bb4: { + StorageDead(_6); + StorageDead(_5); + StorageLive(_11); + _11 = const 0_usize; + _12 = Len((*_1)); +- _13 = Lt(_11, _12); +- assert(move _13, "index out of bounds: the length is {} but the index is {}", move _12, _11) -> [success: bb5, unwind continue]; ++ _13 = Lt(const 0_usize, _12); ++ assert(move _13, "index out of bounds: the length is {} but the index is {}", move _12, const 0_usize) -> [success: bb5, unwind continue]; + } + + bb5: { +- _3 = (*_1)[_11]; ++ _3 = (*_1)[0 of 1]; + StorageDead(_11); + goto -> bb6; + } + + bb6: { + StorageDead(_4); + StorageLive(_14); + _14 = _3; + _0 = opaque::(move _14) -> [return: bb7, unwind continue]; + } + + bb7: { + StorageDead(_14); + StorageDead(_3); +- StorageDead(_2); ++ nop; + return; + } + } + diff --git a/tests/mir-opt/gvn.rs b/tests/mir-opt/gvn.rs index 6e082acdbd393..db131f7f97d8b 100644 --- a/tests/mir-opt/gvn.rs +++ b/tests/mir-opt/gvn.rs @@ -609,6 +609,22 @@ fn indirect_static() { }) } +/// Verify that having constant index `u64::MAX` does not yield to an overflow in rustc. +fn constant_index_overflow(x: &[T]) { + // CHECK-LABEL: fn constant_index_overflow( + // CHECK: debug a => [[a:_.*]]; + // CHECK: debug b => [[b:_.*]]; + // CHECK: [[a]] = const usize::MAX; + // CHECK-NOT: = (*_1)[{{.*}} of 0]; + // CHECK: [[b]] = (*_1)[[[a]]]; + // CHECK-NOT: = (*_1)[{{.*}} of 0]; + // CHECK: [[b]] = (*_1)[0 of 1]; + // CHECK-NOT: = (*_1)[{{.*}} of 0]; + let a = u64::MAX as usize; + let b = if a < x.len() { x[a] } else { x[0] }; + opaque(b) +} + fn main() { subexpression_elimination(2, 4, 5); wrap_unwrap(5); @@ -627,6 +643,7 @@ fn main() { repeat(); fn_pointers(); indirect_static(); + constant_index_overflow(&[5, 3]); } #[inline(never)] @@ -653,3 +670,4 @@ fn identity(x: T) -> T { // EMIT_MIR gvn.repeat.GVN.diff // EMIT_MIR gvn.fn_pointers.GVN.diff // EMIT_MIR gvn.indirect_static.GVN.diff +// EMIT_MIR gvn.constant_index_overflow.GVN.diff