From 716044751b7a36c634be709e37923e3dbdf53888 Mon Sep 17 00:00:00 2001 From: Gurinder Singh Date: Fri, 20 Sep 2024 18:57:59 +0530 Subject: [PATCH] Add recursion limit to FFI safety lint Fixes stack overflow in the case of recursive types --- compiler/rustc_lint/messages.ftl | 2 ++ compiler/rustc_lint/src/types.rs | 20 ++++++++++++++++--- tests/crashes/130310.rs | 15 -------------- .../improper-types-stack-overflow-130310.rs | 20 +++++++++++++++++++ ...mproper-types-stack-overflow-130310.stderr | 11 ++++++++++ 5 files changed, 50 insertions(+), 18 deletions(-) delete mode 100644 tests/crashes/130310.rs create mode 100644 tests/ui/lint/improper-types-stack-overflow-130310.rs create mode 100644 tests/ui/lint/improper-types-stack-overflow-130310.stderr diff --git a/compiler/rustc_lint/messages.ftl b/compiler/rustc_lint/messages.ftl index 4aa86944a0b5c..bffff1bf1e350 100644 --- a/compiler/rustc_lint/messages.ftl +++ b/compiler/rustc_lint/messages.ftl @@ -395,6 +395,8 @@ lint_improper_ctypes_opaque = opaque types have no C equivalent lint_improper_ctypes_pat_help = consider using the base type instead lint_improper_ctypes_pat_reason = pattern types have no C equivalent + +lint_improper_ctypes_recursion_limit_reached = type is infinitely recursive lint_improper_ctypes_slice_help = consider using a raw pointer instead lint_improper_ctypes_slice_reason = slices have no C equivalent diff --git a/compiler/rustc_lint/src/types.rs b/compiler/rustc_lint/src/types.rs index 900c496e0330d..aa2a6c9ab62cd 100644 --- a/compiler/rustc_lint/src/types.rs +++ b/compiler/rustc_lint/src/types.rs @@ -991,6 +991,8 @@ struct CTypesVisitorState<'tcx> { /// The original type being checked, before we recursed /// to any other types it contains. base_ty: Ty<'tcx>, + /// Number of times we recursed while checking the type + recursion_depth: usize, } enum FfiResult<'tcx> { @@ -1296,12 +1298,23 @@ impl<'a, 'tcx> ImproperCTypesVisitor<'a, 'tcx> { // Protect against infinite recursion, for example // `struct S(*mut S);`. - // FIXME: A recursion limit is necessary as well, for irregular - // recursive types. if !acc.cache.insert(ty) { return FfiSafe; } + // Additional recursion check for more complex types like + // `struct A { v: *const A>, ... }` for which the + // cache check above won't be enough (fixes #130310) + if !tcx.recursion_limit().value_within_limit(acc.recursion_depth) { + return FfiUnsafe { + ty: acc.base_ty, + reason: fluent::lint_improper_ctypes_recursion_limit_reached, + help: None, + }; + } + + acc.recursion_depth += 1; + match *ty.kind() { ty::Adt(def, args) => { if let Some(boxed) = ty.boxed_ty() @@ -1644,7 +1657,8 @@ impl<'a, 'tcx> ImproperCTypesVisitor<'a, 'tcx> { return; } - let mut acc = CTypesVisitorState { cache: FxHashSet::default(), base_ty: ty }; + let mut acc = + CTypesVisitorState { cache: FxHashSet::default(), base_ty: ty, recursion_depth: 0 }; match self.check_type_for_ffi(&mut acc, ty) { FfiResult::FfiSafe => {} FfiResult::FfiPhantom(ty) => { diff --git a/tests/crashes/130310.rs b/tests/crashes/130310.rs deleted file mode 100644 index d59dd39983c78..0000000000000 --- a/tests/crashes/130310.rs +++ /dev/null @@ -1,15 +0,0 @@ -//@ known-bug: rust-lang/rust#130310 - -use std::marker::PhantomData; - -#[repr(C)] -struct A { - a: *const A>, - p: PhantomData, -} - -extern "C" { - fn f(a: *const A<()>); -} - -fn main() {} diff --git a/tests/ui/lint/improper-types-stack-overflow-130310.rs b/tests/ui/lint/improper-types-stack-overflow-130310.rs new file mode 100644 index 0000000000000..60eb873981756 --- /dev/null +++ b/tests/ui/lint/improper-types-stack-overflow-130310.rs @@ -0,0 +1,20 @@ +// Regression test for #130310 +// Tests that we do not fall into infinite +// recursion while checking FFI safety of +// recursive types like `A` below + +//@ build-pass +use std::marker::PhantomData; + +#[repr(C)] +struct A { + a: *const A>, // Recursive because of this field + p: PhantomData, +} + +extern "C" { + fn f(a: *const A<()>); + //~^ WARN `extern` block uses type `*const A<()>`, which is not FFI-safe +} + +fn main() {} diff --git a/tests/ui/lint/improper-types-stack-overflow-130310.stderr b/tests/ui/lint/improper-types-stack-overflow-130310.stderr new file mode 100644 index 0000000000000..6981bb2575542 --- /dev/null +++ b/tests/ui/lint/improper-types-stack-overflow-130310.stderr @@ -0,0 +1,11 @@ +warning: `extern` block uses type `*const A<()>`, which is not FFI-safe + --> $DIR/improper-types-stack-overflow-130310.rs:16:13 + | +LL | fn f(a: *const A<()>); + | ^^^^^^^^^^^^ not FFI-safe + | + = note: type is infinitely recursive + = note: `#[warn(improper_ctypes)]` on by default + +warning: 1 warning emitted +