Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

(Selectively) turn on validation in const eval #95377

Closed
wants to merge 1 commit into from
Closed

(Selectively) turn on validation in const eval #95377

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
121 changes: 113 additions & 8 deletions compiler/rustc_const_eval/src/const_eval/machine.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,14 +2,17 @@ use rustc_hir::def::DefKind;
use rustc_middle::mir;
use rustc_middle::ty::{self, Ty, TyCtxt};
use std::borrow::Borrow;
use std::cell::RefCell;
use std::collections::hash_map::Entry;
use std::hash::Hash;

use rustc_data_structures::fx::FxHashMap;
use std::fmt;

use rustc_ast::Mutability;
use rustc_hir::def_id::DefId;
use rustc_hir::def_id::{DefId, LocalDefId};
use rustc_hir::intravisit::Visitor;
use rustc_hir::Node;
use rustc_middle::mir::AssertMessage;
use rustc_session::Limit;
use rustc_span::symbol::{sym, Symbol};
Expand All @@ -18,7 +21,7 @@ use rustc_target::spec::abi::Abi;

use crate::interpret::{
self, compile_time_machine, AllocId, ConstAllocation, Frame, ImmTy, InterpCx, InterpResult,
OpTy, PlaceTy, Pointer, Scalar, StackPopUnwind,
Machine, OpTy, PlaceTy, Pointer, Scalar, StackPopUnwind,
};

use super::error::*;
Expand Down Expand Up @@ -101,6 +104,8 @@ pub struct CompileTimeInterpreter<'mir, 'tcx> {
/// * Pointers to allocations inside of statics can never leak outside, to a non-static global.
/// This boolean here controls the second part.
pub(super) can_access_statics: bool,

unsafe_detector: RefCell<UnsafeDetector>,
}

impl<'mir, 'tcx> CompileTimeInterpreter<'mir, 'tcx> {
Expand All @@ -109,6 +114,7 @@ impl<'mir, 'tcx> CompileTimeInterpreter<'mir, 'tcx> {
steps_remaining: const_eval_limit.0,
stack: Vec::new(),
can_access_statics,
unsafe_detector: RefCell::new(UnsafeDetector::default()),
}
}
}
Expand Down Expand Up @@ -229,9 +235,102 @@ impl<'mir, 'tcx: 'mir> CompileTimeEvalContext<'mir, 'tcx> {
}
}

struct FindUnsafeVisitor<'tcx> {
tcx: TyCtxt<'tcx>,
found_unsafe: bool,
}

impl<'tcx> Visitor<'tcx> for FindUnsafeVisitor<'tcx> {
type NestedFilter = rustc_middle::hir::nested_filter::All;

fn nested_visit_map(&mut self) -> Self::Map {
self.tcx.hir()
}

fn visit_block(&mut self, block: &'tcx rustc_hir::Block<'tcx>) {
rustc_hir::intravisit::walk_block(self, block);
if let rustc_hir::BlockCheckMode::UnsafeBlock(_) = block.rules {
self.found_unsafe = true;
}
}
}

#[cold]
#[inline(never)]
fn may_contain_unsafe<'mir, 'tcx>(
ecx: &InterpCx<'mir, 'tcx, CompileTimeInterpreter<'mir, 'tcx>>,
def_id: DefId,
) -> bool {
let hir = ecx.tcx.hir();
if let Some(Node::Item(item)) = hir.get_if_local(def_id) {
let mut visitor = FindUnsafeVisitor { tcx: *ecx.tcx, found_unsafe: false };
visitor.visit_item(&item);
visitor.found_unsafe
} else {
true
}
}

#[derive(Default)]
struct UnsafeDetector {
loaded_mir_with_unsafe: Option<bool>,
known_safe_defs: FxHashMap<LocalDefId, bool>,
}

impl UnsafeDetector {
#[cold]
#[inline(never)]
fn analyze_def<'mir, 'tcx>(
&mut self,
ecx: &InterpCx<'mir, 'tcx, CompileTimeInterpreter<'mir, 'tcx>>,
def_id: DefId,
) {
if let Some(local_id) = def_id.as_local() {
let found_unsafe = *self
.known_safe_defs
.entry(local_id)
.or_insert_with(|| may_contain_unsafe(ecx, def_id));
self.loaded_mir_with_unsafe = Some(found_unsafe);
} else {
self.loaded_mir_with_unsafe = Some(true);
}
}

#[cold]
#[inline(never)]
fn analyze_stack<'mir, 'tcx>(ecx: &InterpCx<'mir, 'tcx, CompileTimeInterpreter<'mir, 'tcx>>) {
let mut this = ecx.machine.unsafe_detector.borrow_mut();
let stack = CompileTimeInterpreter::stack(ecx);
if stack.len() == 1 {
let frame = stack.last().unwrap();
this.analyze_def(ecx, frame.instance.def_id());
} else {
this.loaded_mir_with_unsafe = Some(true);
}
}

#[inline]
fn is_init(&self) -> bool {
self.loaded_mir_with_unsafe.is_some()
}

#[inline]
fn mir_needs_validation(&self) -> bool {
self.loaded_mir_with_unsafe == Some(true)
}
}

impl<'mir, 'tcx> interpret::Machine<'mir, 'tcx> for CompileTimeInterpreter<'mir, 'tcx> {
compile_time_machine!(<'mir, 'tcx>);

fn enforce_validity(ecx: &mut InterpCx<'mir, 'tcx, Self>) -> bool {
let unsafe_detector = ecx.machine.unsafe_detector.get_mut();
if !unsafe_detector.is_init() {
UnsafeDetector::analyze_stack(ecx);
}
ecx.machine.unsafe_detector.get_mut().mir_needs_validation()
}

type MemoryKind = MemoryKind;

const PANIC_ON_ALLOC_FAIL: bool = false; // will be raised as a proper error
Expand All @@ -240,10 +339,12 @@ impl<'mir, 'tcx> interpret::Machine<'mir, 'tcx> for CompileTimeInterpreter<'mir,
ecx: &InterpCx<'mir, 'tcx, Self>,
instance: ty::InstanceDef<'tcx>,
) -> InterpResult<'tcx, &'tcx mir::Body<'tcx>> {
match instance {
ecx.machine.unsafe_detector.borrow_mut().analyze_def(ecx, instance.def_id());

let mir = match instance {
ty::InstanceDef::Item(def) => {
if ecx.tcx.is_ctfe_mir_available(def.did) {
Ok(ecx.tcx.mir_for_ctfe_opt_const_arg(def))
ecx.tcx.mir_for_ctfe_opt_const_arg(def)
} else if ecx.tcx.def_kind(def.did) == DefKind::AssocConst {
let guar = ecx.tcx.sess.delay_span_bug(
rustc_span::DUMMY_SP,
Expand All @@ -252,12 +353,16 @@ impl<'mir, 'tcx> interpret::Machine<'mir, 'tcx> for CompileTimeInterpreter<'mir,
throw_inval!(AlreadyReported(guar));
} else {
let path = ecx.tcx.def_path_str(def.did);
Err(ConstEvalErrKind::NeedsRfc(format!("calling extern function `{}`", path))
.into())
return Err(ConstEvalErrKind::NeedsRfc(format!(
"calling extern function `{}`",
path
))
.into());
}
}
_ => Ok(ecx.tcx.instance_mir(instance)),
}
_ => ecx.tcx.instance_mir(instance),
};
Ok(mir)
}

fn find_mir_or_eval_fn(
Expand Down
4 changes: 2 additions & 2 deletions compiler/rustc_const_eval/src/interpret/machine.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -131,7 +131,7 @@ pub trait Machine<'mir, 'tcx>: Sized {
fn force_int_for_alignment_check(ecx: &InterpCx<'mir, 'tcx, Self>) -> bool;

/// Whether to enforce the validity invariant
fn enforce_validity(ecx: &InterpCx<'mir, 'tcx, Self>) -> bool;
fn enforce_validity(ecx: &mut InterpCx<'mir, 'tcx, Self>) -> bool;

/// Whether to enforce integers and floats being initialized.
fn enforce_number_init(ecx: &InterpCx<'mir, 'tcx, Self>) -> bool;
Expand Down Expand Up @@ -450,7 +450,7 @@ pub macro compile_time_machine(<$mir: lifetime, $tcx: lifetime>) {
}

#[inline(always)]
fn enforce_validity(_ecx: &InterpCx<$mir, $tcx, Self>) -> bool {
fn enforce_validity(_ecx: &mut InterpCx<$mir, $tcx, Self>) -> bool {
false // for now, we don't enforce validity
}

Expand Down
6 changes: 6 additions & 0 deletions compiler/rustc_mir_transform/src/const_prop.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -184,6 +184,12 @@ impl ConstPropMachine<'_, '_> {

impl<'mir, 'tcx> interpret::Machine<'mir, 'tcx> for ConstPropMachine<'mir, 'tcx> {
compile_time_machine!(<'mir, 'tcx>);

#[inline(always)]
fn enforce_validity(_ecx: &mut InterpCx<'mir, 'tcx, Self>) -> bool {
false
}

const PANIC_ON_ALLOC_FAIL: bool = true; // all allocations are small (see `MAX_ALLOC_LIMIT`)

type MemoryKind = !;
Expand Down
6 changes: 6 additions & 0 deletions compiler/rustc_mir_transform/src/const_prop_lint.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -176,6 +176,12 @@ impl ConstPropMachine<'_, '_> {

impl<'mir, 'tcx> interpret::Machine<'mir, 'tcx> for ConstPropMachine<'mir, 'tcx> {
compile_time_machine!(<'mir, 'tcx>);

#[inline(always)]
fn enforce_validity(_ecx: &mut InterpCx<'mir, 'tcx, Self>) -> bool {
false
}

const PANIC_ON_ALLOC_FAIL: bool = true; // all allocations are small (see `MAX_ALLOC_LIMIT`)

type MemoryKind = !;
Expand Down
44 changes: 12 additions & 32 deletions src/test/ui/const-generics/min_const_generics/invalid-patterns.32bit.stderr
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,49 +22,29 @@ error[E0308]: mismatched types
LL | get_flag::<42, 0x5ad>();
| ^^^^^ expected `char`, found `u8`

error[E0080]: it is undefined behavior to use this value
--> $DIR/invalid-patterns.rs:38:21
error[E0080]: evaluation of constant value failed
--> $DIR/invalid-patterns.rs:38:32
|
LL | get_flag::<false, { unsafe { char_raw.character } }>();
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ type validation failed: encountered uninitialized bytes, but expected a valid unicode scalar value (in `0..=0x10FFFF` but not in `0xD800..=0xDFFF`)
|
= note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior.
= note: the raw bytes of the constant (size: 4, align: 4) {
__ __ __ __ │ ░░░░
}
| ^^^^^^^^^^^^^^^^^^ type validation failed: encountered uninitialized bytes, but expected a valid unicode scalar value (in `0..=0x10FFFF` but not in `0xD800..=0xDFFF`)

error[E0080]: it is undefined behavior to use this value
--> $DIR/invalid-patterns.rs:40:14
error[E0080]: evaluation of constant value failed
--> $DIR/invalid-patterns.rs:40:25
|
LL | get_flag::<{ unsafe { bool_raw.boolean } }, 'z'>();
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ type validation failed: encountered 0x42, but expected a boolean
|
= note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior.
= note: the raw bytes of the constant (size: 1, align: 1) {
42 │ B
}
| ^^^^^^^^^^^^^^^^ type validation failed: encountered 0x42, but expected a boolean

error[E0080]: it is undefined behavior to use this value
--> $DIR/invalid-patterns.rs:42:14
error[E0080]: evaluation of constant value failed
--> $DIR/invalid-patterns.rs:42:25
|
LL | get_flag::<{ unsafe { bool_raw.boolean } }, { unsafe { char_raw.character } }>();
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ type validation failed: encountered 0x42, but expected a boolean
|
= note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior.
= note: the raw bytes of the constant (size: 1, align: 1) {
42 │ B
}
| ^^^^^^^^^^^^^^^^ type validation failed: encountered 0x42, but expected a boolean

error[E0080]: it is undefined behavior to use this value
--> $DIR/invalid-patterns.rs:42:47
error[E0080]: evaluation of constant value failed
--> $DIR/invalid-patterns.rs:42:58
|
LL | get_flag::<{ unsafe { bool_raw.boolean } }, { unsafe { char_raw.character } }>();
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ type validation failed: encountered uninitialized bytes, but expected a valid unicode scalar value (in `0..=0x10FFFF` but not in `0xD800..=0xDFFF`)
|
= note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior.
= note: the raw bytes of the constant (size: 4, align: 4) {
__ __ __ __ │ ░░░░
}
| ^^^^^^^^^^^^^^^^^^ type validation failed: encountered uninitialized bytes, but expected a valid unicode scalar value (in `0..=0x10FFFF` but not in `0xD800..=0xDFFF`)

error: aborting due to 8 previous errors

Expand Down
44 changes: 12 additions & 32 deletions src/test/ui/const-generics/min_const_generics/invalid-patterns.64bit.stderr
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,49 +22,29 @@ error[E0308]: mismatched types
LL | get_flag::<42, 0x5ad>();
| ^^^^^ expected `char`, found `u8`

error[E0080]: it is undefined behavior to use this value
--> $DIR/invalid-patterns.rs:38:21
error[E0080]: evaluation of constant value failed
--> $DIR/invalid-patterns.rs:38:32
|
LL | get_flag::<false, { unsafe { char_raw.character } }>();
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ type validation failed: encountered uninitialized bytes, but expected a valid unicode scalar value (in `0..=0x10FFFF` but not in `0xD800..=0xDFFF`)
|
= note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior.
= note: the raw bytes of the constant (size: 4, align: 4) {
__ __ __ __ │ ░░░░
}
| ^^^^^^^^^^^^^^^^^^ type validation failed: encountered uninitialized bytes, but expected a valid unicode scalar value (in `0..=0x10FFFF` but not in `0xD800..=0xDFFF`)

error[E0080]: it is undefined behavior to use this value
--> $DIR/invalid-patterns.rs:40:14
error[E0080]: evaluation of constant value failed
--> $DIR/invalid-patterns.rs:40:25
|
LL | get_flag::<{ unsafe { bool_raw.boolean } }, 'z'>();
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ type validation failed: encountered 0x42, but expected a boolean
|
= note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior.
= note: the raw bytes of the constant (size: 1, align: 1) {
42 │ B
}
| ^^^^^^^^^^^^^^^^ type validation failed: encountered 0x42, but expected a boolean

error[E0080]: it is undefined behavior to use this value
--> $DIR/invalid-patterns.rs:42:14
error[E0080]: evaluation of constant value failed
--> $DIR/invalid-patterns.rs:42:25
|
LL | get_flag::<{ unsafe { bool_raw.boolean } }, { unsafe { char_raw.character } }>();
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ type validation failed: encountered 0x42, but expected a boolean
|
= note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior.
= note: the raw bytes of the constant (size: 1, align: 1) {
42 │ B
}
| ^^^^^^^^^^^^^^^^ type validation failed: encountered 0x42, but expected a boolean

error[E0080]: it is undefined behavior to use this value
--> $DIR/invalid-patterns.rs:42:47
error[E0080]: evaluation of constant value failed
--> $DIR/invalid-patterns.rs:42:58
|
LL | get_flag::<{ unsafe { bool_raw.boolean } }, { unsafe { char_raw.character } }>();
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ type validation failed: encountered uninitialized bytes, but expected a valid unicode scalar value (in `0..=0x10FFFF` but not in `0xD800..=0xDFFF`)
|
= note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior.
= note: the raw bytes of the constant (size: 4, align: 4) {
__ __ __ __ │ ░░░░
}
| ^^^^^^^^^^^^^^^^^^ type validation failed: encountered uninitialized bytes, but expected a valid unicode scalar value (in `0..=0x10FFFF` but not in `0xD800..=0xDFFF`)

error: aborting due to 8 previous errors

Expand Down
8 changes: 4 additions & 4 deletions src/test/ui/const-generics/min_const_generics/invalid-patterns.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,10 +36,10 @@ fn main() {


get_flag::<false, { unsafe { char_raw.character } }>();
//~^ ERROR it is undefined behavior
//~^ ERROR evaluation of constant value failed
get_flag::<{ unsafe { bool_raw.boolean } }, 'z'>();
//~^ ERROR it is undefined behavior
//~^ ERROR evaluation of constant value failed
get_flag::<{ unsafe { bool_raw.boolean } }, { unsafe { char_raw.character } }>();
//~^ ERROR it is undefined behavior
//~| ERROR it is undefined behavior
//~^ ERROR evaluation of constant value failed
//~| ERROR evaluation of constant value failed
}
11 changes: 3 additions & 8 deletions src/test/ui/consts/const-err4.32bit.stderr
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,13 +1,8 @@
error[E0080]: it is undefined behavior to use this value
--> $DIR/const-err4.rs:9:11
error[E0080]: evaluation of constant value failed
--> $DIR/const-err4.rs:9:21
|
LL | Boo = [unsafe { Foo { b: () }.a }; 4][3],
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ type validation failed: encountered uninitialized bytes, but expected initialized bytes
|
= note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior.
= note: the raw bytes of the constant (size: 4, align: 4) {
__ __ __ __ │ ░░░░
}
| ^^^^^^^^^^^^^^^ type validation failed: encountered uninitialized bytes, but expected initialized bytes

error: aborting due to previous error

Expand Down
Loading