-
Notifications
You must be signed in to change notification settings - Fork 13k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
validate basic sanity for TerminatorKind #72810
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -3,10 +3,13 @@ | |
use super::{MirPass, MirSource}; | ||
use rustc_middle::mir::visit::Visitor; | ||
use rustc_middle::{ | ||
mir::{Body, Location, Operand, Rvalue, Statement, StatementKind}, | ||
ty::{ParamEnv, TyCtxt}, | ||
mir::{ | ||
BasicBlock, Body, Location, Operand, Rvalue, Statement, StatementKind, Terminator, | ||
TerminatorKind, | ||
}, | ||
ty::{self, ParamEnv, TyCtxt}, | ||
}; | ||
use rustc_span::{def_id::DefId, Span, DUMMY_SP}; | ||
use rustc_span::def_id::DefId; | ||
|
||
pub struct Validator { | ||
/// Describes at which point in the pipeline this validation is happening. | ||
|
@@ -30,27 +33,38 @@ struct TypeChecker<'a, 'tcx> { | |
} | ||
|
||
impl<'a, 'tcx> TypeChecker<'a, 'tcx> { | ||
fn fail(&self, span: Span, msg: impl AsRef<str>) { | ||
fn fail(&self, location: Location, msg: impl AsRef<str>) { | ||
let span = self.body.source_info(location).span; | ||
// We use `delay_span_bug` as we might see broken MIR when other errors have already | ||
// occurred. | ||
self.tcx.sess.diagnostic().delay_span_bug( | ||
span, | ||
&format!("broken MIR in {:?} ({}): {}", self.def_id, self.when, msg.as_ref()), | ||
&format!( | ||
"broken MIR in {:?} ({}) at {:?}:\n{}", | ||
self.def_id, | ||
self.when, | ||
location, | ||
msg.as_ref() | ||
), | ||
); | ||
} | ||
|
||
fn check_bb(&self, location: Location, bb: BasicBlock) { | ||
if self.body.basic_blocks().get(bb).is_none() { | ||
self.fail(location, format!("encountered jump to invalid basic block {:?}", bb)) | ||
} | ||
} | ||
} | ||
|
||
impl<'a, 'tcx> Visitor<'tcx> for TypeChecker<'a, 'tcx> { | ||
fn visit_operand(&mut self, operand: &Operand<'tcx>, location: Location) { | ||
// `Operand::Copy` is only supposed to be used with `Copy` types. | ||
if let Operand::Copy(place) = operand { | ||
let ty = place.ty(&self.body.local_decls, self.tcx).ty; | ||
let span = self.body.source_info(location).span; | ||
|
||
if !ty.is_copy_modulo_regions(self.tcx, self.param_env, DUMMY_SP) { | ||
self.fail( | ||
DUMMY_SP, | ||
format!("`Operand::Copy` with non-`Copy` type {} at {:?}", ty, location), | ||
); | ||
if !ty.is_copy_modulo_regions(self.tcx, self.param_env, span) { | ||
self.fail(location, format!("`Operand::Copy` with non-`Copy` type {}", ty)); | ||
} | ||
} | ||
|
||
|
@@ -65,16 +79,107 @@ impl<'a, 'tcx> Visitor<'tcx> for TypeChecker<'a, 'tcx> { | |
Rvalue::Use(Operand::Copy(src) | Operand::Move(src)) => { | ||
if dest == src { | ||
self.fail( | ||
DUMMY_SP, | ||
format!( | ||
"encountered `Assign` statement with overlapping memory at {:?}", | ||
location | ||
), | ||
location, | ||
"encountered `Assign` statement with overlapping memory", | ||
); | ||
} | ||
} | ||
_ => {} | ||
} | ||
} | ||
} | ||
|
||
fn visit_terminator(&mut self, terminator: &Terminator<'tcx>, location: Location) { | ||
match &terminator.kind { | ||
TerminatorKind::Goto { target } => { | ||
self.check_bb(location, *target); | ||
} | ||
TerminatorKind::SwitchInt { targets, values, .. } => { | ||
if targets.len() != values.len() + 1 { | ||
self.fail( | ||
location, | ||
format!( | ||
"encountered `SwitchInt` terminator with {} values, but {} targets (should be values+1)", | ||
values.len(), | ||
targets.len(), | ||
), | ||
); | ||
} | ||
for target in targets { | ||
self.check_bb(location, *target); | ||
} | ||
} | ||
TerminatorKind::Drop { target, unwind, .. } => { | ||
self.check_bb(location, *target); | ||
if let Some(unwind) = unwind { | ||
self.check_bb(location, *unwind); | ||
} | ||
} | ||
TerminatorKind::DropAndReplace { target, unwind, .. } => { | ||
self.check_bb(location, *target); | ||
if let Some(unwind) = unwind { | ||
self.check_bb(location, *unwind); | ||
} | ||
} | ||
TerminatorKind::Call { func, destination, cleanup, .. } => { | ||
let func_ty = func.ty(&self.body.local_decls, self.tcx); | ||
match func_ty.kind { | ||
ty::FnPtr(..) | ty::FnDef(..) => {} | ||
_ => self.fail( | ||
location, | ||
format!("encountered non-callable type {} in `Call` terminator", func_ty), | ||
), | ||
} | ||
if let Some((_, target)) = destination { | ||
self.check_bb(location, *target); | ||
} | ||
if let Some(cleanup) = cleanup { | ||
self.check_bb(location, *cleanup); | ||
} | ||
} | ||
TerminatorKind::Assert { cond, target, cleanup, .. } => { | ||
let cond_ty = cond.ty(&self.body.local_decls, self.tcx); | ||
if cond_ty != self.tcx.types.bool { | ||
self.fail( | ||
location, | ||
format!( | ||
"encountered non-boolean condition of type {} in `Assert` terminator", | ||
cond_ty | ||
), | ||
); | ||
} | ||
self.check_bb(location, *target); | ||
if let Some(cleanup) = cleanup { | ||
self.check_bb(location, *cleanup); | ||
} | ||
} | ||
TerminatorKind::Yield { resume, drop, .. } => { | ||
self.check_bb(location, *resume); | ||
if let Some(drop) = drop { | ||
self.check_bb(location, *drop); | ||
} | ||
} | ||
TerminatorKind::FalseEdges { real_target, imaginary_target } => { | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Btw, does anyone know why this is named in plural? Shouldn't it be There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I think that it may have been accurate in the past. Feel free to change it. |
||
self.check_bb(location, *real_target); | ||
self.check_bb(location, *imaginary_target); | ||
} | ||
TerminatorKind::FalseUnwind { real_target, unwind } => { | ||
self.check_bb(location, *real_target); | ||
if let Some(unwind) = unwind { | ||
self.check_bb(location, *unwind); | ||
} | ||
} | ||
TerminatorKind::InlineAsm { destination, .. } => { | ||
if let Some(destination) = destination { | ||
self.check_bb(location, *destination); | ||
} | ||
} | ||
// Nothing to validate for these. | ||
TerminatorKind::Resume | ||
| TerminatorKind::Abort | ||
| TerminatorKind::Return | ||
| TerminatorKind::Unreachable | ||
| TerminatorKind::GeneratorDrop => {} | ||
} | ||
} | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Call
(and perhaps others?) could also validate that the destination doesn't overlap with any of the arguments. This would have caught a miscompilation in #72632.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
DropAndReplace
(andYield
?) can do the same check. Not sure about inline assembly, but it seems like that's a candidate for such a check as well.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hm, now I wonder if Miri would have caught that (for
Call
). Unfortunately we can't test Miri on MIR that rustc does not generate.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It probably would have, but I haven't yet figured out how to use a locally built miri with external code (like with
cargo-miri
).There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I usually do
./miri install
and then usecargo miri
.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
./src/tools/miri/miri install
fails with "can't find crate forrustc_apfloat
" for me, and running the miri tests ICEs the compilerThere was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah I've only ever used the script in a standalone clone... yeah it probably doesn't work in the rustc folder layout.
How do you run them?
./x.py test --stage 0 src/tools/miri
should work -- except when the Miri toolstate is broken for the commit you're basing your work on.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah that's what I tried to run, but it enters unreachable code while decoding or encoding something. Not really sure what's happening, but I'll do more digging.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That sounds like an incremental problem or
--keep-stage
gone wrong... strange.