Skip to content

NormalizeArrayLen MIR opt unsound due to missed writes #105929

New issue
New issue
Closed
#107172
Closed
NormalizeArrayLen MIR opt unsound due to missed writes#105929
#107172
Labels
A-mir-optArea: MIR optimizationsC-bugCategory: This is a bug.T-compilerRelevant to the compiler team, which will review and decide on the PR/issue.requires-nightlyThis issue requires a nightly compiler in some way.
@JakobDegen

Description

@JakobDegen
JakobDegen
opened on Dec 20, 2022

The opt, as written today, will miscompile something that looks like this:

slice_ptr = Cast(array_ptr);
r = &mut slice_ptr;
*r = something_else;
Len(slice_ptr)

The bug is roughly on this line:

rust/compiler/rustc_mir_transform/src/normalize_array_len.rs

Line 270 in 696563e

state.remove(&place.local);

This makes an attempt to detect other writes to the slice_ptr local, but it misses a lot of cases. Taking a reference like in the example above is an easy one, but SetDiscriminant is also missed, as well as writes to any aliasing pointers.

As far as I can tell this needs Rvalue::Cast support in custom MIR to reproduce.

@rustbot label A-mir-opt T-compiler requires-nightly

Metadata

Metadata

Assignees

No one assigned

    Labels

    A-mir-optArea: MIR optimizationsC-bugCategory: This is a bug.T-compilerRelevant to the compiler team, which will review and decide on the PR/issue.requires-nightlyThis issue requires a nightly compiler in some way.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions