Skip to content

NormalizeArrayLen MIR opt unsound due to missed writes #105929

New issue
New issue
Closed
#107172
Closed
NormalizeArrayLen MIR opt unsound due to missed writes#105929
#107172
Labels
A-mir-optArea: MIR optimizationsC-bugCategory: This is a bug.T-compilerRelevant to the compiler team, which will review and decide on the PR/issue.requires-nightlyThis issue requires a nightly compiler in some way.
@JakobDegen

Description

@JakobDegen
JakobDegen
opened on Dec 20, 2022
Contributor

The opt, as written today, will miscompile something that looks like this:

slice_ptr = Cast(array_ptr);
r = &mut slice_ptr;
*r = something_else;
Len(slice_ptr)

The bug is roughly on this line:

rust/compiler/rustc_mir_transform/src/normalize_array_len.rs

Line 270 in 696563e

state.remove(&place.local);

This makes an attempt to detect other writes to the slice_ptr local, but it misses a lot of cases. Taking a reference like in the example above is an easy one, but SetDiscriminant is also missed, as well as writes to any aliasing pointers.

As far as I can tell this needs Rvalue::Cast support in custom MIR to reproduce.

@rustbot label A-mir-opt T-compiler requires-nightly

Activity

JakobDegen
added
C-bugCategory: This is a bug.
on Dec 20, 2022
rustbot
added
A-mir-optArea: MIR optimizations
requires-nightlyThis issue requires a nightly compiler in some way.
T-compilerRelevant to the compiler team, which will review and decide on the PR/issue.
on Dec 20, 2022
JakobDegen
mentioned this on Dec 20, 2022
shamatar

shamatar commented on Dec 20, 2022

@shamatar
shamatar
on Dec 20, 2022
Contributor

This optimization is more a workaround of unwillingness to add "len()" function to arrays, so method resolution would not need to use coercion to slice, but I'll check what can be done to fix it

matthiaskrgr
added a commit that references this issue on Dec 20, 2022

Rollup merge of rust-lang#105930 - JakobDegen:nal-unsound, r=oli-obk

c3af456
cjgillot
mentioned this on Jan 21, 2023
matthiaskrgr
added a commit that references this issue on Jan 30, 2023

Rollup merge of rust-lang#107172 - cjgillot:no-nal, r=nagisa

db97749
bors
closed this as completedin db97749on Jan 30, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

No one assigned

    Labels

    A-mir-optArea: MIR optimizationsC-bugCategory: This is a bug.T-compilerRelevant to the compiler team, which will review and decide on the PR/issue.requires-nightlyThis issue requires a nightly compiler in some way.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

      Development

      Participants

      @shamatar@rustbot@JakobDegen

      Issue actions
        `NormalizeArrayLen` MIR opt unsound due to missed writes · Issue #105929 · rust-lang/rust