Auto merge of rust-lang#104862 - saethlin:mir-niche-checks, r=<try>

Check for occupied niches

Implementation of rust-lang/compiler-team#624

Crater run has 62 crates that hit the check, 43 of those are published to crates.io. I see a lot of null function pointers and use of `mem::uninitialized` where the 0x1-filling collides with an enum niche.

But that is with full niche checks; checking transmute, plus any place where that we Copy, Move, or Inspect. Such checking is definitely too thorough to be on by default because it is 2x compile time overhead.

---

During implementation, this ran into llvm/llvm-project#68381

r? `@ghost`

Author: bors

compiler/rustc_codegen_cranelift/src/base.rs

@@ -368,6 +368,19 @@ fn codegen_fn_body(fx: &mut FunctionCx<'_, '_, '_>, start_block: Block) {
                             source_info.span,
                         );
                     }
+                    AssertKind::OccupiedNiche { ref found, ref start, ref end } => {
+                        let found = codegen_operand(fx, found).load_scalar(fx);
+                        let start = codegen_operand(fx, start).load_scalar(fx);
+                        let end = codegen_operand(fx, end).load_scalar(fx);
+                        let location = fx.get_caller_location(source_info).load_scalar(fx);
+
+                        codegen_panic_inner(
+                            fx,
+                            rustc_hir::LangItem::PanicOccupiedNiche,
+                            &[found, start, end, location],
+                            source_info.span,
+                        )
+                    }
                     _ => {
                         let msg_str = msg.description();
                         codegen_panic(fx, msg_str, source_info);

compiler/rustc_codegen_ssa/src/common.rs

@@ -2,7 +2,7 @@
 
 use rustc_hir::LangItem;
 use rustc_middle::mir;
-use rustc_middle::ty::{self, layout::TyAndLayout, Ty, TyCtxt};
+use rustc_middle::ty::{self, layout::TyAndLayout, GenericArg, Ty, TyCtxt};
 use rustc_span::Span;
 
 use crate::base;
@@ -120,10 +120,15 @@ pub fn build_langcall<'a, 'tcx, Bx: BuilderMethods<'a, 'tcx>>(
     bx: &Bx,
     span: Option<Span>,
     li: LangItem,
+    generic: Option<GenericArg<'tcx>>,
 ) -> (Bx::FnAbiOfResult, Bx::Value) {
     let tcx = bx.tcx();
     let def_id = tcx.require_lang_item(li, span);
-    let instance = ty::Instance::mono(tcx, def_id);
+    let instance = if let Some(arg) = generic {
+        ty::Instance::new(def_id, tcx.mk_args(&[arg]))
+    } else {
+        ty::Instance::mono(tcx, def_id)
+    };
     (bx.fn_abi_of_instance(instance, ty::List::empty()), bx.get_fn_addr(instance))
 }
 

compiler/rustc_codegen_ssa/src/mir/block.rs

@@ -609,30 +609,40 @@ impl<'a, 'tcx, Bx: BuilderMethods<'a, 'tcx>> FunctionCx<'a, 'tcx, Bx> {
         let location = self.get_caller_location(bx, terminator.source_info).immediate();
 
         // Put together the arguments to the panic entry point.
-        let (lang_item, args) = match msg {
+        let (lang_item, args, generic) = match msg {
             AssertKind::BoundsCheck { ref len, ref index } => {
                 let len = self.codegen_operand(bx, len).immediate();
                 let index = self.codegen_operand(bx, index).immediate();
                 // It's `fn panic_bounds_check(index: usize, len: usize)`,
                 // and `#[track_caller]` adds an implicit third argument.
-                (LangItem::PanicBoundsCheck, vec![index, len, location])
+                (LangItem::PanicBoundsCheck, vec![index, len, location], None)
             }
             AssertKind::MisalignedPointerDereference { ref required, ref found } => {
                 let required = self.codegen_operand(bx, required).immediate();
                 let found = self.codegen_operand(bx, found).immediate();
                 // It's `fn panic_misaligned_pointer_dereference(required: usize, found: usize)`,
                 // and `#[track_caller]` adds an implicit third argument.
-                (LangItem::PanicMisalignedPointerDereference, vec![required, found, location])
+                (LangItem::PanicMisalignedPointerDereference, vec![required, found, location], None)
+            }
+            AssertKind::OccupiedNiche { ref found, ref start, ref end } => {
+                let found = self.codegen_operand(bx, found);
+                let generic_arg = ty::GenericArg::from(found.layout.ty);
+                let found = found.immediate();
+                let start = self.codegen_operand(bx, start).immediate();
+                let end = self.codegen_operand(bx, end).immediate();
+                // It's `fn panic_occupied_niche<T>(found: T, start: T, end: T)`,
+                // and `#[track_caller]` adds an implicit fourth argument.
+                (LangItem::PanicOccupiedNiche, vec![found, start, end, location], Some(generic_arg))
             }
             _ => {
                 let msg = bx.const_str(msg.description());
                 // It's `pub fn panic(expr: &str)`, with the wide reference being passed
                 // as two arguments, and `#[track_caller]` adds an implicit third argument.
-                (LangItem::Panic, vec![msg.0, msg.1, location])
+                (LangItem::Panic, vec![msg.0, msg.1, location], None)
             }
         };
 
-        let (fn_abi, llfn) = common::build_langcall(bx, Some(span), lang_item);
+        let (fn_abi, llfn) = common::build_langcall(bx, Some(span), lang_item, generic);
 
         // Codegen the actual panic invoke/call.
         let merging_succ = helper.do_call(self, bx, fn_abi, llfn, &args, None, unwind, &[], false);
@@ -651,7 +661,7 @@ impl<'a, 'tcx, Bx: BuilderMethods<'a, 'tcx>> FunctionCx<'a, 'tcx, Bx> {
         self.set_debug_loc(bx, terminator.source_info);
 
         // Obtain the panic entry point.
-        let (fn_abi, llfn) = common::build_langcall(bx, Some(span), reason.lang_item());
+        let (fn_abi, llfn) = common::build_langcall(bx, Some(span), reason.lang_item(), None);
 
         // Codegen the actual panic invoke/call.
         let merging_succ = helper.do_call(
@@ -712,8 +722,12 @@ impl<'a, 'tcx, Bx: BuilderMethods<'a, 'tcx>> FunctionCx<'a, 'tcx, Bx> {
                 let msg = bx.const_str(&msg_str);
 
                 // Obtain the panic entry point.
-                let (fn_abi, llfn) =
-                    common::build_langcall(bx, Some(source_info.span), LangItem::PanicNounwind);
+                let (fn_abi, llfn) = common::build_langcall(
+                    bx,
+                    Some(source_info.span),
+                    LangItem::PanicNounwind,
+                    None,
+                );
 
                 // Codegen the actual panic invoke/call.
                 helper.do_call(
@@ -1622,7 +1636,7 @@ impl<'a, 'tcx, Bx: BuilderMethods<'a, 'tcx>> FunctionCx<'a, 'tcx, Bx> {
 
         self.set_debug_loc(&mut bx, mir::SourceInfo::outermost(self.mir.span));
 
-        let (fn_abi, fn_ptr) = common::build_langcall(&bx, None, reason.lang_item());
+        let (fn_abi, fn_ptr) = common::build_langcall(&bx, None, reason.lang_item(), None);
         let fn_ty = bx.fn_decl_backend_type(&fn_abi);
 
         let llret = bx.call(fn_ty, None, Some(&fn_abi), fn_ptr, &[], funclet.as_ref());

compiler/rustc_const_eval/src/const_eval/machine.rs

@@ -542,6 +542,11 @@ impl<'mir, 'tcx> interpret::Machine<'mir, 'tcx> for CompileTimeInterpreter<'mir,
                     found: eval_to_int(found)?,
                 }
             }
+            OccupiedNiche { ref found, ref start, ref end } => OccupiedNiche {
+                found: eval_to_int(found)?,
+                start: eval_to_int(start)?,
+                end: eval_to_int(end)?,
+            },
         };
         Err(ConstEvalErrKind::AssertFailure(err).into())
     }

compiler/rustc_const_eval/src/interpret/cast.rs

@@ -6,6 +6,7 @@ use rustc_middle::mir::interpret::{InterpResult, PointerArithmetic, Scalar};
 use rustc_middle::mir::CastKind;
 use rustc_middle::ty::adjustment::PointerCoercion;
 use rustc_middle::ty::layout::{IntegerExt, LayoutOf, TyAndLayout};
+use rustc_middle::ty::print::with_no_trimmed_paths;
 use rustc_middle::ty::{self, FloatTy, Ty, TypeAndMut};
 use rustc_target::abi::Integer;
 use rustc_type_ir::TyKind::*;
@@ -147,8 +148,8 @@ impl<'mir, 'tcx: 'mir, M: Machine<'mir, 'tcx>> InterpCx<'mir, 'tcx, M> {
                 if src.layout.size != dest.layout.size {
                     let src_bytes = src.layout.size.bytes();
                     let dest_bytes = dest.layout.size.bytes();
-                    let src_ty = format!("{}", src.layout.ty);
-                    let dest_ty = format!("{}", dest.layout.ty);
+                    let src_ty = with_no_trimmed_paths!(format!("{}", src.layout.ty));
+                    let dest_ty = with_no_trimmed_paths!(format!("{}", dest.layout.ty));
                     throw_ub_custom!(
                         fluent::const_eval_invalid_transmute,
                         src_bytes = src_bytes,

compiler/rustc_hir/src/lang_items.rs

@@ -234,6 +234,7 @@ language_item_table! {
     ConstPanicFmt,           sym::const_panic_fmt,     const_panic_fmt,            Target::Fn,             GenericRequirement::None;
     PanicBoundsCheck,        sym::panic_bounds_check,  panic_bounds_check_fn,      Target::Fn,             GenericRequirement::Exact(0);
     PanicMisalignedPointerDereference,        sym::panic_misaligned_pointer_dereference,  panic_misaligned_pointer_dereference_fn,      Target::Fn,             GenericRequirement::Exact(0);
+    PanicOccupiedNiche,      sym::panic_occupied_niche, panic_occupied_niche_fn,   Target::Fn,             GenericRequirement::Exact(1);
     PanicInfo,               sym::panic_info,          panic_info,                 Target::Struct,         GenericRequirement::None;
     PanicLocation,           sym::panic_location,      panic_location,             Target::Struct,         GenericRequirement::None;
     PanicImpl,               sym::panic_impl,          panic_impl,                 Target::Fn,             GenericRequirement::None;

compiler/rustc_middle/messages.ftl

@@ -15,6 +15,9 @@ middle_assert_divide_by_zero =
 middle_assert_misaligned_ptr_deref =
     misaligned pointer dereference: address must be a multiple of {$required} but is {$found}
 
+middle_assert_occupied_niche =
+    occupied niche: {$found} must be in {$start}..={$end}
+
 middle_assert_op_overflow =
     attempt to compute `{$left} {$op} {$right}`, which would overflow
 

compiler/rustc_middle/src/mir/syntax.rs

@@ -886,6 +886,7 @@ pub enum AssertKind<O> {
     ResumedAfterReturn(CoroutineKind),
     ResumedAfterPanic(CoroutineKind),
     MisalignedPointerDereference { required: O, found: O },
+    OccupiedNiche { found: O, start: O, end: O },
 }
 
 #[derive(Clone, Debug, PartialEq, TyEncodable, TyDecodable, Hash, HashStable)]

compiler/rustc_middle/src/mir/terminator.rs

@@ -150,7 +150,7 @@ impl<O> AssertKind<O> {
             ResumedAfterReturn(CoroutineKind::Async(_)) => "`async fn` resumed after completion",
             ResumedAfterPanic(CoroutineKind::Coroutine) => "coroutine resumed after panicking",
             ResumedAfterPanic(CoroutineKind::Async(_)) => "`async fn` resumed after panicking",
-            BoundsCheck { .. } | MisalignedPointerDereference { .. } => {
+            BoundsCheck { .. } | MisalignedPointerDereference { .. } | OccupiedNiche { .. } => {
                 bug!("Unexpected AssertKind")
             }
         }
@@ -213,6 +213,13 @@ impl<O> AssertKind<O> {
                     "\"misaligned pointer dereference: address must be a multiple of {{}} but is {{}}\", {required:?}, {found:?}"
                 )
             }
+            OccupiedNiche { found, start, end } => {
+                write!(
+                    f,
+                    "\"occupied niche: {{}} must be in {{}}..={{}}\", {:?}, {:?}, {:?}",
+                    found, start, end
+                )
+            }
             _ => write!(f, "\"{}\"", self.description()),
         }
     }
@@ -243,8 +250,8 @@ impl<O> AssertKind<O> {
             ResumedAfterPanic(CoroutineKind::Coroutine) => {
                 middle_assert_coroutine_resume_after_panic
             }
-
             MisalignedPointerDereference { .. } => middle_assert_misaligned_ptr_deref,
+            OccupiedNiche { .. } => middle_assert_occupied_niche,
         }
     }
 
@@ -281,6 +288,11 @@ impl<O> AssertKind<O> {
                 add!("required", format!("{required:#?}"));
                 add!("found", format!("{found:#?}"));
             }
+            OccupiedNiche { found, start, end } => {
+                add!("found", format!("{found:?}"));
+                add!("start", format!("{start:?}"));
+                add!("end", format!("{end:?}"));
+            }
         }
     }
 }

compiler/rustc_middle/src/mir/visit.rs

@@ -625,6 +625,11 @@ macro_rules! make_mir_visitor {
                         self.visit_operand(required, location);
                         self.visit_operand(found, location);
                     }
+                    OccupiedNiche { found, start, end } => {
+                        self.visit_operand(found, location);
+                        self.visit_operand(start, location);
+                        self.visit_operand(end, location);
+                    }
                 }
             }