impove integer check

Author: folkertdev

compiler/rustc_const_eval/src/interpret/intrinsics.rs

@@ -57,12 +57,19 @@ pub(crate) enum MinMax {
     MaximumNumberNsz,
 }
 
+/// Whether two types `T` and `U` are compatible when a value of type `T` is passed as a c-variadic
+/// argument and read as a value of type `U`.
 enum VarArgCompatible {
-    Identical,
+    /// `T` and `U` are compatible, e.g.
+    ///
+    /// - They're the same type.
+    /// - One is `usize`/`isize`, the other same-sized fixed-width integer on that target.
+    /// - They are compatible pointer types.
+    Compatible,
+    /// `T` and `U` are definitely not compatible.
     Incompatible,
-    CastSignedToUnsigned(IntTy),
-    CastUnsignedToSigned(UintTy),
-    ValidPtrCast,
+    /// `T` and `U` are corresponding signed and unsigned integer types.
+    CastIntTo { source_is_signed: bool },
 }
 
 /// Directly returns an `Allocation` containing an absolute path representation of the given type.
@@ -781,79 +788,44 @@ impl<'tcx, M: Machine<'tcx>> InterpCx<'tcx, M> {
         arg_mplace: &MPlaceTy<'tcx, M::Provenance>,
         callee_type: TyAndLayout<'tcx>,
     ) -> InterpResult<'tcx> {
+        let callee_ty = callee_type.ty;
+        let caller_ty = arg_mplace.layout.ty;
+
         // Identical types are clearly compatible.
-        if arg_mplace.layout.ty == callee_type.ty {
+        if caller_ty == callee_ty {
             return interp_ok(());
         }
 
         // Types of different sizes can never be compatible.
         if arg_mplace.layout.size != callee_type.size {
             throw_ub_format!(
                 "va_arg type mismatch: requested `{}` is incompatible with next argument of type `{}`",
-                callee_type.ty,
-                arg_mplace.layout.ty,
-            )
-        }
-
-        fn validate_cast<'tcx, T, U>(x: T, target_ty: Ty<'tcx>) -> InterpResult<'tcx>
-        where
-            T: std::fmt::Display + Copy,
-            U: std::fmt::Display + TryFrom<T>,
-        {
-            if U::try_from(x).is_ok() {
-                return interp_ok(());
-            }
-
-            throw_ub_format!(
-                "va_arg value mismatch: value `{x}` cannot be represented by type {target_ty}",
+                callee_ty,
+                caller_ty,
             )
         }
 
-        match self.validate_c_variadic_compatible_ty(arg_mplace.layout.ty, callee_type.ty) {
-            VarArgCompatible::Identical => interp_ok(()),
-            VarArgCompatible::ValidPtrCast => interp_ok(()),
+        match self.validate_c_variadic_compatible_ty(arg_mplace.layout.ty, callee_type.ty)? {
+            VarArgCompatible::Compatible => interp_ok(()),
             VarArgCompatible::Incompatible => throw_ub_format!(
                 "va_arg type mismatch: requested `{}` is incompatible with next argument of type `{}`",
-                callee_type.ty,
-                arg_mplace.layout.ty,
+                callee_ty,
+                caller_ty,
             ),
-            VarArgCompatible::CastSignedToUnsigned(int_ty) => {
+            VarArgCompatible::CastIntTo { source_is_signed } => {
                 // Check that the value can be represented in the target type.
-                let callee_ty = callee_type.ty;
+                let size = arg_mplace.layout.size;
                 let scalar = self.read_scalar(arg_mplace)?;
-                match int_ty {
-                    IntTy::Isize => match self.data_layout().pointer_size().bits() {
-                        16 => validate_cast::<i16, u16>(scalar.to_i16()?, callee_ty)?,
-                        32 => validate_cast::<i32, u32>(scalar.to_i32()?, callee_ty)?,
-                        64 => validate_cast::<i64, u64>(scalar.to_i64()?, callee_ty)?,
-                        _ => unreachable!("unexpected pointer size"),
-                    },
-                    IntTy::I8 => validate_cast::<i8, u8>(scalar.to_i8()?, callee_ty)?,
-                    IntTy::I16 => validate_cast::<i16, u16>(scalar.to_i16()?, callee_ty)?,
-                    IntTy::I32 => validate_cast::<i32, u32>(scalar.to_i32()?, callee_ty)?,
-                    IntTy::I64 => validate_cast::<i64, u64>(scalar.to_i64()?, callee_ty)?,
-                    IntTy::I128 => validate_cast::<i128, u128>(scalar.to_i128()?, callee_ty)?,
-                };
-
-                interp_ok(())
-            }
-            VarArgCompatible::CastUnsignedToSigned(uint_ty) => {
-                // Check that the value can be represented in the target type.
-                let callee_ty = callee_type.ty;
-                let scalar = self.read_scalar(arg_mplace)?;
-                match uint_ty {
-                    UintTy::Usize => match self.data_layout().pointer_size().bits() {
-                        16 => validate_cast::<u16, i16>(scalar.to_u16()?, callee_ty)?,
-                        32 => validate_cast::<u32, i32>(scalar.to_u32()?, callee_ty)?,
-                        64 => validate_cast::<u64, i64>(scalar.to_u64()?, callee_ty)?,
-                        _ => unreachable!("unexpected pointer size"),
-                    },
-                    UintTy::U8 => validate_cast::<u8, i8>(scalar.to_u8()?, callee_ty)?,
-                    UintTy::U16 => validate_cast::<u16, i16>(scalar.to_u16()?, callee_ty)?,
-                    UintTy::U32 => validate_cast::<u32, i32>(scalar.to_u32()?, callee_ty)?,
-                    UintTy::U64 => validate_cast::<u64, i64>(scalar.to_u64()?, callee_ty)?,
-                    UintTy::U128 => validate_cast::<u128, i128>(scalar.to_u128()?, callee_ty)?,
-                };
+                if scalar.to_int(size)? < 0 {
+                    throw_ub_format!(
+                        "va_arg value mismatch: value `{value}_{caller_ty}` cannot be represented by type {callee_ty}",
+                        value = if source_is_signed {
+                            scalar.to_int(size)?.to_string()
+                        } else {
+                            scalar.to_uint(size)?.to_string()
+                        }
+                    )
+                }
 
                 interp_ok(())
             }
@@ -869,47 +841,59 @@ impl<'tcx, M: Machine<'tcx>> InterpCx<'tcx, M> {
     /// - `T` is a signed integer and `U` the corresponding unsigned integer,
     /// - `T` is an unsigned integer and `U` the corresponding signed integer,
     /// - `T` and `U` are both pointers, and their target types are compatible.
-    /// - `T` is a pointer to `c_void` and `U` is a pointer to `i8` or `u8`.
+    /// - `T` is a pointer to `c_void` and `U` is a pointer to `i8` or `u8` (i.e., any "character type").
     /// - `T` is a pointer to `i8` or `u8` and `U` is a pointer to `c_void`.
     fn validate_c_variadic_compatible_ty(
         &mut self,
         caller_type: Ty<'tcx>,
         callee_type: Ty<'tcx>,
-    ) -> VarArgCompatible {
+    ) -> InterpResult<'tcx, VarArgCompatible> {
         if caller_type == callee_type {
-            return VarArgCompatible::Identical;
+            return interp_ok(VarArgCompatible::Compatible);
+        }
+
+        if self.layout_of(caller_type)?.size != self.layout_of(callee_type)?.size {
+            return interp_ok(VarArgCompatible::Incompatible);
         }
 
-        // The signedness of c_char is irrelevant here.
+        // Any character type (`char`, `unsigned char` and `signed char`) is compatible with
+        // `void*`, so the signedness of `c_char` is irrelevant here.
         let is_c_char = |ty: Ty<'_>| matches!(ty.kind(), ty::Uint(UintTy::U8) | ty::Int(IntTy::I8));
 
         match (caller_type.kind(), callee_type.kind()) {
             (ty::RawPtr(caller_target_ty, _), ty::RawPtr(callee_target_ty, _)) => {
-                // Accept the cast if one type is pointer to qualified or unqualified void,
-                // and the other is a pointer to a qualified or unqualified character type.
+                // In C types can be qualified by a combination of `const`, `volatile` and
+                // `restrict`. These properties are irrelevant for the ABI, and don't have an
+                // equivalent in rust.
+
+                // Accept the cast if one type is pointer to void, and the other is a pointer to
+                // a character type (`char`, `unsigned char` and `signed char`).
                 if caller_target_ty.is_c_void(self.tcx.tcx) && is_c_char(*callee_target_ty) {
-                    return VarArgCompatible::ValidPtrCast;
+                    return interp_ok(VarArgCompatible::Compatible);
                 }
                 if callee_target_ty.is_c_void(self.tcx.tcx) && is_c_char(*caller_target_ty) {
-                    return VarArgCompatible::ValidPtrCast;
+                    return interp_ok(VarArgCompatible::Compatible);
                 }
 
-                // Accept the cast if both types are pointers to qualified or unqualified versions
-                // of compatible types.
-                match self.validate_c_variadic_compatible_ty(*caller_target_ty, *callee_target_ty) {
-                    VarArgCompatible::Incompatible => VarArgCompatible::Incompatible,
-                    _ => VarArgCompatible::ValidPtrCast,
+                // Accept the cast if both types are pointers to compatible types.
+                match self
+                    .validate_c_variadic_compatible_ty(*caller_target_ty, *callee_target_ty)?
+                {
+                    VarArgCompatible::Incompatible => interp_ok(VarArgCompatible::Incompatible),
+                    _ => interp_ok(VarArgCompatible::Compatible),
                 }
             }
-            (ty::Int(int_ty), ty::Uint(uint_ty)) => {
-                assert_eq!(int_ty.bit_width(), uint_ty.bit_width());
-                VarArgCompatible::CastSignedToUnsigned(*int_ty)
+            (ty::Int(_), ty::Uint(_)) => {
+                interp_ok(VarArgCompatible::CastIntTo { source_is_signed: true })
+            }
+            (ty::Uint(_), ty::Int(_)) => {
+                interp_ok(VarArgCompatible::CastIntTo { source_is_signed: false })
             }
-            (ty::Uint(uint_ty), ty::Int(int_ty)) => {
-                assert_eq!(uint_ty.bit_width(), int_ty.bit_width());
-                VarArgCompatible::CastUnsignedToSigned(*uint_ty)
+            (ty::Int(_), ty::Int(_)) | (ty::Uint(_), ty::Uint(_)) => {
+                // E.g. cast between `usize` and `u64` on a 64-bit platform.
+                interp_ok(VarArgCompatible::Compatible)
             }
-            _ => VarArgCompatible::Incompatible,
+            _ => interp_ok(VarArgCompatible::Incompatible),
         }
     }
 

library/core/src/ffi/va_list.rs

@@ -406,7 +406,7 @@ impl<'f> VaList<'f> {
     /// - `T` is a pointer to [`i8]` or [`u8`] and `U` is a pointer to [`c_void`].
     ///
     /// When `T` and `U` are both integer types, the value that the caller passes must be
-    /// representable by `U`.
+    /// representable by `T` and `U`.
     ///
     /// [`c_void`]: core::ffi::c_void
     #[inline] // Avoid codegen when not used to help backends that don't support VaList.

tests/ui/consts/const-eval/c-variadic-fail.rs

@@ -51,10 +51,36 @@ unsafe fn read_cast_numeric() {
     const { read_as::<u32>(1i32) };
     const { read_as::<i32>(1u32) };
 
+    type ConcreteUsize = cfg_select! {
+        target_pointer_width = "16" => u16,
+        target_pointer_width = "32" => u32,
+        target_pointer_width = "64" => u64,
+    };
+
+    type ConcreteIsize = cfg_select! {
+        target_pointer_width = "16" => i16,
+        target_pointer_width = "32" => i32,
+        target_pointer_width = "64" => i64,
+    };
+
+    const { read_as::<ConcreteUsize>(1usize) };
+    const { read_as::<usize>(1 as ConcreteUsize) };
+
+    const { read_as::<ConcreteIsize>(-1isize) };
+    const { read_as::<isize>(-1 as ConcreteIsize) };
+
     const { read_as::<u32>(-1i32) };
-    //~^ ERROR va_arg value mismatch: value `-1` cannot be represented by type u32
+    //~^ ERROR va_arg value mismatch: value `-1_i32` cannot be represented by type u32
+    const { read_as::<u32>(i32::MIN) };
+    //~^ ERROR va_arg value mismatch: value `-2147483648_i32` cannot be represented by type u32
     const { read_as::<i32>(u32::MAX) };
-    //~^ ERROR va_arg value mismatch: value `4294967295` cannot be represented by type i32
+    //~^ ERROR va_arg value mismatch: value `4294967295_u32` cannot be represented by type i32
+    const { read_as::<i32>(i32::MAX as u32 + 1) };
+    //~^ ERROR va_arg value mismatch: value `2147483648_u32` cannot be represented by type i32
+    const { read_as::<i64>(u64::MAX) };
+    //~^ ERROR va_arg value mismatch: value `18446744073709551615_u64` cannot be represented by type i64
+    const { read_as::<i64>(i64::MAX as u64 + 1) };
+    //~^ ERROR va_arg value mismatch: value `9223372036854775808_u64` cannot be represented by type i64
 
     const { read_as::<i32>(1u64) };
     //~^ ERROR va_arg type mismatch: requested `i32` is incompatible with next argument of type `u64`
@@ -86,6 +112,8 @@ unsafe fn read_cast_pointer() {
     //~^ ERROR va_arg type mismatch: requested `*const u16` is incompatible with next argument of type `*const c_void`
     const { read_as::<*const c_void>(std::ptr::dangling::<u16>()) };
     //~^ ERROR va_arg type mismatch: requested `*const c_void` is incompatible with next argument of type `*const u16`
+    const { read_as::<*const u16>(std::ptr::dangling::<i32>()) };
+    //~^ ERROR va_arg type mismatch: requested `*const u16` is incompatible with next argument of type `*const i32`
 
     const { read_as::<*const u8>(1usize) };
     //~^ ERROR requested `*const u8` is incompatible with next argument of type `usize`