Auto merge of #66927 - RalfJung:engines-dont-panic, r=oli-obk

bors · bors · commit 5c5c8eb864e5 · 2019-12-07T14:46:30.000Z
Miri core engine: use throw_ub instead of throw_panic See #66902 for context: panicking is not really an "interpreter error", but just part of a normal Rust execution. This is a first step towards removing the `InterpError::Panic` variant: the core Miri engine does not use it any more. ConstProp and ConstEval still use it, though. This will be addressed in future PRs. From what I can tell, all the error messages this removes are actually duplicates. r? @oli-obk @wesleywiser
diff --git a/src/librustc/mir/interpret/error.rs b/src/librustc/mir/interpret/error.rs
@@ -370,6 +370,14 @@ pub enum UndefinedBehaviorInfo {
     Unreachable,
     /// An enum discriminant was set to a value which was outside the range of valid values.
     InvalidDiscriminant(ScalarMaybeUndef),
+    /// A slice/array index projection went out-of-bounds.
+    BoundsCheckFailed { len: u64, index: u64 },
+    /// Something was divided by 0 (x / 0).
+    DivisionByZero,
+    /// Something was "remainded" by 0 (x % 0).
+    RemainderByZero,
+    /// Overflowing inbounds pointer arithmetic.
+    PointerArithOverflow,
 }
 
 impl fmt::Debug for UndefinedBehaviorInfo {
@@ -379,9 +387,18 @@ impl fmt::Debug for UndefinedBehaviorInfo {
             Ub(msg) | UbExperimental(msg) =>
                 write!(f, "{}", msg),
             Unreachable =>
-                write!(f, "entered unreachable code"),
+                write!(f, "entering unreachable code"),
             InvalidDiscriminant(val) =>
-                write!(f, "encountered invalid enum discriminant {}", val),
+                write!(f, "encountering invalid enum discriminant {}", val),
+            BoundsCheckFailed { ref len, ref index } =>
+                write!(f, "indexing out of bounds: the len is {:?} but the index is {:?}",
+                    len, index),
+            DivisionByZero =>
+                write!(f, "dividing by zero"),
+            RemainderByZero =>
+                write!(f, "calculating the remainder with a divisor of zero"),
+            PointerArithOverflow =>
+                write!(f, "overflowing in-bounds pointer arithmetic"),
         }
     }
 }
diff --git a/src/librustc/mir/interpret/pointer.rs b/src/librustc/mir/interpret/pointer.rs
@@ -1,6 +1,5 @@
 use super::{AllocId, InterpResult};
 
-use crate::mir;
 use crate::ty::layout::{self, HasDataLayout, Size};
 
 use rustc_macros::HashStable;
@@ -88,13 +87,13 @@ pub trait PointerArithmetic: layout::HasDataLayout {
     #[inline]
     fn offset<'tcx>(&self, val: u64, i: u64) -> InterpResult<'tcx, u64> {
         let (res, over) = self.overflowing_offset(val, i);
-        if over { throw_panic!(Overflow(mir::BinOp::Add)) } else { Ok(res) }
+        if over { throw_ub!(PointerArithOverflow) } else { Ok(res) }
     }
 
     #[inline]
     fn signed_offset<'tcx>(&self, val: u64, i: i64) -> InterpResult<'tcx, u64> {
         let (res, over) = self.overflowing_signed_offset(val, i128::from(i));
-        if over { throw_panic!(Overflow(mir::BinOp::Add)) } else { Ok(res) }
+        if over { throw_ub!(PointerArithOverflow) } else { Ok(res) }
     }
 }
 
diff --git a/src/librustc_mir/interpret/operator.rs b/src/librustc_mir/interpret/operator.rs
@@ -177,8 +177,8 @@ impl<'mir, 'tcx, M: Machine<'mir, 'tcx>> InterpCx<'mir, 'tcx, M> {
                 return Ok((Scalar::from_bool(op(&l, &r)), false, self.tcx.types.bool));
             }
             let op: Option<fn(i128, i128) -> (i128, bool)> = match bin_op {
-                Div if r == 0 => throw_panic!(DivisionByZero),
-                Rem if r == 0 => throw_panic!(RemainderByZero),
+                Div if r == 0 => throw_ub!(DivisionByZero),
+                Rem if r == 0 => throw_ub!(RemainderByZero),
                 Div => Some(i128::overflowing_div),
                 Rem => Some(i128::overflowing_rem),
                 Add => Some(i128::overflowing_add),
@@ -234,8 +234,8 @@ impl<'mir, 'tcx, M: Machine<'mir, 'tcx>> InterpCx<'mir, 'tcx, M> {
                     Add => u128::overflowing_add,
                     Sub => u128::overflowing_sub,
                     Mul => u128::overflowing_mul,
-                    Div if r == 0 => throw_panic!(DivisionByZero),
-                    Rem if r == 0 => throw_panic!(RemainderByZero),
+                    Div if r == 0 => throw_ub!(DivisionByZero),
+                    Rem if r == 0 => throw_ub!(RemainderByZero),
                     Div => u128::overflowing_div,
                     Rem => u128::overflowing_rem,
                     _ => bug!(),
diff --git a/src/librustc_mir/interpret/place.rs b/src/librustc_mir/interpret/place.rs
@@ -384,10 +384,8 @@ where
             layout::FieldPlacement::Array { stride, .. } => {
                 let len = base.len(self)?;
                 if field >= len {
-                    // This can be violated because the index (field) can be a runtime value
-                    // provided by the user.
-                    debug!("tried to access element {} of array/slice with length {}", field, len);
-                    throw_panic!(BoundsCheck { len, index: field });
+                    // This can only be reached in ConstProp and non-rustc-MIR.
+                    throw_ub!(BoundsCheckFailed { len, index: field });
                 }
                 stride * field
             }
diff --git a/src/test/compile-fail/consts/const-err3.rs b/src/test/compile-fail/consts/const-err3.rs
@@ -14,7 +14,6 @@ fn main() {
     //~^ ERROR const_err
     let _e = [5u8][1];
     //~^ ERROR const_err
-    //~| ERROR this expression will panic at runtime
     black_box(b);
     black_box(c);
     black_box(d);
diff --git a/src/test/ui/consts/array-literal-index-oob.stderr b/src/test/ui/consts/array-literal-index-oob.stderr
@@ -12,7 +12,7 @@ error: reaching this expression at runtime will panic or abort
 LL |     &{[1, 2, 3][4]};
    |     --^^^^^^^^^^^^-
    |       |
-   |       index out of bounds: the len is 3 but the index is 4
+   |       indexing out of bounds: the len is 3 but the index is 4
 
 error: aborting due to 2 previous errors
 
diff --git a/src/test/ui/consts/const-err2.rs b/src/test/ui/consts/const-err2.rs
@@ -23,7 +23,6 @@ fn main() {
     //~^ ERROR const_err
     let _e = [5u8][1];
     //~^ ERROR index out of bounds
-    //~| ERROR this expression will panic at runtime
     black_box(a);
     black_box(b);
     black_box(c);
diff --git a/src/test/ui/consts/const-err2.stderr b/src/test/ui/consts/const-err2.stderr
@@ -34,11 +34,5 @@ error: index out of bounds: the len is 1 but the index is 1
 LL |     let _e = [5u8][1];
    |              ^^^^^^^^
 
-error: this expression will panic at runtime
-  --> $DIR/const-err2.rs:24:14
-   |
-LL |     let _e = [5u8][1];
-   |              ^^^^^^^^ index out of bounds: the len is 1 but the index is 1
-
-error: aborting due to 6 previous errors
+error: aborting due to 5 previous errors
 
diff --git a/src/test/ui/consts/const-err3.rs b/src/test/ui/consts/const-err3.rs
@@ -23,7 +23,6 @@ fn main() {
     //~^ ERROR const_err
     let _e = [5u8][1];
     //~^ ERROR const_err
-    //~| ERROR this expression will panic at runtime
     black_box(a);
     black_box(b);
     black_box(c);
diff --git a/src/test/ui/consts/const-err3.stderr b/src/test/ui/consts/const-err3.stderr
@@ -34,11 +34,5 @@ error: index out of bounds: the len is 1 but the index is 1
 LL |     let _e = [5u8][1];
    |              ^^^^^^^^
 
-error: this expression will panic at runtime
-  --> $DIR/const-err3.rs:24:14
-   |
-LL |     let _e = [5u8][1];
-   |              ^^^^^^^^ index out of bounds: the len is 1 but the index is 1
-
-error: aborting due to 6 previous errors
+error: aborting due to 5 previous errors
 
diff --git a/src/test/ui/consts/const-eval/promoted_errors.rs b/src/test/ui/consts/const-eval/promoted_errors.rs
@@ -8,14 +8,12 @@ fn main() {
     //~^ ERROR const_err
     println!("{}", 1/(1-1));
     //~^ ERROR attempt to divide by zero [const_err]
-    //~| ERROR reaching this expression at runtime will panic or abort [const_err]
+    //~| ERROR const_err
     let _x = 1/(1-1);
     //~^ ERROR const_err
-    //~| ERROR const_err
     println!("{}", 1/(false as u32));
     //~^ ERROR attempt to divide by zero [const_err]
-    //~| ERROR reaching this expression at runtime will panic or abort [const_err]
+    //~| ERROR const_err
     let _x = 1/(false as u32);
     //~^ ERROR const_err
-    //~| ERROR const_err
 }
diff --git a/src/test/ui/consts/const-eval/promoted_errors.stderr b/src/test/ui/consts/const-eval/promoted_errors.stderr
@@ -20,43 +20,31 @@ error: reaching this expression at runtime will panic or abort
   --> $DIR/promoted_errors.rs:9:20
    |
 LL |     println!("{}", 1/(1-1));
-   |                    ^^^^^^^ attempt to divide by zero
+   |                    ^^^^^^^ dividing by zero
 
 error: attempt to divide by zero
   --> $DIR/promoted_errors.rs:12:14
    |
 LL |     let _x = 1/(1-1);
    |              ^^^^^^^
 
-error: this expression will panic at runtime
-  --> $DIR/promoted_errors.rs:12:14
-   |
-LL |     let _x = 1/(1-1);
-   |              ^^^^^^^ attempt to divide by zero
-
 error: attempt to divide by zero
-  --> $DIR/promoted_errors.rs:15:20
+  --> $DIR/promoted_errors.rs:14:20
    |
 LL |     println!("{}", 1/(false as u32));
    |                    ^^^^^^^^^^^^^^^^
 
 error: reaching this expression at runtime will panic or abort
-  --> $DIR/promoted_errors.rs:15:20
+  --> $DIR/promoted_errors.rs:14:20
    |
 LL |     println!("{}", 1/(false as u32));
-   |                    ^^^^^^^^^^^^^^^^ attempt to divide by zero
+   |                    ^^^^^^^^^^^^^^^^ dividing by zero
 
 error: attempt to divide by zero
-  --> $DIR/promoted_errors.rs:18:14
+  --> $DIR/promoted_errors.rs:17:14
    |
 LL |     let _x = 1/(false as u32);
    |              ^^^^^^^^^^^^^^^^
 
-error: this expression will panic at runtime
-  --> $DIR/promoted_errors.rs:18:14
-   |
-LL |     let _x = 1/(false as u32);
-   |              ^^^^^^^^^^^^^^^^ attempt to divide by zero
-
-error: aborting due to 9 previous errors
+error: aborting due to 7 previous errors
 
diff --git a/src/test/ui/consts/const-eval/promoted_errors2.rs b/src/test/ui/consts/const-eval/promoted_errors2.rs
@@ -9,14 +9,12 @@ fn main() {
     //~^ ERROR attempt to subtract with overflow
     println!("{}", 1/(1-1));
     //~^ ERROR attempt to divide by zero [const_err]
-    //~| ERROR reaching this expression at runtime will panic or abort [const_err]
+    //~| ERROR const_err
     let _x = 1/(1-1);
     //~^ ERROR const_err
-    //~| ERROR const_err
     println!("{}", 1/(false as u32));
     //~^ ERROR attempt to divide by zero [const_err]
-    //~| ERROR reaching this expression at runtime will panic or abort [const_err]
+    //~| ERROR const_err
     let _x = 1/(false as u32);
     //~^ ERROR const_err
-    //~| ERROR const_err
 }
diff --git a/src/test/ui/consts/const-eval/promoted_errors2.stderr b/src/test/ui/consts/const-eval/promoted_errors2.stderr
@@ -26,43 +26,31 @@ error: reaching this expression at runtime will panic or abort
   --> $DIR/promoted_errors2.rs:10:20
    |
 LL |     println!("{}", 1/(1-1));
-   |                    ^^^^^^^ attempt to divide by zero
+   |                    ^^^^^^^ dividing by zero
 
 error: attempt to divide by zero
   --> $DIR/promoted_errors2.rs:13:14
    |
 LL |     let _x = 1/(1-1);
    |              ^^^^^^^
 
-error: this expression will panic at runtime
-  --> $DIR/promoted_errors2.rs:13:14
-   |
-LL |     let _x = 1/(1-1);
-   |              ^^^^^^^ attempt to divide by zero
-
 error: attempt to divide by zero
-  --> $DIR/promoted_errors2.rs:16:20
+  --> $DIR/promoted_errors2.rs:15:20
    |
 LL |     println!("{}", 1/(false as u32));
    |                    ^^^^^^^^^^^^^^^^
 
 error: reaching this expression at runtime will panic or abort
-  --> $DIR/promoted_errors2.rs:16:20
+  --> $DIR/promoted_errors2.rs:15:20
    |
 LL |     println!("{}", 1/(false as u32));
-   |                    ^^^^^^^^^^^^^^^^ attempt to divide by zero
+   |                    ^^^^^^^^^^^^^^^^ dividing by zero
 
 error: attempt to divide by zero
-  --> $DIR/promoted_errors2.rs:19:14
+  --> $DIR/promoted_errors2.rs:18:14
    |
 LL |     let _x = 1/(false as u32);
    |              ^^^^^^^^^^^^^^^^
 
-error: this expression will panic at runtime
-  --> $DIR/promoted_errors2.rs:19:14
-   |
-LL |     let _x = 1/(false as u32);
-   |              ^^^^^^^^^^^^^^^^ attempt to divide by zero
-
-error: aborting due to 10 previous errors
+error: aborting due to 8 previous errors
 
diff --git a/src/test/ui/consts/const-prop-ice.rs b/src/test/ui/consts/const-prop-ice.rs
@@ -1,4 +1,3 @@
 fn main() {
     [0; 3][3u64 as usize]; //~ ERROR the len is 3 but the index is 3
-    //~| ERROR this expression will panic at runtime
 }
diff --git a/src/test/ui/consts/const-prop-ice.stderr b/src/test/ui/consts/const-prop-ice.stderr
@@ -6,11 +6,5 @@ LL |     [0; 3][3u64 as usize];
    |
    = note: `#[deny(const_err)]` on by default
 
-error: this expression will panic at runtime
-  --> $DIR/const-prop-ice.rs:2:5
-   |
-LL |     [0; 3][3u64 as usize];
-   |     ^^^^^^^^^^^^^^^^^^^^^ index out of bounds: the len is 3 but the index is 3
-
-error: aborting due to 2 previous errors
+error: aborting due to previous error
 
diff --git a/src/test/ui/issues/issue-54348.rs b/src/test/ui/issues/issue-54348.rs
@@ -1,7 +1,5 @@
 fn main() {
     [1][0u64 as usize];
     [1][1.5 as usize]; //~ ERROR index out of bounds
-    //~| ERROR this expression will panic at runtime
     [1][1u64 as usize]; //~ ERROR index out of bounds
-    //~| ERROR this expression will panic at runtime
 }
diff --git a/src/test/ui/issues/issue-54348.stderr b/src/test/ui/issues/issue-54348.stderr
@@ -6,23 +6,11 @@ LL |     [1][1.5 as usize];
    |
    = note: `#[deny(const_err)]` on by default
 
-error: this expression will panic at runtime
-  --> $DIR/issue-54348.rs:3:5
-   |
-LL |     [1][1.5 as usize];
-   |     ^^^^^^^^^^^^^^^^^ index out of bounds: the len is 1 but the index is 1
-
 error: index out of bounds: the len is 1 but the index is 1
-  --> $DIR/issue-54348.rs:5:5
+  --> $DIR/issue-54348.rs:4:5
    |
 LL |     [1][1u64 as usize];
    |     ^^^^^^^^^^^^^^^^^^
 
-error: this expression will panic at runtime
-  --> $DIR/issue-54348.rs:5:5
-   |
-LL |     [1][1u64 as usize];
-   |     ^^^^^^^^^^^^^^^^^^ index out of bounds: the len is 1 but the index is 1
-
-error: aborting due to 4 previous errors
+error: aborting due to 2 previous errors
 
diff --git a/src/test/ui/issues/issue-8460-const.rs b/src/test/ui/issues/issue-8460-const.rs
@@ -23,19 +23,14 @@ fn main() {
     //~| ERROR this expression will panic at runtime
     assert!(thread::spawn(move|| { 1isize / 0; }).join().is_err());
     //~^ ERROR attempt to divide by zero
-    //~| ERROR this expression will panic at runtime
     assert!(thread::spawn(move|| { 1i8 / 0; }).join().is_err());
     //~^ ERROR attempt to divide by zero
-    //~| ERROR this expression will panic at runtime
     assert!(thread::spawn(move|| { 1i16 / 0; }).join().is_err());
     //~^ ERROR attempt to divide by zero
-    //~| ERROR this expression will panic at runtime
     assert!(thread::spawn(move|| { 1i32 / 0; }).join().is_err());
     //~^ ERROR attempt to divide by zero
-    //~| ERROR this expression will panic at runtime
     assert!(thread::spawn(move|| { 1i64 / 0; }).join().is_err());
     //~^ ERROR attempt to divide by zero
-    //~| ERROR this expression will panic at runtime
     assert!(thread::spawn(move|| { isize::MIN % -1; }).join().is_err());
     //~^ ERROR attempt to calculate the remainder with overflow
     //~| ERROR this expression will panic at runtime
@@ -53,17 +48,12 @@ fn main() {
     //~| ERROR this expression will panic at runtime
     assert!(thread::spawn(move|| { 1isize % 0; }).join().is_err());
     //~^ ERROR attempt to calculate the remainder with a divisor of zero
-    //~| ERROR this expression will panic at runtime
     assert!(thread::spawn(move|| { 1i8 % 0; }).join().is_err());
     //~^ ERROR attempt to calculate the remainder with a divisor of zero
-    //~| ERROR this expression will panic at runtime
     assert!(thread::spawn(move|| { 1i16 % 0; }).join().is_err());
     //~^ ERROR attempt to calculate the remainder with a divisor of zero
-    //~| ERROR this expression will panic at runtime
     assert!(thread::spawn(move|| { 1i32 % 0; }).join().is_err());
     //~^ ERROR attempt to calculate the remainder with a divisor of zero
-    //~| ERROR this expression will panic at runtime
     assert!(thread::spawn(move|| { 1i64 % 0; }).join().is_err());
     //~^ ERROR attempt to calculate the remainder with a divisor of zero
-    //~| ERROR this expression will panic at runtime
 }
diff --git a/src/test/ui/issues/issue-8460-const.stderr b/src/test/ui/issues/issue-8460-const.stderr
diff --git a/src/test/ui/issues/issue-8460-const2.rs b/src/test/ui/issues/issue-8460-const2.rs
diff --git a/src/test/ui/issues/issue-8460-const2.stderr b/src/test/ui/issues/issue-8460-const2.stderr

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,5 @@`
`1`	`1`	`use super::{AllocId, InterpResult};`
`2`	`2`
`3`		`-use crate::mir;`
`4`	`3`	`use crate::ty::layout::{self, HasDataLayout, Size};`
`5`	`4`
`6`	`5`	`use rustc_macros::HashStable;`
`@@ -88,13 +87,13 @@ pub trait PointerArithmetic: layout::HasDataLayout {`
`88`	`87`	`#[inline]`
`89`	`88`	`fn offset<'tcx>(&self, val: u64, i: u64) -> InterpResult<'tcx, u64> {`
`90`	`89`	`let (res, over) = self.overflowing_offset(val, i);`
`91`		`- if over { throw_panic!(Overflow(mir::BinOp::Add)) } else { Ok(res) }`
	`90`	`+ if over { throw_ub!(PointerArithOverflow) } else { Ok(res) }`
`92`	`91`	`}`
`93`	`92`
`94`	`93`	`#[inline]`
`95`	`94`	`fn signed_offset<'tcx>(&self, val: u64, i: i64) -> InterpResult<'tcx, u64> {`
`96`	`95`	`let (res, over) = self.overflowing_signed_offset(val, i128::from(i));`
`97`		`- if over { throw_panic!(Overflow(mir::BinOp::Add)) } else { Ok(res) }`
	`96`	`+ if over { throw_ub!(PointerArithOverflow) } else { Ok(res) }`
`98`	`97`	`}`
`99`	`98`	`}`
`100`	`99`
Original file line number	Diff line number	Diff line change
`@@ -384,10 +384,8 @@ where`
`384`	`384`	`layout::FieldPlacement::Array { stride, .. } => {`
`385`	`385`	`let len = base.len(self)?;`
`386`	`386`	`if field >= len {`
`387`		`- // This can be violated because the index (field) can be a runtime value`
`388`		`- // provided by the user.`
`389`		`- debug!("tried to access element {} of array/slice with length {}", field, len);`
`390`		`- throw_panic!(BoundsCheck { len, index: field });`
	`387`	`+ // This can only be reached in ConstProp and non-rustc-MIR.`
	`388`	`+ throw_ub!(BoundsCheckFailed { len, index: field });`
`391`	`389`	`}`
`392`	`390`	`stride * field`
`393`	`391`	`}`
Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,3 @@`
`1`	`1`	`fn main() {`
`2`	`2`	`[0; 3][3u64 as usize]; //~ ERROR the len is 3 but the index is 3`
`3`		`- //~\| ERROR this expression will panic at runtime`
`4`	`3`	`}`
Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,5 @@`
`1`	`1`	`fn main() {`
`2`	`2`	`[1][0u64 as usize];`
`3`	`3`	`[1][1.5 as usize]; //~ ERROR index out of bounds`
`4`		`- //~\| ERROR this expression will panic at runtime`
`5`	`4`	`[1][1u64 as usize]; //~ ERROR index out of bounds`
`6`		`- //~\| ERROR this expression will panic at runtime`
`7`	`5`	`}`