miri: Shl/Shr should throw UB on too large shift
The LLVM docs for shl say
If op2 is (statically or dynamically) equal to or larger than the number of bits in op1, this instruction returns a poison value.
However, the CTFE/Miri implementation of shl/shr currently just truncates the shift amount. In rustc-generated MIR this can never happen since there always is a check being emitted, but we should still make sure to implement all UB checks for this operation correctly – and the simd_shl intrinsic also exposes direct access to this operation, making it possible to trigger this UB. (I plan to add tests for this.)
I just hope we didn’t miss any other MIR operations which compile ti LLVM arithmetic operations that can produce poison/undef/UB… (we do check for div-by-zero, of course). Cc @rust-lang/wg-llvm
About this issue
- Original URL
- State: closed
- Created 3 years ago
- Comments: 22 (22 by maintainers)
Commits related to this issue
- Rollup merge of #91162 - RalfJung:miri-shift-truncation, r=oli-obk explain why CTFE/Miri perform truncation on shift offset Closes https://github.com/rust-lang/miri/issues/1920 — committed to GuillaumeGomez/rust by GuillaumeGomez 3 years ago
- Rollup merge of #91162 - RalfJung:miri-shift-truncation, r=oli-obk explain why CTFE/Miri perform truncation on shift offset Closes https://github.com/rust-lang/miri/issues/1920 — committed to matthiaskrgr/rust by matthiaskrgr 3 years ago
- Rollup merge of #91162 - RalfJung:miri-shift-truncation, r=oli-obk explain why CTFE/Miri perform truncation on shift offset Closes https://github.com/rust-lang/miri/issues/1920 — committed to matthiaskrgr/rust by matthiaskrgr 3 years ago
- Rollup merge of #91162 - RalfJung:miri-shift-truncation, r=oli-obk explain why CTFE/Miri perform truncation on shift offset Closes https://github.com/rust-lang/miri/issues/1920 — committed to matthiaskrgr/rust by matthiaskrgr 3 years ago
I opened https://github.com/rust-lang/rust/issues/91237 for discussing the inconsistency – this is no longer just a Miri issue.