Auto merge of #67260 - TheSamsa:const-limit, r=oli-obk

bors · bors · commit 96bb8b31c81d · 2020-03-05T17:46:58.000Z
const limit for CTFE I tried to tackle the first steps for this issue. The active feature flag does link to the issue below, I think this has to change, because there should be a tracking issue? https://github.com/TheSamsa/rust/blob/1679a7647da0de672bac26b716db82d16f3896a8/src/librustc_feature/active.rs#L530 Also, I only put up the storage of the limit like "recursion_limit" but created a seperate file in the same place. Since I guess the invocation happens seperately. https://github.com/TheSamsa/rust/blob/const-limit/src/librustc/middle/const_limit.rs If this does not hold up for the issue and since there is a time pressure, just reject it. hopefully this does not put more load on you than I expected...
diff --git a/src/doc/unstable-book/src/language-features/const-eval-limit.md b/src/doc/unstable-book/src/language-features/const-eval-limit.md
@@ -0,0 +1,7 @@
+# `const_eval_limit`
+
+The tracking issue for this feature is: [#67217]
+
+[#67217]: https://github.com/rust-lang/rust/issues/67217
+
+The `const_eval_limit` allows someone to limit the evaluation steps the CTFE undertakes to evaluate a `const fn`.
diff --git a/src/librustc/middle/limits.rs b/src/librustc/middle/limits.rs
@@ -1,9 +1,9 @@
-// Recursion limit.
-//
-// There are various parts of the compiler that must impose arbitrary limits
-// on how deeply they recurse to prevent stack overflow. Users can override
-// this via an attribute on the crate like `#![recursion_limit="22"]`. This pass
-// just peeks and looks for that attribute.
+//! Registering limits, recursion_limit, type_length_limit and const_eval_limit
+//!
+//! There are various parts of the compiler that must impose arbitrary limits
+//! on how deeply they recurse to prevent stack overflow. Users can override
+//! this via an attribute on the crate like `#![recursion_limit="22"]`. This pass
+//! just peeks and looks for that attribute.
 
 use crate::session::Session;
 use core::num::IntErrorKind;
@@ -16,6 +16,7 @@ use rustc_data_structures::sync::Once;
 pub fn update_limits(sess: &Session, krate: &ast::Crate) {
     update_limit(sess, krate, &sess.recursion_limit, sym::recursion_limit, 128);
     update_limit(sess, krate, &sess.type_length_limit, sym::type_length_limit, 1048576);
+    update_limit(sess, krate, &sess.const_eval_limit, sym::const_eval_limit, 1_000_000);
 }
 
 fn update_limit(
@@ -37,10 +38,8 @@ fn update_limit(
                     return;
                 }
                 Err(e) => {
-                    let mut err = sess.struct_span_err(
-                        attr.span,
-                        "`recursion_limit` must be a non-negative integer",
-                    );
+                    let mut err =
+                        sess.struct_span_err(attr.span, "`limit` must be a non-negative integer");
 
                     let value_span = attr
                         .meta()
@@ -49,11 +48,11 @@ fn update_limit(
                         .unwrap_or(attr.span);
 
                     let error_str = match e.kind() {
-                        IntErrorKind::Overflow => "`recursion_limit` is too large",
-                        IntErrorKind::Empty => "`recursion_limit` must be a non-negative integer",
+                        IntErrorKind::Overflow => "`limit` is too large",
+                        IntErrorKind::Empty => "`limit` must be a non-negative integer",
                         IntErrorKind::InvalidDigit => "not a valid integer",
-                        IntErrorKind::Underflow => bug!("`recursion_limit` should never underflow"),
-                        IntErrorKind::Zero => bug!("zero is a valid `recursion_limit`"),
+                        IntErrorKind::Underflow => bug!("`limit` should never underflow"),
+                        IntErrorKind::Zero => bug!("zero is a valid `limit`"),
                         kind => bug!("unimplemented IntErrorKind variant: {:?}", kind),
                     };
 
diff --git a/src/librustc/middle/mod.rs b/src/librustc/middle/mod.rs
@@ -28,8 +28,8 @@ pub mod lib_features {
         }
     }
 }
+pub mod limits;
 pub mod privacy;
-pub mod recursion_limit;
 pub mod region;
 pub mod resolve_lifetime;
 pub mod stability;
diff --git a/src/librustc_feature/active.rs b/src/librustc_feature/active.rs
@@ -552,6 +552,9 @@ declare_features! (
     /// Allows the use of `no_sanitize` attribute.
     (active, no_sanitize, "1.42.0", Some(39699), None),
 
+    // Allows limiting the evaluation steps of const expressions
+    (active, const_eval_limit, "1.43.0", Some(67217), None),
+
     // -------------------------------------------------------------------------
     // feature-group-end: actual feature gates
     // -------------------------------------------------------------------------
diff --git a/src/librustc_feature/builtin_attrs.rs b/src/librustc_feature/builtin_attrs.rs
@@ -239,6 +239,10 @@ pub const BUILTIN_ATTRIBUTES: &[BuiltinAttribute] = &[
     // Limits:
     ungated!(recursion_limit, CrateLevel, template!(NameValueStr: "N")),
     ungated!(type_length_limit, CrateLevel, template!(NameValueStr: "N")),
+    gated!(
+        const_eval_limit, CrateLevel, template!(NameValueStr: "N"), const_eval_limit,
+        experimental!(const_eval_limit)
+    ),
 
     // Entry point:
     ungated!(main, Normal, template!(Word)),
diff --git a/src/librustc_interface/passes.rs b/src/librustc_interface/passes.rs
@@ -189,7 +189,7 @@ pub fn register_plugins<'a>(
     }
 
     sess.time("recursion_limit", || {
-        middle::recursion_limit::update_limits(sess, &krate);
+        middle::limits::update_limits(sess, &krate);
     });
 
     let mut lint_store = rustc_lint::new_lint_store(
diff --git a/src/librustc_mir/const_eval/eval_queries.rs b/src/librustc_mir/const_eval/eval_queries.rs
@@ -89,7 +89,7 @@ pub(super) fn mk_eval_cx<'mir, 'tcx>(
     InterpCx::new(
         tcx.at(span),
         param_env,
-        CompileTimeInterpreter::new(),
+        CompileTimeInterpreter::new(*tcx.sess.const_eval_limit.get()),
         MemoryExtra { can_access_statics },
     )
 }
@@ -297,7 +297,7 @@ pub fn const_eval_raw_provider<'tcx>(
     let mut ecx = InterpCx::new(
         tcx.at(span),
         key.param_env,
-        CompileTimeInterpreter::new(),
+        CompileTimeInterpreter::new(*tcx.sess.const_eval_limit.get()),
         MemoryExtra { can_access_statics: is_static },
     );
 
diff --git a/src/librustc_mir/const_eval/machine.rs b/src/librustc_mir/const_eval/machine.rs
@@ -3,6 +3,7 @@ use rustc::ty::layout::HasTyCtxt;
 use rustc::ty::{self, Ty};
 use std::borrow::{Borrow, Cow};
 use std::collections::hash_map::Entry;
+use std::convert::TryFrom;
 use std::hash::Hash;
 
 use rustc_data_structures::fx::FxHashMap;
@@ -85,9 +86,6 @@ impl<'mir, 'tcx> InterpCx<'mir, 'tcx, CompileTimeInterpreter<'mir, 'tcx>> {
     }
 }
 
-/// Number of steps until the detector even starts doing anything.
-/// Also, a warning is shown to the user when this number is reached.
-const STEPS_UNTIL_DETECTOR_ENABLED: isize = 1_000_000;
 /// The number of steps between loop detector snapshots.
 /// Should be a power of two for performance reasons.
 const DETECTOR_SNAPSHOT_PERIOD: isize = 256;
@@ -100,6 +98,8 @@ pub struct CompileTimeInterpreter<'mir, 'tcx> {
     /// detector period.
     pub(super) steps_since_detector_enabled: isize,
 
+    pub(super) is_detector_enabled: bool,
+
     /// Extra state to detect loops.
     pub(super) loop_detector: snapshot::InfiniteLoopDetector<'mir, 'tcx>,
 }
@@ -111,10 +111,14 @@ pub struct MemoryExtra {
 }
 
 impl<'mir, 'tcx> CompileTimeInterpreter<'mir, 'tcx> {
-    pub(super) fn new() -> Self {
+    pub(super) fn new(const_eval_limit: usize) -> Self {
+        let steps_until_detector_enabled =
+            isize::try_from(const_eval_limit).unwrap_or(std::isize::MAX);
+
         CompileTimeInterpreter {
             loop_detector: Default::default(),
-            steps_since_detector_enabled: -STEPS_UNTIL_DETECTOR_ENABLED,
+            steps_since_detector_enabled: -steps_until_detector_enabled,
+            is_detector_enabled: const_eval_limit != 0,
         }
     }
 }
@@ -343,6 +347,10 @@ impl<'mir, 'tcx> interpret::Machine<'mir, 'tcx> for CompileTimeInterpreter<'mir,
     }
 
     fn before_terminator(ecx: &mut InterpCx<'mir, 'tcx, Self>) -> InterpResult<'tcx> {
+        if !ecx.machine.is_detector_enabled {
+            return Ok(());
+        }
+
         {
             let steps = &mut ecx.machine.steps_since_detector_enabled;
 
diff --git a/src/librustc_session/session.rs b/src/librustc_session/session.rs
@@ -88,6 +88,9 @@ pub struct Session {
     /// The maximum length of types during monomorphization.
     pub type_length_limit: Once<usize>,
 
+    /// The maximum blocks a const expression can evaluate.
+    pub const_eval_limit: Once<usize>,
+
     /// Map from imported macro spans (which consist of
     /// the localized span for the macro body) to the
     /// macro name and definition span in the source crate.
@@ -1053,6 +1056,7 @@ fn build_session_(
         features: Once::new(),
         recursion_limit: Once::new(),
         type_length_limit: Once::new(),
+        const_eval_limit: Once::new(),
         imported_macro_spans: OneThread::new(RefCell::new(FxHashMap::default())),
         incr_comp_session: OneThread::new(RefCell::new(IncrCompSession::NotInitialized)),
         cgu_reuse_tracker,
diff --git a/src/librustc_span/symbol.rs b/src/librustc_span/symbol.rs
@@ -208,6 +208,7 @@ symbols! {
         console,
         const_compare_raw_pointers,
         const_constructor,
+        const_eval_limit,
         const_extern_fn,
         const_fn,
         const_fn_union,
diff --git a/src/test/ui/consts/const_limit/const_eval_limit_not_reached.rs b/src/test/ui/consts/const_limit/const_eval_limit_not_reached.rs
@@ -0,0 +1,15 @@
+// check-pass
+#![feature(const_eval_limit)]
+#![const_eval_limit="1000"]
+
+const CONSTANT: usize = limit();
+
+fn main() {
+    assert_eq!(CONSTANT, 1764);
+}
+
+const fn limit() -> usize {
+    let x = 42;
+
+    x * 42
+}
diff --git a/src/test/ui/consts/const_limit/const_eval_limit_overflow.rs b/src/test/ui/consts/const_limit/const_eval_limit_overflow.rs
@@ -0,0 +1,15 @@
+#![feature(const_eval_limit)]
+#![const_eval_limit="18_446_744_073_709_551_615"]
+//~^ ERROR `limit` must be a non-negative integer
+
+const CONSTANT: usize = limit();
+
+fn main() {
+    assert_eq!(CONSTANT, 1764);
+}
+
+const fn limit() -> usize {
+    let x = 42;
+
+    x * 42
+}
diff --git a/src/test/ui/consts/const_limit/const_eval_limit_overflow.stderr b/src/test/ui/consts/const_limit/const_eval_limit_overflow.stderr
@@ -0,0 +1,10 @@
+error: `limit` must be a non-negative integer
+  --> $DIR/const_eval_limit_overflow.rs:2:1
+   |
+LL | #![const_eval_limit="18_446_744_073_709_551_615"]
+   | ^^^^^^^^^^^^^^^^^^^^----------------------------^
+   |                     |
+   |                     not a valid integer
+
+error: aborting due to previous error
+
diff --git a/src/test/ui/consts/const_limit/const_eval_limit_reached.rs b/src/test/ui/consts/const_limit/const_eval_limit_reached.rs
@@ -0,0 +1,21 @@
+// ignore-tidy-linelength
+// only-x86_64
+// check-pass
+// NOTE: We always compile this test with -Copt-level=0 because higher opt-levels
+//       optimize away the const function
+// compile-flags:-Copt-level=0
+#![feature(const_eval_limit)]
+#![const_eval_limit="2"]
+
+const CONSTANT: usize = limit();
+//~^ WARNING Constant evaluating a complex constant, this might take some time
+
+fn main() {
+    assert_eq!(CONSTANT, 1764);
+}
+
+const fn limit() -> usize { //~ WARNING Constant evaluating a complex constant, this might take some time
+    let x = 42;
+
+    x * 42
+}
diff --git a/src/test/ui/consts/const_limit/const_eval_limit_reached.stderr b/src/test/ui/consts/const_limit/const_eval_limit_reached.stderr
@@ -0,0 +1,16 @@
+warning: Constant evaluating a complex constant, this might take some time
+  --> $DIR/const_eval_limit_reached.rs:17:1
+   |
+LL | / const fn limit() -> usize {
+LL | |     let x = 42;
+LL | |
+LL | |     x * 42
+LL | | }
+   | |_^
+
+warning: Constant evaluating a complex constant, this might take some time
+  --> $DIR/const_eval_limit_reached.rs:10:1
+   |
+LL | const CONSTANT: usize = limit();
+   | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
diff --git a/src/test/ui/consts/const_limit/feature-gate-const_eval_limit.rs b/src/test/ui/consts/const_limit/feature-gate-const_eval_limit.rs
@@ -0,0 +1,14 @@
+#![const_eval_limit="42"]
+//~^ ERROR the `#[const_eval_limit]` attribute is an experimental feature [E0658]
+
+const CONSTANT: usize = limit();
+
+fn main() {
+    assert_eq!(CONSTANT, 1764);
+}
+
+const fn limit() -> usize {
+    let x = 42;
+
+    x * 42
+}
diff --git a/src/test/ui/consts/const_limit/feature-gate-const_eval_limit.stderr b/src/test/ui/consts/const_limit/feature-gate-const_eval_limit.stderr
@@ -0,0 +1,12 @@
+error[E0658]: the `#[const_eval_limit]` attribute is an experimental feature
+  --> $DIR/feature-gate-const_eval_limit.rs:1:1
+   |
+LL | #![const_eval_limit="42"]
+   | ^^^^^^^^^^^^^^^^^^^^^^^^^
+   |
+   = note: see issue #67217 <https://github.com/rust-lang/rust/issues/67217> for more information
+   = help: add `#![feature(const_eval_limit)]` to the crate attributes to enable
+
+error: aborting due to previous error
+
+For more information about this error, try `rustc --explain E0658`.
diff --git a/src/test/ui/recursion_limit/empty.rs b/src/test/ui/recursion_limit/empty.rs
@@ -1,6 +1,6 @@
 // Test the parse error for an empty recursion_limit
 
-#![recursion_limit = ""] //~ ERROR `recursion_limit` must be a non-negative integer
-                         //~| `recursion_limit` must be a non-negative integer
+#![recursion_limit = ""] //~ ERROR `limit` must be a non-negative integer
+                         //~| `limit` must be a non-negative integer
 
 fn main() {}
diff --git a/src/test/ui/recursion_limit/empty.stderr b/src/test/ui/recursion_limit/empty.stderr
@@ -1,10 +1,10 @@
-error: `recursion_limit` must be a non-negative integer
+error: `limit` must be a non-negative integer
   --> $DIR/empty.rs:3:1
    |
 LL | #![recursion_limit = ""]
    | ^^^^^^^^^^^^^^^^^^^^^--^
    |                      |
-   |                      `recursion_limit` must be a non-negative integer
+   |                      `limit` must be a non-negative integer
 
 error: aborting due to previous error
 
diff --git a/src/test/ui/recursion_limit/invalid_digit.rs b/src/test/ui/recursion_limit/invalid_digit.rs
@@ -1,6 +1,6 @@
 // Test the parse error for an invalid digit in recursion_limit
 
-#![recursion_limit = "-100"] //~ ERROR `recursion_limit` must be a non-negative integer
+#![recursion_limit = "-100"] //~ ERROR `limit` must be a non-negative integer
                              //~| not a valid integer
 
 fn main() {}
diff --git a/src/test/ui/recursion_limit/invalid_digit.stderr b/src/test/ui/recursion_limit/invalid_digit.stderr
@@ -1,4 +1,4 @@
-error: `recursion_limit` must be a non-negative integer
+error: `limit` must be a non-negative integer
   --> $DIR/invalid_digit.rs:3:1
    |
 LL | #![recursion_limit = "-100"]
diff --git a/src/test/ui/recursion_limit/overflow.rs b/src/test/ui/recursion_limit/overflow.rs
@@ -1,7 +1,7 @@
 // Test the parse error for an overflowing recursion_limit
 
 #![recursion_limit = "999999999999999999999999"]
-//~^ ERROR `recursion_limit` must be a non-negative integer
-//~| `recursion_limit` is too large
+//~^ ERROR `limit` must be a non-negative integer
+//~| `limit` is too large
 
 fn main() {}
diff --git a/src/test/ui/recursion_limit/overflow.stderr b/src/test/ui/recursion_limit/overflow.stderr
@@ -1,10 +1,10 @@
-error: `recursion_limit` must be a non-negative integer
+error: `limit` must be a non-negative integer
   --> $DIR/overflow.rs:3:1
    |
 LL | #![recursion_limit = "999999999999999999999999"]
    | ^^^^^^^^^^^^^^^^^^^^^--------------------------^
    |                      |
-   |                      `recursion_limit` is too large
+   |                      `limit` is too large
 
 error: aborting due to previous error
 
diff --git a/src/test/ui/recursion_limit/zero.rs b/src/test/ui/recursion_limit/zero.rs
@@ -1,4 +1,4 @@
-// Test that a `recursion_limit` of 0 is valid
+// Test that a `limit` of 0 is valid
 
 #![recursion_limit = "0"]
 

Original file line number	Diff line number	Diff line change
`@@ -28,8 +28,8 @@ pub mod lib_features {`
`28`	`28`	`}`
`29`	`29`	`}`
`30`	`30`	`}`
	`31`	`+pub mod limits;`
`31`	`32`	`pub mod privacy;`
`32`		`-pub mod recursion_limit;`
`33`	`33`	`pub mod region;`
`34`	`34`	`pub mod resolve_lifetime;`
`35`	`35`	`pub mod stability;`
Original file line number	Diff line number	Diff line change
`@@ -189,7 +189,7 @@ pub fn register_plugins<'a>(`
`189`	`189`	`}`
`190`	`190`
`191`	`191`	`sess.time("recursion_limit", \|\| {`
`192`		`- middle::recursion_limit::update_limits(sess, &krate);`
	`192`	`+ middle::limits::update_limits(sess, &krate);`
`193`	`193`	`});`
`194`	`194`
`195`	`195`	`let mut lint_store = rustc_lint::new_lint_store(`
Original file line number	Diff line number	Diff line change
`@@ -3,6 +3,7 @@ use rustc::ty::layout::HasTyCtxt;`
`3`	`3`	`use rustc::ty::{self, Ty};`
`4`	`4`	`use std::borrow::{Borrow, Cow};`
`5`	`5`	`use std::collections::hash_map::Entry;`
	`6`	`+use std::convert::TryFrom;`
`6`	`7`	`use std::hash::Hash;`
`7`	`8`
`8`	`9`	`use rustc_data_structures::fx::FxHashMap;`
`@@ -85,9 +86,6 @@ impl<'mir, 'tcx> InterpCx<'mir, 'tcx, CompileTimeInterpreter<'mir, 'tcx>> {`
`85`	`86`	`}`
`86`	`87`	`}`
`87`	`88`
`88`		`-/// Number of steps until the detector even starts doing anything.`
`89`		`-/// Also, a warning is shown to the user when this number is reached.`
`90`		`-const STEPS_UNTIL_DETECTOR_ENABLED: isize = 1_000_000;`
`91`	`89`	`/// The number of steps between loop detector snapshots.`
`92`	`90`	`/// Should be a power of two for performance reasons.`
`93`	`91`	`const DETECTOR_SNAPSHOT_PERIOD: isize = 256;`
`@@ -100,6 +98,8 @@ pub struct CompileTimeInterpreter<'mir, 'tcx> {`
`100`	`98`	`/// detector period.`
`101`	`99`	`pub(super) steps_since_detector_enabled: isize,`
`102`	`100`
	`101`	`+ pub(super) is_detector_enabled: bool,`
	`102`	`+`
`103`	`103`	`/// Extra state to detect loops.`
`104`	`104`	`pub(super) loop_detector: snapshot::InfiniteLoopDetector<'mir, 'tcx>,`
`105`	`105`	`}`
`@@ -111,10 +111,14 @@ pub struct MemoryExtra {`
`111`	`111`	`}`
`112`	`112`
`113`	`113`	`impl<'mir, 'tcx> CompileTimeInterpreter<'mir, 'tcx> {`
`114`		`- pub(super) fn new() -> Self {`
	`114`	`+ pub(super) fn new(const_eval_limit: usize) -> Self {`
	`115`	`+ let steps_until_detector_enabled =`
	`116`	`+ isize::try_from(const_eval_limit).unwrap_or(std::isize::MAX);`
	`117`	`+`
`115`	`118`	`CompileTimeInterpreter {`
`116`	`119`	`loop_detector: Default::default(),`
`117`		`- steps_since_detector_enabled: -STEPS_UNTIL_DETECTOR_ENABLED,`
	`120`	`+ steps_since_detector_enabled: -steps_until_detector_enabled,`
	`121`	`+ is_detector_enabled: const_eval_limit != 0,`
`118`	`122`	`}`
`119`	`123`	`}`
`120`	`124`	`}`
`@@ -343,6 +347,10 @@ impl<'mir, 'tcx> interpret::Machine<'mir, 'tcx> for CompileTimeInterpreter<'mir,`
`343`	`347`	`}`
`344`	`348`
`345`	`349`	`fn before_terminator(ecx: &mut InterpCx<'mir, 'tcx, Self>) -> InterpResult<'tcx> {`
	`350`	`+ if !ecx.machine.is_detector_enabled {`
	`351`	`+ return Ok(());`
	`352`	`+ }`
	`353`	`+`
`346`	`354`	`{`
`347`	`355`	`let steps = &mut ecx.machine.steps_since_detector_enabled;`
`348`	`356`
Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		-error: `recursion_limit` must be a non-negative integer
	`1`	+error: `limit` must be a non-negative integer
`2`	`2`	`--> $DIR/invalid_digit.rs:3:1`
`3`	`3`	`\|`
`4`	`4`	`LL \| #![recursion_limit = "-100"]`
Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		-// Test that a `recursion_limit` of 0 is valid
	`1`	+// Test that a `limit` of 0 is valid
`2`	`2`
`3`	`3`	`#![recursion_limit = "0"]`
`4`	`4`