Skip to content

stack overflow in ImproperCTypesVisitor::{check_type_for_ffi, check_variant_for_ffi} #130310

New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom
Open
tmiasko opened this issue Sep 13, 2024 · 1 comment · Fixed by #130598 · May be fixed by #134697
Open

stack overflow in ImproperCTypesVisitor::{check_type_for_ffi, check_variant_for_ffi} #130310

tmiasko opened this issue Sep 13, 2024 · 1 comment · Fixed by #130598 · May be fixed by #134697
Assignees
@gurry
Labels
A-lints Area: Lints (warnings about flaws in source code) such as unused_mut. C-bug Category: This is a bug. I-crash Issue: The compiler crashes (SIGSEGV, SIGABRT, etc). Use I-ICE instead when the compiler panics. L-improper_ctypes Lint: improper_ctypes S-bug-has-test Status: This bug is tracked inside the repo by a `known-bug` test. T-compiler Relevant to the compiler team, which will review and decide on the PR/issue.

Comments

@tmiasko
Copy link
Contributor

tmiasko commented Sep 13, 2024
edited
Loading

Code

use std::marker::PhantomData;

#[repr(C)]
struct A<T> {
    a: *const A<A<T>>,
    p: PhantomData<T>,
}

extern "C" {
    fn f(a: *const A<()>);
}

fn main() {}

Meta

rustc --version --verbose:

rustc 1.83.0-nightly (adaff5368 2024-09-12)
binary: rustc
commit-hash: adaff5368b0c7b328a0320a218751d65ab1bba97
commit-date: 2024-09-12
host: x86_64-unknown-linux-gnu
release: 1.83.0-nightly
LLVM version: 19.1.0

Error output

error: rustc interrupted by SIGSEGV, printing backtrace
...
note: rustc unexpectedly overflowed its stack! this is a bug
note: maximum backtrace depth reached, frames may have been lost
note: we would appreciate a report at https://github.com/rust-lang/rust
help: you can increase rustc's stack size by setting RUST_MIN_STACK=16777216
note: backtrace dumped due to SIGSEGV! resuming signal
Segmentation fault
Backtrace 

0x00007ffff61a67d4 in <rustc_middle::ty::context::CtxtInterners>::intern_ty () from /home/tm/.rustup/toolchains/stage1/lib/librustc_driver-14c009390c37828b.so
(gdb) bt
#0  0x00007ffff61a67d4 in <rustc_middle::ty::context::CtxtInterners>::intern_ty () from /home/tm/.rustup/toolchains/stage1/lib/librustc_driver-14c009390c37828b.so
#1  0x00007ffff625be58 in <rustc_middle::ty::Ty as rustc_type_ir::fold::TypeSuperFoldable<rustc_middle::ty::context::TyCtxt>>::super_fold_with::<rustc_type_ir::binder::ArgFolder<rustc_middle::ty::context::TyCtxt>> () from /home/tm/.rustup/toolchains/stage1/lib/librustc_driver-14c009390c37828b.so
#2  0x00007ffff639b7e0 in <&rustc_middle::ty::list::RawList<(), rustc_middle::ty::generic_args::GenericArg> as rustc_type_ir::fold::TypeFoldable<rustc_middle::ty::context::TyCtxt>>::try_fold_with::<rustc_type_ir::binder::ArgFolder<rustc_middle::ty::context::TyCtxt>> ()
   from /home/tm/.rustup/toolchains/stage1/lib/librustc_driver-14c009390c37828b.so
#3  0x00007ffff625bb48 in <rustc_middle::ty::Ty as rustc_type_ir::fold::TypeSuperFoldable<rustc_middle::ty::context::TyCtxt>>::super_fold_with::<rustc_type_ir::binder::ArgFolder<rustc_middle::ty::context::TyCtxt>> () from /home/tm/.rustup/toolchains/stage1/lib/librustc_driver-14c009390c37828b.so
#4  0x00007ffff625bc31 in <rustc_middle::ty::Ty as rustc_type_ir::fold::TypeSuperFoldable<rustc_middle::ty::context::TyCtxt>>::super_fold_with::<rustc_type_ir::binder::ArgFolder<rustc_middle::ty::context::TyCtxt>> () from /home/tm/.rustup/toolchains/stage1/lib/librustc_driver-14c009390c37828b.so
#5  0x00007ffff6275014 in <rustc_middle::ty::FieldDef>::ty () from /home/tm/.rustup/toolchains/stage1/lib/librustc_driver-14c009390c37828b.so
#6  0x00007ffff50ae576 in <rustc_lint::types::ImproperCTypesVisitor>::check_variant_for_ffi ()
   from /home/tm/.rustup/toolchains/stage1/lib/librustc_driver-14c009390c37828b.so
#7  0x00007ffff50af1bf in <rustc_lint::types::ImproperCTypesVisitor>::check_type_for_ffi ()
   from /home/tm/.rustup/toolchains/stage1/lib/librustc_driver-14c009390c37828b.so
#8  0x00007ffff50ae5bc in <rustc_lint::types::ImproperCTypesVisitor>::check_variant_for_ffi ()
   from /home/tm/.rustup/toolchains/stage1/lib/librustc_driver-14c009390c37828b.so
#9  0x00007ffff50af1bf in <rustc_lint::types::ImproperCTypesVisitor>::check_type_for_ffi ()
   from /home/tm/.rustup/toolchains/stage1/lib/librustc_driver-14c009390c37828b.so
#10 0x00007ffff50ae5bc in <rustc_lint::types::ImproperCTypesVisitor>::check_variant_for_ffi ()
   from /home/tm/.rustup/toolchains/stage1/lib/librustc_driver-14c009390c37828b.so
#11 0x00007ffff50af1bf in <rustc_lint::types::ImproperCTypesVisitor>::check_type_for_ffi ()
   from /home/tm/.rustup/toolchains/stage1/lib/librustc_driver-14c009390c37828b.so
#12 0x00007ffff50ae5bc in <rustc_lint::types::ImproperCTypesVisitor>::check_variant_for_ffi ()
   from /home/tm/.rustup/toolchains/stage1/lib/librustc_driver-14c009390c37828b.so
#13 0x00007ffff50af1bf in <rustc_lint::types::ImproperCTypesVisitor>::check_type_for_ffi ()
   from /home/tm/.rustup/toolchains/stage1/lib/librustc_driver-14c009390c37828b.so
...

@tmiasko tmiasko added I-ICE Issue: The compiler panicked, giving an Internal Compilation Error (ICE) ❄️ T-compiler Relevant to the compiler team, which will review and decide on the PR/issue. C-bug Category: This is a bug. labels Sep 13, 2024
@rustbot rustbot added the needs-triage This issue may need triage. Remove it if it has been sufficiently triaged. label Sep 13, 2024
@tmiasko tmiasko added I-crash Issue: The compiler crashes (SIGSEGV, SIGABRT, etc). Use I-ICE instead when the compiler panics. A-lints Area: Lints (warnings about flaws in source code) such as unused_mut. and removed needs-triage This issue may need triage. Remove it if it has been sufficiently triaged. labels Sep 14, 2024
@matthiaskrgr matthiaskrgr added the S-bug-has-test Status: This bug is tracked inside the repo by a `known-bug` test. label Sep 16, 2024
@gurry
Copy link
Contributor

gurry commented Sep 19, 2024

@rustbot claim

@gurry gurry mentioned this issue Sep 20, 2024
Merged
@workingjubilee workingjubilee added the L-improper_ctypes Lint: improper_ctypes label Sep 20, 2024
@bors bors closed this as completed in 28ace83 Sep 21, 2024
rust-timer added a commit to rust-lang-ci/rust that referenced this issue Sep 21, 2024
@rust-timer
Unrolled build for rust-lang#130598
6e15f04 
Rollup merge of rust-lang#130598 - gurry:130310-improper-types-stack-overflow, r=compiler-errors

Add recursion limit to FFI safety lint

Fixes rust-lang#130310

Now we check against `tcx.recursion_limit()` and raise an error if it the limit is reached instead of overflowing the stack.
@compiler-errors compiler-errors mentioned this issue Sep 23, 2024
Merged
compiler-errors added a commit to compiler-errors/rust that referenced this issue Sep 24, 2024
@compiler-errors
Rollup merge of rust-lang#130758 - compiler-errors:ctype-recursion-li…
d7517ec 
…mit, r=jieyouxu

Revert "Add recursion limit to FFI safety lint"

It's not necessarily clear if warning when we hit the recursion limit is the right thing to do, first of all.

**More importantly**, this PR was implemented incorrectly in the first place; it was not decrementing the recursion limit when stepping out of a type, so it would trigger when a ctype has more than RECURSION_LIMIT fields *anywhere* in the type's set of recursively reachable fields.

Reverts rust-lang#130598
Reopens rust-lang#130310
Fixes rust-lang#130757
compiler-errors added a commit to compiler-errors/rust that referenced this issue Sep 24, 2024
@compiler-errors
Rollup merge of rust-lang#130758 - compiler-errors:ctype-recursion-li…
fa1bd9b 
…mit, r=jieyouxu

Revert "Add recursion limit to FFI safety lint"

It's not necessarily clear if warning when we hit the recursion limit is the right thing to do, first of all.

**More importantly**, this PR was implemented incorrectly in the first place; it was not decrementing the recursion limit when stepping out of a type, so it would trigger when a ctype has more than RECURSION_LIMIT fields *anywhere* in the type's set of recursively reachable fields.

Reverts rust-lang#130598
Reopens rust-lang#130310
Fixes rust-lang#130757
rust-timer added a commit to rust-lang-ci/rust that referenced this issue Sep 24, 2024
@rust-timer
Unrolled build for rust-lang#130758
b39a5a1 
Rollup merge of rust-lang#130758 - compiler-errors:ctype-recursion-limit, r=jieyouxu

Revert "Add recursion limit to FFI safety lint"

It's not necessarily clear if warning when we hit the recursion limit is the right thing to do, first of all.

**More importantly**, this PR was implemented incorrectly in the first place; it was not decrementing the recursion limit when stepping out of a type, so it would trigger when a ctype has more than RECURSION_LIMIT fields *anywhere* in the type's set of recursively reachable fields.

Reverts rust-lang#130598
Reopens rust-lang#130310
Fixes rust-lang#130757
@fmease fmease removed the I-ICE Issue: The compiler panicked, giving an Internal Compilation Error (ICE) ❄️ label Sep 26, 2024
@niacdoial niacdoial linked a pull request May 25, 2025 that will close this issue
Open
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees

@gurry gurry

Labels
A-lints Area: Lints (warnings about flaws in source code) such as unused_mut. C-bug Category: This is a bug. I-crash Issue: The compiler crashes (SIGSEGV, SIGABRT, etc). Use I-ICE instead when the compiler panics. L-improper_ctypes Lint: improper_ctypes S-bug-has-test Status: This bug is tracked inside the repo by a `known-bug` test. T-compiler Relevant to the compiler team, which will review and decide on the PR/issue.
Projects
None yet
Milestone
No milestone
7 participants
@matthiaskrgr @gurry @compiler-errors @fmease @workingjubilee @rustbot @tmiasko