CFI: Handle dyn with no principal

maurer · maurer · commit 6f4dc7112ec5 · 2024-03-24T16:52:42.000Z
In user-facing Rust, `dyn` always has at least one predicate following it. Unfortunately, because we filter out marker traits from receivers at callsites and `dyn Sync` is, for example, legal, this results in us having `dyn` types with no predicates on occasion in our alias set encoding. This patch handles cases where there are no predicates in a `dyn` type which are relevant to its alias set. Fixes #122998
diff --git a/compiler/rustc_symbol_mangling/src/typeid/typeid_itanium_cxx_abi.rs b/compiler/rustc_symbol_mangling/src/typeid/typeid_itanium_cxx_abi.rs
@@ -760,7 +760,11 @@ fn transform_predicates<'tcx>(
             ty::ExistentialPredicate::AutoTrait(..) => Some(predicate),
         })
         .collect();
-    tcx.mk_poly_existential_predicates(&predicates)
+    if predicates.len() == 0 {
+        List::empty()
+    } else {
+        tcx.mk_poly_existential_predicates(&predicates)
+    }
 }
 
 /// Transforms args for being encoded and used in the substitution dictionary.
@@ -1171,14 +1175,17 @@ fn strip_receiver_auto<'tcx>(
     let ty::Dynamic(preds, lifetime, kind) = ty.kind() else {
         bug!("Tried to strip auto traits from non-dynamic type {ty}");
     };
-    let filtered_preds =
-        if preds.principal().is_some() {
+    let new_rcvr = if preds.principal().is_some() {
+        let filtered_preds =
             tcx.mk_poly_existential_predicates_from_iter(preds.into_iter().filter(|pred| {
                 !matches!(pred.skip_binder(), ty::ExistentialPredicate::AutoTrait(..))
-            }))
-        } else {
-            ty::List::empty()
-        };
-    let new_rcvr = Ty::new_dynamic(tcx, filtered_preds, *lifetime, *kind);
+            }));
+        Ty::new_dynamic(tcx, filtered_preds, *lifetime, *kind)
+    } else {
+        // If there's no principal type, re-encode it as a unit, since we don't know anything
+        // about it. This technically discards the knowledge that it was a type that was made
+        // into a trait object at some point, but that's not a lot.
+        tcx.types.unit
+    };
     tcx.mk_args_trait(new_rcvr, args.into_iter().skip(1))
 }
diff --git a/tests/ui/sanitizer/cfi-drop-no-principal.rs b/tests/ui/sanitizer/cfi-drop-no-principal.rs
@@ -0,0 +1,21 @@
+// Check that dropping a trait object without a principal trait succeeds
+
+//@ needs-sanitizer-cfi
+// FIXME(#122848) Remove only-linux once OSX CFI binaries works
+//@ only-linux
+//@ compile-flags: --crate-type=bin -Cprefer-dynamic=off -Clto -Zsanitizer=cfi
+//@ compile-flags: -C target-feature=-crt-static -C codegen-units=1 -C opt-level=0
+// FIXME(#118761) Should be run-pass once the labels on drop are compatible.
+// This test is being landed ahead of that to test that the compiler doesn't ICE while labeling the
+// callsite for a drop, but the vtable doesn't have the correct label yet.
+//@ build-pass
+
+struct CustomDrop;
+
+impl Drop for CustomDrop {
+    fn drop(&mut self) {}
+}
+
+fn main() {
+    let _ = Box::new(CustomDrop) as Box<dyn Send>;
+}
