rustc accepts "---128i8" as a valid constant

[eefriedman]

pub fn main() {
    const X: i8 = ---128;
    const Z: [u8; X as u8 as usize] = [0; X as u8 as usize];
    println!("{}", Z[0]);
}

This is clearly ridiculous, but rustc is perfectly happy with it.

Regression from 1.9.

[tbu-]

use std::mem;
pub fn main() {
    const X: i8 = ---128;
    const Z: [u8; X as u8 as usize] = [0; X as u8 as usize];
    println!("{}", mem::size_of_val(&Z));
}

prints 128.

Using the constant in any other way, e.g.

pub fn main() {
    const X: i8 = ---128;
    const Z: [u8; X as u8 as usize] = [0; X as u8 as usize];
    println!("{}", Z[0]);
    println!("{}", X);
}

errors out:

$ rustc a.rs
a.rs:2:20: 2:25 error: attempted to negate with overflow
a.rs:2     const X: i8 = ---128;
                          ^~~~~
error: aborting due to previous error

[oli-obk]

cc @eddyb is that fallout from your new const eval?

[eddyb]

@oli-obk I haven't removed anything, not that I can think of, to cause this.

[oli-obk]

Then it's very likely fallout from 735c018 (skipping double negations)

[eddyb]

@oli-obk The remaining error in that testcase feels wrong. --128i8 should, IMO, be -(-128i8) - the literal is in range, but the negation overflows.

[oli-obk]

Actually I think it should be valid code, but yield -128, at least that's what the original literal out of range lints do

[eddyb]

@oli-obk But -(-128i8) overflows when negating, which is an error. Why should it be different than -(-64i8 - 64)?

[oli-obk]

I have no particular opinion on this. But the lint has code handling double negations:

rust/src/librustc_lint/types.rs

Line 121 in bb4b3fb

// propagate negation, if the negation itself isn't negated

(it's treating double negations as if they weren't there at all)

[dsprenkels]

The double negation is not the issue here. The value of X evaluates to -128, as expected. But consider the following code:

fn main() {
    const X: i8 = -100;
    const Y: u8 = X as u8;
    println!("{}", Y);
}

This will also compile just fine and print 156. It goes wrong in the cast X as u8. Rust doesn't check if cast overflows, so the <u8> value becomes 156.

cast_const_int can be changed to disallow casts that fail. (I'd be happy to implement this myself.) Or we can accept that these casts are can overflow silently.

[tbu-]

@dsprenkels I believe the issue is that --128 (aka 128) is an intermediate result of the computation that is out of bounds for the i8.

EDIT: The issue is about the fact that the compiler doesn't complain.

[oli-obk]

jup, that was a misunderstanding of some code on my part + the issue that processing HIR works the wrong way around (you start with the outer most expression). Reverting 735c018 should do the job

[dsprenkels]

I thought that it was intended that ---128 would succesfully evaluate to -128. (That rustc knows that it's overflowing, but is smart to know that double negation will fix it in the end.)

Pretend I said nothing.