Fix Failure("nth") crash in remove_unused_parameters#678
Open
Fix Failure("nth") crash in remove_unused_parameters#678
Conversation
In unused_i (lib/Simplify.ml line 236), List.nth ts i was called without
bounds checking. When update_table_current iterates over actual arguments
(es) of an EApp whose callee has fewer formal type parameters than actual
arguments (e.g. erased ghost params passed as () at call sites), i can
exceed List.length ts, causing a Failure("nth") crash.
The length guard at line 353 (if List.length es <= List.length ts) handles
this for the main transformation, but update_table_current is called before
that guard at line 344.
Add a bounds check so unused_i returns false for out-of-bounds indices,
which is the correct conservative behavior (don't eliminate unknown params).
Fixes #677
Collaborator
|
Collaborator
|
@tahina-pro is this something you can help with? I would love for this PR to have a corresponding regression in the test suite, which would allow me to understand the problem -- right now, without a supporting example, it's hard to determine whether this is the right fix or not |
Author
|
@protz hey sorry for dropping the ball this week is kind of busy. I will add a repro Friday |
Add a JSON-based test (test/json/NthCrash.json) that reproduces the crash from #677: a DExternal2 with more hint names than type arrows triggers an out-of-bounds List.nth in unused_i when visit_DExternal iterates hints. This test crashes on master with Failure("nth") and succeeds with the fix. Introduces test/json/ as a new test subdirectory for JSON-encoded karamel AST inputs, with its own Makefile and a json-test target in test/Makefile. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixes #677
Problem
remove_unused_parametersinlib/Simplify.mlcrashes withFailure("nth")when bundling modules where a function call site has more actual arguments than the callee's formal type parameters (as reported byflatten_arrow).This happens when erased/ghost parameters are passed as
()at call sites, but the callee's type signature doesn't include them (e.g., external functions likePulse.Lib.Array.PtsTo.op_Array_Accesswhose ghost args were erased from the type but not from call sites).Root Cause
In
unused_i(line 236),List.nth ts i = TUnitis called without bounds checking. Theupdate_table_currentcall at line 344 invisit_EAppiterates over actual argumentsesand callsunused arg_ifor each — butarg_ican exceedList.length tswhen there are more actual args than formal type params. The length guard at line 353 correctly handles this for the main transformation path, butupdate_table_currentis invoked before that guard.Fix
Add a bounds check so
unused_ireturnsfalsefor out-of-bounds indices (conservative: don't eliminate unknown params):Reproduction
Extract a Pulse module with
.fstiinterface (making implementations private), create a wrapper without.fsti, and bundle them:After the fix, extraction succeeds and produces correct C output with all functions.