UB if f*_fast intrinsic called with nonfinite value

syvb · syvb · commit e591b83185ba · 2021-05-02T12:25:00.000-04:00
diff --git a/src/shims/intrinsics.rs b/src/shims/intrinsics.rs
@@ -173,6 +173,36 @@ pub trait EvalContextExt<'mir, 'tcx: 'mir>: crate::MiriEvalContextExt<'mir, 'tcx
                     "frem_fast" => mir::BinOp::Rem,
                     _ => bug!(),
                 };
+                let a_valid = match a.layout.ty.kind() {
+                    ty::Float(FloatTy::F32) => a.to_scalar()?.to_f32()?.is_finite(),
+                    ty::Float(FloatTy::F64) => a.to_scalar()?.to_f64()?.is_finite(),
+                    _ => bug!(
+                        "`{}` called with non-float input type {:?}",
+                        intrinsic_name,
+                        a.layout.ty
+                    ),
+                };
+                if !a_valid {
+                    throw_ub_format!(
+                        "`{}` intrinsic called with non-finite value as first parameter",
+                        intrinsic_name,
+                    );
+                }
+                let b_valid = match b.layout.ty.kind() {
+                    ty::Float(FloatTy::F32) => b.to_scalar()?.to_f32()?.is_finite(),
+                    ty::Float(FloatTy::F64) => b.to_scalar()?.to_f64()?.is_finite(),
+                    _ => bug!(
+                        "`{}` called with non-float input type {:?}",
+                        intrinsic_name,
+                        b.layout.ty
+                    ),
+                };
+                if !b_valid {
+                    throw_ub_format!(
+                        "`{}` intrinsic called with non-finite value as second parameter",
+                        intrinsic_name,
+                    );
+                }
                 this.binop_ignore_overflow(op, &a, &b, dest)?;
             }
 
diff --git a/tests/compile-fail/fast_math_both.rs b/tests/compile-fail/fast_math_both.rs
@@ -0,0 +1,7 @@
+#![feature(core_intrinsics)]
+
+fn main() {
+    unsafe {
+        let _x: f32 = core::intrinsics::frem_fast(f32::NAN, 3.2); //~ ERROR `frem_fast` intrinsic called with non-finite value as first parameter
+    }
+}
diff --git a/tests/compile-fail/fast_math_first.rs b/tests/compile-fail/fast_math_first.rs
@@ -0,0 +1,7 @@
+#![feature(core_intrinsics)]
+
+fn main() {
+    unsafe {
+        let _x: f32 = core::intrinsics::fsub_fast(f32::NAN, f32::NAN); //~ ERROR `fsub_fast` intrinsic called with non-finite value as first parameter
+    }
+}
diff --git a/tests/compile-fail/fast_math_second.rs b/tests/compile-fail/fast_math_second.rs
@@ -0,0 +1,7 @@
+#![feature(core_intrinsics)]
+
+fn main() {
+    unsafe {
+        let _x: f32 = core::intrinsics::fmul_fast(3.4f32, f32::NAN); //~ ERROR `fmul_fast` intrinsic called with non-finite value as second parameter
+    }
+}
