coverage. Warn about too much decision depth

zhuyunxing · zhuyunxing · commit 881b0b40151b · 2024-07-16T10:50:50.000+08:00
diff --git a/compiler/rustc_mir_build/messages.ftl b/compiler/rustc_mir_build/messages.ftl
@@ -105,6 +105,8 @@ mir_build_deref_raw_pointer_requires_unsafe_unsafe_op_in_unsafe_fn_allowed =
 
 mir_build_exceeds_mcdc_condition_limit = number of conditions in decision ({$num_conditions}) exceeds limit ({$max_conditions}), so MC/DC analysis will not count this expression
 
+mir_build_exceeds_mcdc_decision_depth = number of decisions evaluated simultaneously exceeds limit ({$max_decision_depth}). MCDC analysis will not count this expression
+
 mir_build_extern_static_requires_unsafe =
     use of extern static is unsafe and requires unsafe block
     .note = extern statics are not controlled by the Rust type system: invalid data, aliasing violations or data races will cause undefined behavior
diff --git a/compiler/rustc_mir_build/src/build/coverageinfo/mcdc.rs b/compiler/rustc_mir_build/src/build/coverageinfo/mcdc.rs
@@ -10,13 +10,17 @@ use rustc_middle::ty::TyCtxt;
 use rustc_span::Span;
 
 use crate::build::Builder;
-use crate::errors::MCDCExceedsConditionLimit;
+use crate::errors::{MCDCExceedsConditionLimit, MCDCExceedsDecisionDepth};
 
 /// The MCDC bitmap scales exponentially (2^n) based on the number of conditions seen,
 /// So llvm sets a maximum value prevents the bitmap footprint from growing too large without the user's knowledge.
 /// This limit may be relaxed if the [upstream change](https://github.com/llvm/llvm-project/pull/82448) is merged.
 const MAX_CONDITIONS_IN_DECISION: usize = 6;
 
+/// MCDC allocates an i32 variable on stack for each depth. Ignore decisions nested too much to prevent it
+/// consuming excessive memory.
+const MAX_DECISION_DEPTH: u16 = 0x3FFF;
+
 #[derive(Default)]
 struct MCDCDecisionCtx {
     /// To construct condition evaluation tree.
@@ -208,14 +212,14 @@ impl MCDCInfoBuilder {
         // is empty, i.e. when all the conditions of the decision were instrumented,
         // and the decision is "complete".
         if let Some(decision) = decision_result {
-            match decision.num_conditions {
-                0 => {
+            match (decision.num_conditions, decision_depth) {
+                (0, _) => {
                     unreachable!("Decision with no condition is not expected");
                 }
-                1..=MAX_CONDITIONS_IN_DECISION => {
+                (1..=MAX_CONDITIONS_IN_DECISION, 0..=MAX_DECISION_DEPTH) => {
                     self.decision_spans.push(decision);
                 }
-                _ => {
+                (_, _) => {
                     // Do not generate mcdc mappings and statements for decisions with too many conditions.
                     // Therefore, first erase the condition info of the (N-1) previous branch spans.
                     let rebase_idx = self.branch_spans.len() - (decision.num_conditions - 1);
@@ -225,12 +229,19 @@ impl MCDCInfoBuilder {
 
                     // Then, erase this last branch span's info too, for a total of N.
                     condition_info = None;
-
-                    tcx.dcx().emit_warn(MCDCExceedsConditionLimit {
-                        span: decision.span,
-                        num_conditions: decision.num_conditions,
-                        max_conditions: MAX_CONDITIONS_IN_DECISION,
-                    });
+                    if decision.num_conditions > MAX_CONDITIONS_IN_DECISION {
+                        tcx.dcx().emit_warn(MCDCExceedsConditionLimit {
+                            span: decision.span,
+                            num_conditions: decision.num_conditions,
+                            max_conditions: MAX_CONDITIONS_IN_DECISION,
+                        });
+                    }
+                    if decision_depth > MAX_DECISION_DEPTH {
+                        tcx.dcx().emit_warn(MCDCExceedsDecisionDepth {
+                            span: decision.span,
+                            max_decision_depth: MAX_DECISION_DEPTH.into(),
+                        });
+                    }
                 }
             }
         }
diff --git a/compiler/rustc_mir_build/src/errors.rs b/compiler/rustc_mir_build/src/errors.rs
@@ -844,6 +844,14 @@ pub(crate) struct MCDCExceedsConditionLimit {
     pub(crate) max_conditions: usize,
 }
 
+#[derive(Diagnostic)]
+#[diag(mir_build_exceeds_mcdc_decision_depth)]
+pub(crate) struct MCDCExceedsDecisionDepth {
+    #[primary_span]
+    pub span: Span,
+    pub max_decision_depth: usize,
+}
+
 #[derive(Diagnostic)]
 #[diag(mir_build_pattern_not_covered, code = E0005)]
 pub(crate) struct PatternNotCovered<'s, 'tcx> {
