[Git][ghc/ghc][wip/marge_bot_batch_merge_job] 3 commits: base: Advertise linear time of readFloat

Mon Sep 18 16:36:45 UTC 2023


Marge Bot pushed to branch wip/marge_bot_batch_merge_job at Glasgow Haskell Compiler / GHC


Commits:
488a2ff3 by Ben Gamari at 2023-09-18T12:36:40-04:00
base: Advertise linear time of readFloat

As noted in #23538, `readFloat` has runtime that scales nonlinearly in
the size of its input. Consequently, its use on untrusted input can
be exploited as a denial-of-service vector. Point this out and suggest
use of `read` instead.

See #23538.

- - - - -
a27cc3ac by Simon Peyton Jones at 2023-09-18T12:36:40-04:00
Remove dead code GHC.CoreToStg.Prep.canFloat

This function never fires, so we can delete it: #23965.

- - - - -
90d64ea2 by Ben Gamari at 2023-09-18T12:36:40-04:00
base/changelog: Move fix for #23907 to 9.8.1 section

Since the fix was backported to 9.8.1

- - - - -


3 changed files:

- compiler/GHC/CoreToStg/Prep.hs
- libraries/base/Numeric.hs
- libraries/base/changelog.md


Changes:

=====================================
compiler/GHC/CoreToStg/Prep.hs
=====================================
@@ -657,9 +657,6 @@ cpePair top_lvl is_rec dmd is_unlifted env bndr rhs
       | allLazyTop floats
       = return (floats, rhs)
 
-      | Just floats <- canFloat floats rhs
-      = return floats
-
       | otherwise
       = dontFloat floats rhs
 
@@ -1954,32 +1951,6 @@ deFloatTop (Floats _ floats)
 
 ---------------------------------------------------------------------------
 
-canFloat :: Floats -> CpeRhs -> Maybe (Floats, CpeRhs)
-canFloat (Floats ok_to_spec fs) rhs
-  | OkToSpec <- ok_to_spec           -- Worth trying
-  , Just fs' <- go nilOL (fromOL fs)
-  = Just (Floats OkToSpec fs', rhs)
-  | otherwise
-  = Nothing
-  where
-    go :: OrdList FloatingBind -> [FloatingBind]
-       -> Maybe (OrdList FloatingBind)
-
-    go (fbs_out) [] = Just fbs_out
-
-    go fbs_out (fb@(FloatLet _) : fbs_in)
-      = go (fbs_out `snocOL` fb) fbs_in
-
-    go fbs_out (fb at FloatString{} : fbs_in)
-      -- See Note [ANF-ising literal string arguments]
-      = go (fbs_out `snocOL` fb) fbs_in
-
-    go fbs_out (ft at FloatTick{} : fbs_in)
-      = go (fbs_out `snocOL` ft) fbs_in
-
-    go _ (FloatCase{} : _) = Nothing
-
-
 wantFloatNested :: RecFlag -> Demand -> Bool -> Floats -> CpeRhs -> Bool
 wantFloatNested is_rec dmd rhs_is_unlifted floats rhs
   =  isEmptyFloats floats


=====================================
libraries/base/Numeric.hs
=====================================
@@ -117,6 +117,14 @@ readHex = readP_to_S L.readHexP
 
 -- | Reads an /unsigned/ 'RealFrac' value,
 -- expressed in decimal scientific notation.
+--
+-- Note that this function takes time linear in the magnitude of its input
+-- which can scale exponentially with input size (e.g. @"1e100000000"@ is a
+-- very large number while having a very small textual form).
+-- For this reason, users should take care to avoid using this function on
+-- untrusted input. Users needing to parse floating point values
+-- (e.g. 'Float') are encouraged to instead use 'read', which does
+-- not suffer from this issue.
 readFloat :: RealFrac a => ReadS a
 readFloat = readP_to_S readFloatP
 


=====================================
libraries/base/changelog.md
=====================================
@@ -4,7 +4,6 @@
   * Export `foldl'` from `Prelude` ([CLC proposal #167](https://github.com/haskell/core-libraries-committee/issues/167))
   * Add a `RULE` to `Prelude.lookup`, allowing it to participate in list fusion ([CLC proposal #174](https://github.com/haskell/core-libraries-committee/issues/175))
   * The `Enum Int64` and `Enum Word64` instances now use native operations on 32-bit platforms, increasing performance by up to 1.5x on i386 and up to 5.6x with the JavaScript backend. ([CLC proposal #187](https://github.com/haskell/core-libraries-committee/issues/187))
-  * Add rewrite rules for conversion between Int64/Word64 and Float/Double on 64-bit architectures ([CLC proposal #203](https://github.com/haskell/core-libraries-committee/issues/203)).
   * Update to [Unicode 15.1.0](https://www.unicode.org/versions/Unicode15.1.0/).
 
 ## 4.19.0.0 *TBA*
@@ -44,6 +43,7 @@
   * Deprecate `Data.List.NonEmpty.unzip` ([CLC proposal #86](https://github.com/haskell/core-libraries-committee/issues/86))
   * Fixed exponent overflow/underflow bugs in the `Read` instances for `Float` and `Double` ([CLC proposal #192](https://github.com/haskell/core-libraries-committee/issues/192))
   * Implement `copyBytes`, `fillBytes`, `moveBytes` and `stimes` for `Data.Array.Byte.ByteArray` using primops ([CLC proposal #188](https://github.com/haskell/core-libraries-committee/issues/188))
+  * Add rewrite rules for conversion between Int64/Word64 and Float/Double on 64-bit architectures ([CLC proposal #203](https://github.com/haskell/core-libraries-committee/issues/203)).
 
 ## 4.18.0.0 *March 2023*
   * Shipped with GHC 9.6.1



View it on GitLab: https://gitlab.haskell.org/ghc/ghc/-/compare/751f109d5594308ac41a8ee9d2e910b0aaaee47c...90d64ea2fd54cca954e5c593ba7b439d9a28c930

-- 
View it on GitLab: https://gitlab.haskell.org/ghc/ghc/-/compare/751f109d5594308ac41a8ee9d2e910b0aaaee47c...90d64ea2fd54cca954e5c593ba7b439d9a28c930
You're receiving this email because of your account on gitlab.haskell.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.haskell.org/pipermail/ghc-commits/attachments/20230918/edc81887/attachment-0001.html>
