coverage: Avoid overflow when the MC/DC condition limit is exceeded

If we perform this subtraction and then add 1, the subtraction can sometimes
overflow to -1 before the addition can bring its value back to 0. That
behaviour seems to be benign, but it nevertheless causes test failures in
compiler configurations that check for overflow.

We can avoid the overflow by instead subtracting (N - 1), which is
algebraically equivalent, and more closely matches what the code is actually
trying to do.

1 files changed, 3 insertions, 2 deletions

diff --git a/compiler/rustc_mir_build/src/build/coverageinfo/mcdc.rs b/compiler/rustc_mir_build/src/build/coverageinfo/mcdc.rs
index 9cfb25e663d..728b63d5b21 100644
--- a/compiler/rustc_mir_build/src/build/coverageinfo/mcdc.rs
+++ b/compiler/rustc_mir_build/src/build/coverageinfo/mcdc.rs
@@ -217,12 +217,13 @@ impl MCDCInfoBuilder {
                 }
                 _ => {
                     // Do not generate mcdc mappings and statements for decisions with too many conditions.
-                    let rebase_idx = self.branch_spans.len() - decision.conditions_num + 1;
+                    // Therefore, first erase the condition info of the (N-1) previous branch spans.
+                    let rebase_idx = self.branch_spans.len() - (decision.conditions_num - 1);
                     for branch in &mut self.branch_spans[rebase_idx..] {
                         branch.condition_info = None;
                     }
 
-                    // ConditionInfo of this branch shall also be reset.
+                    // Then, erase this last branch span's info too, for a total of N.
                     condition_info = None;
 
                     tcx.dcx().emit_warn(MCDCExceedsConditionNumLimit {