Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add debug_assert_nounwind to unchecked_{add,sub,neg,mul,shl,shr} methods (haunted PR) #117494

Closed

Conversation

clarfonthey
Copy link
Contributor

@clarfonthey clarfonthey commented Nov 1, 2023

This ensures that these preconditions are actually checked in debug mode, and hopefully should let people know if they messed up. I've also replaced the calls (I could find) in the code that use these intrinsics directly with those that use these methods, so that the asserts actually apply.

More discussions on people misusing these methods in the tracking issue: #85122.

@rustbot
Copy link
Collaborator

rustbot commented Nov 1, 2023

r? @joshtriplett

(rustbot has picked a reviewer for you, use r? to override)

@rustbot rustbot added S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. T-libs Relevant to the library team, which will review and decide on the PR/issue. labels Nov 1, 2023
@rust-log-analyzer

This comment has been minimized.

@clarfonthey clarfonthey force-pushed the unchecked-math-preconditions branch from 0a443eb to 1d5d2ce Compare November 1, 2023 19:44
@rust-log-analyzer

This comment has been minimized.

@clarfonthey clarfonthey force-pushed the unchecked-math-preconditions branch from 1d5d2ce to 15fb5db Compare November 1, 2023 19:51
@rust-log-analyzer

This comment has been minimized.

@clarfonthey clarfonthey force-pushed the unchecked-math-preconditions branch from 15fb5db to 44cdc07 Compare November 3, 2023 00:36
@rust-log-analyzer

This comment has been minimized.

@clarfonthey
Copy link
Contributor Author

I have honestly no idea why this is failing due to… an error in the typenum crate? What's even going on there?

@clarfonthey
Copy link
Contributor Author

@rustbot author

@rustbot rustbot added S-waiting-on-author Status: This is awaiting some action (such as code changes or more information) from the author. and removed S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. labels Nov 4, 2023
@clarfonthey clarfonthey marked this pull request as draft November 4, 2023 08:36
@Noratrieb
Copy link
Member

and yet another attempt at finding undefined behavior that finds miscompilcations instead. awesome!

@saethlin
Copy link
Member

saethlin commented Nov 5, 2023

(I'm looking into this and shitposting about it)

@saethlin
Copy link
Member

saethlin commented Nov 5, 2023

Right-shifts of integers with all bits set is being incorrectly evaluated by const eval as a shift left. Here's a minimized reproducer:

const RSHIFT: u8 = u8::MAX >> 1;

fn main() {
    // At runtime we get the right value
    // Need an intermediate variable or we get const promoted
    let v = u8::MAX;
    println!("runtime: {}", v >> 1);
    println!("const: {}", RSHIFT);
}

In this branch, it prints

runtime: 127
const: 254

@clarfonthey
Copy link
Contributor Author

Thank you so much for helping investigate this. I had slowly been running tests locally but was truly boggled by what I was getting.

@saethlin
Copy link
Member

saethlin commented Nov 5, 2023

I think the root cause here is just a copy-paste error. One character difference but a whole world away...

@rust-log-analyzer

This comment has been minimized.

@clarfonthey clarfonthey force-pushed the unchecked-math-preconditions branch from 4b9510f to d111a77 Compare November 18, 2023 05:09
@rust-log-analyzer

This comment has been minimized.

@bors
Copy link
Contributor

bors commented Nov 26, 2023

☔ The latest upstream changes (presumably #110303) made this pull request unmergeable. Please resolve the merge conflicts.

@clarfonthey
Copy link
Contributor Author

I'll try and update this soon to resolve the conflicts, but I probably won't have it working soon.

One of the unstable-in-stable lints was really bugging me by being difficult to resolve, and that's why I started working on #117571 instead. So, I'm going to mark this as blocked by that unless someone else can help determine why unchecked_neg is just breaking inside the pointer methods.

@clarfonthey
Copy link
Contributor Author

@rustbot blocked

@rustbot rustbot removed the S-waiting-on-author Status: This is awaiting some action (such as code changes or more information) from the author. label Nov 26, 2023
@clarfonthey
Copy link
Contributor Author

IMO cg_clif no longer needs to add this trap if the standard library already does the abort.

Isn't this wrong, since this isn't an always-run check? I'm not familiar with cg_clif at all so I don't know the purpose of this trap.

@bjorn3
Copy link
Member

bjorn3 commented Feb 24, 2024

cg_clif is meant for debug mode. The purpose of the trap would have been to act as sanity check for UB, which is exactly what this PR will do when debug assertions are enabled. Not emitting the check is harmless as cg_clif doesn't exploit the UB anyway. (in cranelift overflow is defined as wrapping without a way to opt into UB on overflow)

@Noratrieb
Copy link
Member

@bors retry

bors added a commit to rust-lang-ci/rust that referenced this pull request Feb 24, 2024
…ions, r=<try>

Add debug_assert_nounwind to unchecked_{add,sub,neg,mul,shl,shr} methods

This ensures that these preconditions are actually checked in debug mode, and hopefully should let people know if they messed up. I've also replaced the calls (I could find) in the code that use these intrinsics directly with those that use these methods, so that the asserts actually apply.

More discussions on people misusing these methods in the tracking issue: rust-lang#85122.
@bors
Copy link
Contributor

bors commented Feb 24, 2024

⌛ Trying commit 9c4c647 with merge a8a9d85...

@saethlin
Copy link
Member

I think the previous try build got lost somehow with the tree closure and ghcr.io outage. When I was checking on the queue I noticed bors still though the try build was running even though it definitely finished: https://bors.rust-lang.org/queue/rust

I'll try to keep an eye on this

@Noratrieb
Copy link
Member

Noratrieb commented Feb 24, 2024

I'm going to close this PR tentatively to try to stop bors from doing weird things and restoring sanity. Will open it again later. (https://rust-lang.zulipchat.com/#narrow/stream/242791-t-infra/topic/bors.20troubles)

@Noratrieb Noratrieb closed this Feb 24, 2024
@Noratrieb
Copy link
Member

Noratrieb commented Feb 24, 2024

It's out of the queue now. Should be fine now, hopefully.

@Noratrieb Noratrieb reopened this Feb 24, 2024
@Noratrieb
Copy link
Member

Noratrieb commented Feb 24, 2024

oh no oh no oh no it's back in the queue, not even marked as try.
image

@Noratrieb Noratrieb closed this Feb 24, 2024
@clarfonthey
Copy link
Contributor Author

I'm fine with opening a new PR as an option if you want to go with that one.

@Noratrieb
Copy link
Member

that's probably the easiest solution

@clarfonthey
Copy link
Contributor Author

#121571

@clarfonthey clarfonthey changed the title Add debug_assert_nounwind to unchecked_{add,sub,neg,mul,shl,shr} methods Add debug_assert_nounwind to unchecked_{add,sub,neg,mul,shl,shr} methods (haunted PR) Feb 24, 2024
bors added a commit to rust-lang-ci/rust that referenced this pull request Feb 25, 2024
…ions, r=<try>

Add debug_assert_nounwind to unchecked_{add,sub,neg,mul,shl,shr} methods

(Old PR is haunted, opening a new one. See rust-lang#117494 for previous discussion.)

This ensures that these preconditions are actually checked in debug mode, and hopefully should let people know if they messed up. I've also replaced the calls (I could find) in the code that use these intrinsics directly with those that use these methods, so that the asserts actually apply.

More discussions on people misusing these methods in the tracking issue: rust-lang#85122.
@RalfJung
Copy link
Member

@Nilstrieb Is there a bors issue somewhere tracking what the heck is happening here? If not, could you open one?

@Noratrieb
Copy link
Member

sure

bors added a commit to rust-lang-ci/rust that referenced this pull request Apr 9, 2024
…ions, r=<try>

Add assert_unsafe_precondition to unchecked_{add,sub,neg,mul,shl,shr} methods

(Old PR is haunted, opening a new one. See rust-lang#117494 for previous discussion.)

This ensures that these preconditions are actually checked in debug mode, and hopefully should let people know if they messed up. I've also replaced the calls (I could find) in the code that use these intrinsics directly with those that use these methods, so that the asserts actually apply.

More discussions on people misusing these methods in the tracking issue: rust-lang#85122.
bors added a commit to rust-lang-ci/rust that referenced this pull request May 22, 2024
…ions, r=<try>

Add assert_unsafe_precondition to unchecked_{add,sub,neg,mul,shl,shr} methods

(Old PR is haunted, opening a new one. See rust-lang#117494 for previous discussion.)

This ensures that these preconditions are actually checked in debug mode, and hopefully should let people know if they messed up. I've also replaced the calls (I could find) in the code that use these intrinsics directly with those that use these methods, so that the asserts actually apply.

More discussions on people misusing these methods in the tracking issue: rust-lang#85122.
bors added a commit to rust-lang-ci/rust that referenced this pull request May 23, 2024
…ions, r=saethlin

Add assert_unsafe_precondition to unchecked_{add,sub,neg,mul,shl,shr} methods

(Old PR is haunted, opening a new one. See rust-lang#117494 for previous discussion.)

This ensures that these preconditions are actually checked in debug mode, and hopefully should let people know if they messed up. I've also replaced the calls (I could find) in the code that use these intrinsics directly with those that use these methods, so that the asserts actually apply.

More discussions on people misusing these methods in the tracking issue: rust-lang#85122.
bors added a commit to rust-lang-ci/rust that referenced this pull request May 24, 2024
…ions, r=saethlin

Add assert_unsafe_precondition to unchecked_{add,sub,neg,mul,shl,shr} methods

(Old PR is haunted, opening a new one. See rust-lang#117494 for previous discussion.)

This ensures that these preconditions are actually checked in debug mode, and hopefully should let people know if they messed up. I've also replaced the calls (I could find) in the code that use these intrinsics directly with those that use these methods, so that the asserts actually apply.

More discussions on people misusing these methods in the tracking issue: rust-lang#85122.
bors added a commit to rust-lang-ci/rust that referenced this pull request May 24, 2024
…ions, r=saethlin

Add assert_unsafe_precondition to unchecked_{add,sub,neg,mul,shl,shr} methods

(Old PR is haunted, opening a new one. See rust-lang#117494 for previous discussion.)

This ensures that these preconditions are actually checked in debug mode, and hopefully should let people know if they messed up. I've also replaced the calls (I could find) in the code that use these intrinsics directly with those that use these methods, so that the asserts actually apply.

More discussions on people misusing these methods in the tracking issue: rust-lang#85122.
bors added a commit to rust-lang-ci/rust that referenced this pull request May 25, 2024
…ions, r=saethlin

Add assert_unsafe_precondition to unchecked_{add,sub,neg,mul,shl,shr} methods

(Old PR is haunted, opening a new one. See rust-lang#117494 for previous discussion.)

This ensures that these preconditions are actually checked in debug mode, and hopefully should let people know if they messed up. I've also replaced the calls (I could find) in the code that use these intrinsics directly with those that use these methods, so that the asserts actually apply.

More discussions on people misusing these methods in the tracking issue: rust-lang#85122.
bors added a commit to rust-lang-ci/rust that referenced this pull request May 25, 2024
…ions, r=saethlin

Add assert_unsafe_precondition to unchecked_{add,sub,neg,mul,shl,shr} methods

(Old PR is haunted, opening a new one. See rust-lang#117494 for previous discussion.)

This ensures that these preconditions are actually checked in debug mode, and hopefully should let people know if they messed up. I've also replaced the calls (I could find) in the code that use these intrinsics directly with those that use these methods, so that the asserts actually apply.

More discussions on people misusing these methods in the tracking issue: rust-lang#85122.
bors added a commit to rust-lang-ci/rust that referenced this pull request May 25, 2024
…ions, r=saethlin

Add assert_unsafe_precondition to unchecked_{add,sub,neg,mul,shl,shr} methods

(Old PR is haunted, opening a new one. See rust-lang#117494 for previous discussion.)

This ensures that these preconditions are actually checked in debug mode, and hopefully should let people know if they messed up. I've also replaced the calls (I could find) in the code that use these intrinsics directly with those that use these methods, so that the asserts actually apply.

More discussions on people misusing these methods in the tracking issue: rust-lang#85122.
bors added a commit to rust-lang-ci/rust that referenced this pull request May 25, 2024
…ions, r=saethlin

Add assert_unsafe_precondition to unchecked_{add,sub,neg,mul,shl,shr} methods

(Old PR is haunted, opening a new one. See rust-lang#117494 for previous discussion.)

This ensures that these preconditions are actually checked in debug mode, and hopefully should let people know if they messed up. I've also replaced the calls (I could find) in the code that use these intrinsics directly with those that use these methods, so that the asserts actually apply.

More discussions on people misusing these methods in the tracking issue: rust-lang#85122.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
S-waiting-on-perf Status: Waiting on a perf run to be completed. S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. T-libs Relevant to the library team, which will review and decide on the PR/issue. T-libs-api Relevant to the library API team, which will review and decide on the PR/issue.
Projects
None yet
Development

Successfully merging this pull request may close these issues.