Add a test for #107975 #127003
Add a test for #107975 #127003
Conversation
rustbot
added
S-waiting-on-review
|
@rustbot author |
rustbot
added
S-waiting-on-author
This comment has been minimized.
This comment has been minimized.
GrigorenkoPV
force-pushed
the
107975
branch
2 times, most recently
from
a7c36d1
to
562aaa4
Compare
|
@rustbot ready |
rustbot
added
S-waiting-on-review
|
@rustbot author |
rustbot
added
S-waiting-on-author
|
@rustbot ready |
rustbot
added
S-waiting-on-review
|
@bors r+ |
bors
added
S-waiting-on-bors
Add a test for rust-lang#107975 The int is zero. But also not zero. This is so much fun. This is a part of rust-lang#105107. Initially I was going to just rebase rust-lang#108445, but quite a few things changed since then: * The [mcve](rust-lang#105787 (comment)) used for rust-lang#105787 got fixed.[^upd2] * You can't just `a ?= b` for rust-lang#107975 anymore. Now you have to `a-b ?= 0`. This is what this PR does. As an additional flex, it show that three ways of converting a pointer to its address have this issue: 1. `as usize` 2. `.expose_provenance()` 3. `.addr()` * rust-lang#108425 simply got fixed. Yay. As an aside, the naming for `addr_of!` is quite unfortunate in context of provenance APIs. Because `addr_of!` gives you a pointer, but what provenance APIs refer to as "address" is the `usize` value. Oh well. UPD1: GitHub is incapable of parsing rust-lang#107975 in the PR name, so let's add it here. [^upd2]: UPD2: [The other mcve](rust-lang#105787 (comment)) does not work anymore either, saying "this behavior recently changed as a result of a bug fix; see rust-lang#56105 for details."
This comment has been minimized.
This comment has been minimized.
|
Opened #127914, because it does not look like it is my fault. Let's hack around it for now. |
|
Hopefully, this will fix it |
|
|
||
| // The `Box` has been deallocated by now, so this is a dangling reference! | ||
| let r: &u8 = &*r; | ||
| println!("{:p}", r); |
There was a problem hiding this comment.
Could we use let _: u8 = *r here so we don't need the .stdout file anymore. As the ui test tool doesn't care about the specific value of r.
|
@rustbot author |
rustbot
added
S-waiting-on-author
Done. I think I will rebase on top of master just to make sure nothing has changed in the meantime. Because finding it out through another failed 60+ minutes CI run would be sad. |
Things seem to be ok @rustbot ready |
rustbot
added
S-waiting-on-review
|
@bors r+ rollup=never |
bors
added
S-waiting-on-bors
|
☀️ Test successful - checks-actions |
No.Way.mp4 |
|
Finished benchmarking commit (41ff460): comparison URL. Overall result: ✅ improvements - no action needed@rustbot label: -perf-regression Instruction countThis is a highly reliable metric that was used to determine the overall result at the top of this comment.
Max RSS (memory usage)This benchmark run did not return any relevant results for this metric. CyclesResults (secondary -2.0%)This is a less reliable metric that may be of interest but was not used to determine the overall result at the top of this comment.
Binary sizeThis benchmark run did not return any relevant results for this metric. Bootstrap: 770.598s -> 769.168s (-0.19%) |
|
|
||
| // Let's borrow the `i`-th element. | ||
| // If `i` is out of bounds, indexing will panic. | ||
| let r: Ref<Option<Box<u8>>> = arr[i].borrow(); |
There was a problem hiding this comment.
This seems to assume that the difference between addresses of the two stack variables will never be larger than 3. This is not true with cg_clif where the difference is 16.
There was a problem hiding this comment.
This seems to assume that the difference between addresses of the two stack variables will never be larger than 3.
Not really. It assumes that the difference is precisely 0 and non-0 at the same time. The test in question should ALWAYS panic in one place or another (even without the assert_ne!(i, 0)). But it doesn't, because some parts gets optimized as if i is 0, while others are optimized as if it is not.
What I'm trying to say is that the length choice is arbitrary and that the test will fail no matter the value of i (be it 0, or 1, or 3, or 16, or whatever) as long as compiler does not make contradictory assumptions during optimization.
It might actually even break if compiler still makes contradictory assumptions, but optimizes things differently.
The point of the test is to capture the current buggy behavior and demonstrate that it can lead to unsoundness in safe code.
There was a problem hiding this comment.
I thought the //@ known-bug would cause a //@ run-pass test like this one to fail if it doesn't panic/crash, but I guess that is not the case. Because of that I thought a non-broke backend like cg_clif is expected to not panic anywhere on this test as opposed to be supposed to panic somewhere like actually happened with cg_clif.
It would have been nice to mark this test as //@ codegen-backend: llvm, but no such test annotation is currently implemented unfortunately.
The int is zero. But also not zero. This is so much fun.
This is a part of #105107.
Initially I was going to just rebase #108445, but quite a few things changed since then:
a ?= bfor Miscompilation: Equal pointers comparing as unequal #107975 anymore. Now you have toa-b ?= 0. This is what this PR does. As an additional flex, it show that three ways of converting a pointer to its address have this issue:as usize.expose_provenance().addr()As an aside, the naming for
addr_of!is quite unfortunate in context of provenance APIs. Becauseaddr_of!gives you a pointer, but what provenance APIs refer to as "address" is theusizevalue. Oh well.UPD1: GitHub is incapable of parsing #107975 in the PR name, so let's add it here.
Footnotes
UPD2: The other mcve does not work anymore either, saying "this behavior recently changed as a result of a bug fix; see Tracking issue for future-incompatibility lint
coherence_leak_check#56105 for details." ↩