Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Apply noundef metadata to loads of types that do not permit raw init #94158

Merged
merged 1 commit into from
Feb 28, 2022
Merged

Apply noundef metadata to loads of types that do not permit raw init #94158

merged 1 commit into from
Feb 28, 2022

Conversation

erikdesjardins
Copy link
Contributor

@erikdesjardins erikdesjardins commented Feb 19, 2022
edited
Loading

This matches the noundef attributes we apply on arguments/return types.

Fixes (partially) #74378.

@rustbot rustbot added T-compiler Relevant to the compiler team, which will review and decide on the PR/issue. S-blocked Status: Blocked on something else such as an RFC or other implementation work. labels Feb 19, 2022
@erikdesjardins erikdesjardins mentioned this pull request Feb 19, 2022
Merged
@erikdesjardins
Copy link
Contributor Author

r? @nikic

@rustbot ready
@rustbot label: -S-blocked

@rustbot rustbot added the S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. label Feb 26, 2022
@rustbot rustbot removed the S-blocked Status: Blocked on something else such as an RFC or other implementation work. label Feb 26, 2022
@nikic
Copy link
Contributor

nikic commented Feb 27, 2022

@bors try @rust-timer queue

@rust-timer
Copy link
Collaborator

Awaiting bors try build completion.

@rustbot label: +S-waiting-on-perf

@rustbot rustbot added the S-waiting-on-perf Status: Waiting on a perf run to be completed. label Feb 27, 2022
@bors
Copy link
Contributor

bors commented Feb 27, 2022

⌛ Trying commit 36746b233d2953b441f0e5a3f16a340af5ea3d0b with merge 2f35d0d1b00e684f5860c2b557e45e09b0b74f68...

@bors
Copy link
Contributor

bors commented Feb 27, 2022

☀️ Try build successful - checks-actions
Build commit: 2f35d0d1b00e684f5860c2b557e45e09b0b74f68 (2f35d0d1b00e684f5860c2b557e45e09b0b74f68)

@rust-timer
Copy link
Collaborator

Queued 2f35d0d1b00e684f5860c2b557e45e09b0b74f68 with parent 6abd8cd, future comparison URL.

@rust-timer
Copy link
Collaborator

Finished benchmarking commit (2f35d0d1b00e684f5860c2b557e45e09b0b74f68): comparison url.

Summary: This benchmark run did not return any relevant results.

If you disagree with this performance assessment, please file an issue in rust-lang/rustc-perf.

Benchmarking this pull request likely means that it is perf-sensitive, so we're automatically marking it as not fit for rolling up. While you can manually mark this PR as fit for rollup, we strongly recommend not doing so since this PR led to changes in compiler perf.

@bors rollup=never
@rustbot label: +S-waiting-on-review -S-waiting-on-perf -perf-regression

@rustbot rustbot removed the S-waiting-on-perf Status: Waiting on a perf run to be completed. label Feb 27, 2022
@erikdesjardins
Apply noundef metadata to loads of types that do not permit raw init
fec4335 
This matches the noundef attributes we apply on arguments/return types.
@nikic
Copy link
Contributor

nikic commented Feb 27, 2022

@bors r+

@bors
Copy link
Contributor

bors commented Feb 27, 2022

📌 Commit fec4335 has been approved by nikic

@bors bors added S-waiting-on-bors Status: Waiting on bors to run and complete tests. Bors will change the label on completion. and removed S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. labels Feb 27, 2022
@bors
Copy link
Contributor

bors commented Feb 28, 2022

⌛ Testing commit fec4335 with merge 427cf81...

@bors
Copy link
Contributor

bors commented Feb 28, 2022

☀️ Test successful - checks-actions
Approved by: nikic
Pushing 427cf81 to master...

@bors bors added the merged-by-bors This PR was explicitly merged by bors. label Feb 28, 2022
@bors bors merged commit 427cf81 into rust-lang:master Feb 28, 2022
@rustbot rustbot added this to the 1.61.0 milestone Feb 28, 2022
@rust-timer
Copy link
Collaborator

Finished benchmarking commit (427cf81): comparison url.

Summary: This benchmark run did not return any relevant results. 14 results were found to be statistically significant but too small to be relevant.

If you disagree with this performance assessment, please file an issue in rust-lang/rustc-perf.

@rustbot label: -perf-regression

@erikdesjardins erikdesjardins deleted the more-more-noundef branch February 28, 2022 16:59
bors added a commit to rust-lang-ci/rust that referenced this pull request Mar 4, 2022
@bors
Auto merge of rust-lang#94159 - erikdesjardins:align-load, r=nikic
62ff2bc 
Add !align metadata on loads of &/&mut/Box

Note that this refers to the alignment of what the loaded value points
to, _not_ the alignment of the loaded value itself.

r? `@ghost` (blocked on rust-lang#94158)
saethlin added a commit to saethlin/rust that referenced this pull request Jul 6, 2022
@saethlin
Revert rust-lang#94158, "Apply noundef metadata to loads of types tha…
d6f8271 
…t do not permit raw init"

In rust-lang#94158, we started emitting `noundef`, which means that functions
returning uninitialized references emit IR with is both `ret void` and
also `noundef`: https://godbolt.org/z/hbjsKKfc3
More generally, this change makes `mem::uninitialized` dangerous in a
way that it wasn't before. This `noundef` change was shipped in the
past 2 stable releases, 1.61.0 and 1.62.0.

This concerns me because in rust-lang#66151 we have thus far decided against
issuing a panic for creating uninitialized references within arrays,
on account of the breakage that shows up in crater. If this pattern
is so widely-used that we're not willing to put in a runtime check
for it, then it doesn't seem prudent to invite LLVM to exploit this
UB.

The pattern of creating uninit references in arrays shows up real code
because the 0.11, 0.12, and 0.13 release series for `hyper` all use
`mem::uninitialized` to construct arrays of `httparse::Header`, which
contains a `&str` and `&[u8]`. There is no patch available within
these release series, so a `cargo update` is not a viable way to
escape the UB here. Also note that the 0.11 release series of `hyper`
predates `MaybeUninit`, so any source-level patch for that will incur
runtime overhead. Which would be unfortunate, but preferable to UB.

I discussed this with @thomcc on the community Discord, and we think
that it would be prudent to revert this introduction of `noundef` until
we have a mitigation in place for the UB that this may unleash. We
haven't been able to cook up any examples of surprising optimizations
due to this pattern, but the whole point of `noundef` is to enable
optimizations, and we know that there is code which uses it in a way
which is definitely instant UB and which we have declined to inform users
of.

If possible, we would like to see `freeze` applied to the return value
of `mem::uninitialized` as a mitigation for this problem. That may be
able to keep old code functioning without introducing a performance hit.

@rustbot labels add +T-compiler +I-compiler-nominated
@saethlin saethlin mentioned this pull request Jul 6, 2022
Closed
@compiler-errors compiler-errors mentioned this pull request Nov 4, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nikic nikic nikic left review comments

Assignees

@nikic nikic

Labels
merged-by-bors This PR was explicitly merged by bors. S-waiting-on-bors Status: Waiting on bors to run and complete tests. Bors will change the label on completion. T-compiler Relevant to the compiler team, which will review and decide on the PR/issue.
Projects
None yet
Milestone
1.61.0
Development

Successfully merging this pull request may close these issues.
5 participants
@erikdesjardins @nikic @rust-timer @bors @rustbot