/rust

New issue

#[no_core] loses overflow checks with optimizations #38136

Closed
rkruppe opened this Issue Dec 3, 2016 · 1 comment

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

1 participant

@rkruppe
@rkruppe
Contributor
rkruppe commented Dec 3, 2016 edited

The following file, when compiled without optimizations, correctly generates an overflow check in add_one:

#![feature(no_core, lang_items, rustc_attrs)]
#![no_core]
#![crate_type="lib"]

#[lang="sized"]
trait Sized {}

#[lang="add"]
trait Add<RHS=Self> {
    type Output;
    fn add(self, rhs: RHS) -> Self::Output;
}

impl Add for i32 {
    type Output = i32;

    #[inline]
    #[rustc_inherit_overflow_checks]
    fn add(self, other: i32) -> i32 { self + other }
}

#[cold] #[inline(never)] // this is the slow path, always
#[lang = "panic"]
pub fn panic(_expr_file_line: &(&'static str, &'static str, u32)) -> ! {
	loop {}
}

#[lang="copy"]
trait Copy {}

pub fn add_one(x: i32) -> i32 {
  x + 1
}

However, compiling with optimizations plus -C debug-assertions=on or -Z force-overflow-checks=on generates code without the overflow check.

However, if I move add_one to a separate no_core crate like this, the issue disappears and the overflow check is generated:

#![feature(no_core)]
#![no_core]
#![crate_type="lib"]
extern crate minimal;

pub fn add_one(x: i32) -> i32 {
  x + 1
}
@rkruppe
Contributor
rkruppe commented Dec 3, 2016 edited

@eddyb noticed that my panic implementation (loop {}) is UB according to LLVM (see #28728), so it optimizes the overflow check out on the assumption that it can never be triggered (since that would be UB). Replacing it with e.g. intrinsics::abort() fixes the issue.
@rkruppe rkruppe closed this Dec 3, 2016
@rkruppe rkruppe added a commit to rkruppe/rust that referenced this issue Dec 3, 2016
@rkruppe rkruppe book: use abort() over loop {} for panic 
Due to #28728 loop {} is very risky and can lead to fun debugging experiences such as #38136. Besides, aborting is probably better behavior than an infinite loop.
 9398d75
@rkruppe rkruppe added a commit to rkruppe/rust that referenced this issue Dec 3, 2016
@rkruppe rkruppe book: use abort() over loop {} for panic 
Due to #28728 loop {} is very risky and can lead to fun debugging experiences like in #38136. Besides, aborting is probably better behavior than an infinite loop.
 6687dcc
@rkruppe rkruppe referenced this issue Dec 3, 2016
Merged

book: use abort() over loop {} for panic #38138

@rkruppe rkruppe added a commit to rkruppe/rust that referenced this issue Jan 4, 2017
@rkruppe rkruppe book: use abort() over loop {} for panic 
Due to #28728 loop {} is very risky and can lead to fun debugging experiences like in #38136. Besides, aborting is probably better behavior than an infinite loop.
 893f42a
@steveklabnik steveklabnik added a commit to steveklabnik/rust that referenced this issue Jan 4, 2017
@steveklabnik steveklabnik Rollup merge of #38138 - rkruppe:no_std-no_loop, r=steveklabnik 
book: use abort() over loop {} for panic

Due to #28728 `loop {}` is very risky and can lead to fun debugging experiences such as #38136. Besides, aborting is probably better behavior than an infinite loop.

r? @steveklabnik
 521d337
@bors bors added a commit that referenced this issue Jan 9, 2017
@bors bors Auto merge of #38138 - rkruppe:no_std-no_loop, r=steveklabnik 
book: use abort() over loop {} for panic

Due to #28728 `loop {}` is very risky and can lead to fun debugging experiences such as #38136. Besides, aborting is probably better behavior than an infinite loop.

r? @steveklabnik
 ec9ae8c
@frewsxcv frewsxcv added a commit to frewsxcv/rust that referenced this issue Jan 9, 2017
@frewsxcv frewsxcv Rollup merge of #38138 - rkruppe:no_std-no_loop, r=steveklabnik 
book: use abort() over loop {} for panic

Due to #28728 `loop {}` is very risky and can lead to fun debugging experiences such as #38136. Besides, aborting is probably better behavior than an infinite loop.

r? @steveklabnik
 06f45e6
@frewsxcv frewsxcv added a commit to frewsxcv/rust that referenced this issue Jan 9, 2017
@rkruppe rkruppe book: use abort() over loop {} for panic 
Due to #28728 loop {} is very risky and can lead to fun debugging experiences like in #38136. Besides, aborting is probably better behavior than an infinite loop.
 f7dbec3
@bors bors added a commit that referenced this issue Jan 9, 2017
@bors bors Auto merge of #38138 - rkruppe:no_std-no_loop, r=steveklabnik 
book: use abort() over loop {} for panic

Due to #28728 `loop {}` is very risky and can lead to fun debugging experiences such as #38136. Besides, aborting is probably better behavior than an infinite loop.

r? @steveklabnik
 aa3ae13
@bors bors added a commit that referenced this issue Jan 10, 2017
@bors bors Auto merge of #38138 - rkruppe:no_std-no_loop, r=steveklabnik 
book: use abort() over loop {} for panic

Due to #28728 `loop {}` is very risky and can lead to fun debugging experiences such as #38136. Besides, aborting is probably better behavior than an infinite loop.

r? @steveklabnik
 78c892d
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment