-
Notifications
You must be signed in to change notification settings - Fork 13k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Resolve the interaction between StorageDead, drops, and unwinding #61015
Comments
Also, for locals which are not Technically, we could also emit |
To repeat what I said in the other thread: This changes the semantics of I have a few questions about this:
To elaborate, the problem here is that this removes a |
Cc @rust-lang/wg-unsafe-code-guidelines |
Regarding
@tmandry that's why I asked about |
@RalfJung Any potentially-drop-needing source-level assignment of an already-initialized place should result in a |
Oh, also, #61060 is open now (and @RalfJung already left a comment on it: #61060 (comment)). |
I see, thanks. I guess we do guarantee that this keeps the address stable? Seems strange not to. And indeed see this example for a function where making the In that case, a |
I talked some more with @tmandry and it seems like this entire direction arose from the assumption that it would be easier than inserting So I think we should just insert |
I'm certainly in favor of explicit |
I also think that a |
It seems we can emit One alternative is to use LLVM's stack coloring scheme by @arielb1, merged in https://reviews.llvm.org/D31583. The basic idea is to look for a path between Some have raised the concern that if we don't emit |
If we don't emit #42371 is a real problem IMO, but likely unrelated. |
@tmandry What is the current status of this? It looks like this needs a special exception to be added to what #99050 says? Also Cc @JakobDegen
|
It looks like the approach in #60840 was generalized to consider all locals that were moved as not requiring storage. This is only done if the local is proven not to be aliased at the point it was moved. The check is done for both statements and terminators. (It's unclear to me how this works with
Separating concerns sounds like a good thing. If we can do it without regressing compiler performance too much we should probably do it. If only for the reason that it simplifies the code and mental models of how these MIR transforms work. On the other hand I still think the generator transform is sound, because of the It might be nice to find ways of being more aggressive in future optimizations, but I think that's a separate discussion (#61849). |
Oh, I see -- then I guess I misunderstood. The original issue description says
That sounded to me like a semantics-changing assumption, not an optimization backed by an analysis which ensures that it does not change program behavior. Are the semantics of What about the issue that |
Looking at the analysis, it actually takes this into account. :) rust/compiler/rustc_mir_dataflow/src/impls/borrowed_locals.rs Lines 113 to 123 in 1517f5d
but then, all locals that are dropped are also borrowed, which means that a |
The implementation described in the original comment was reverted in #61373 and replaced / complemented with emission of storage markers along unwind paths. |
Oh, okay. So... is this issue resolved then? What is still being tracked here? Certainly the issue description is entirely outdated. It should be updated, or the issue closed. |
Ah thanks @tmiasko, I thought I remembered changing course at one point but it was a long time ago. Then I don't think there's anything left to track and I agree the issue should be closed. |
Indeed, thanks a lot for resolving this. :) |
#60840 introduces the expectation that once
drop
runs on a local, it is UB for that local to be accessed, regardless of the success or failure (panic) of thedrop
. Unfortunately, adding extraStorageDead
s for all of these values caused a performance regression, so at the moment we don't do this. #60840 instead usesdrop
to indicate that a value is implicitlyStorageDead
. However, this interacts poorly with drop elaboration, which can turn adrop
of a structure intodrop
s of its fields.cc @Zoxc @tmandry @RalfJung
The text was updated successfully, but these errors were encountered: