-
Notifications
You must be signed in to change notification settings - Fork 13k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix TypedArena returning wrong pointers for recursive allocations #67003
Conversation
(rust_highfive has picked a reviewer for you, use r? to override) |
Yeah, the old code seems pretty clearly "just wrong" -- it doesn't even check if there are remaining elements in the iterator; size_hint can lie and it looks like we were previously just leaving elements in the iterator with no checks at all. Hopefully nothing was returning false-positive Some for the upper bound on size_hint... @bors try @rust-timer queue -- let's try to get a sense of whether the slowpath is actually slower, to see if it's worth looking at optimizing this piece of code. cc @nnethercote |
Awaiting bors try build completion |
Fix TypedArena returning wrong pointers for recursive allocations Closes #67001
☀️ Try build successful - checks-azure |
Queued f0ced29 with parent 7afe6d9, future comparison URL. |
Finished benchmarking try commit f0ced29, comparison URL. |
~2.5% regression on one benchmark. Given that this is plausibly a correctness fix, I'm going to say that's fine, particularly since we've improved that benchmark ~14% in the last month (so we're losing some wins, but not regressing too much overall). Hopefully we can find a way to recover some of the performance over time. @bors r+ |
📌 Commit d84eb50 has been approved by |
cc @SimonSapin : can you double check if crates.io typed_arena copied over this same code path when it was branched from the compiler's arena crate? |
Sorry, I haven’t touched that crate in years and to be honest I’m not that interested in maintaining it. A few other people have write access on GitHub and crates.io. Feel free to look at the code and/or file an issue on that repo. |
I guess we'd need panic=abort to restore this optimization since we could then allocate the entire slice at once and then write into it. @Mark-Simulacrum |
Whether you have panic=abort or not, you still need to be careful around updating the pointer -- in particular, if the next method also calls into the arena, you'd potentially run into trouble if that writes into the space allocated for the iterator space. Hm, I'm not sure what you mean by "is not allowed to lie but it is not UB for it to do so." To my understanding, size_hint can of course be incorrect (i.e., buggy) though of course we should fix such bugs when we find them. We can never rely on it to be correct though from a soundness perspective, and in the compiler, that's more so than just memory correctness - leaving elements of the iterator unconsumed when interning can mean that we're forgetting bounds on types, etc., which is a potential cause for soundness holes. I personally expect that with the right logic, we could restore the implementation which pre-reserves space for the iterator's elements, though I don't have the time to work on that implementation myself. |
Would |
@SimonSapin No it would not. The problem occurs if you panic when calling |
Fix TypedArena returning wrong pointers for recursive allocations Closes rust-lang#67001
Panic in What if this method made or took a local |
Fix TypedArena returning wrong pointers for recursive allocations Closes rust-lang#67001
Fix TypedArena returning wrong pointers for recursive allocations Closes #67001
☀️ Test successful - checks-azure |
In `DroplessArena::alloc_from_iter`, handle allocating from iterators whose `next` calls may themselves allocate on the arena. Also, do not trust the iterator's `size_hint` implementation for correctness. These changes were already made for `TypedArena` in rust-lang#67003.
Closes #67001