Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

downgrade ptr.is_aligned_to crate-private #121920

Closed
wants to merge 1 commit into from

Conversation

Gankra
Copy link
Contributor

@Gankra Gankra commented Mar 3, 2024

Per #96284 (comment) this API is a mess and is regarded as insufficiently motivated. Removing it from the public API is potentially the only blocker on stabilizing its pleasant brother .is_aligned().

I initially just deleted it completely but it's since become Heavily Used for the purposes of assert_unsafe_precondition, and there's clearly Some Stuff going on with that API that I have no interest in poking.

@rustbot
Copy link
Collaborator

rustbot commented Mar 3, 2024

r? @m-ou-se

rustbot has assigned @m-ou-se.
They will have a look at your PR within the next two weeks and either review your PR or reassign to another reviewer.

Use r? to explicitly pick a reviewer

@rustbot rustbot added O-SGX Target: SGX S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. T-compiler Relevant to the compiler team, which will review and decide on the PR/issue. T-libs Relevant to the library team, which will review and decide on the PR/issue. labels Mar 3, 2024
@rustbot
Copy link
Collaborator

rustbot commented Mar 3, 2024

The Miri subtree was changed

cc @rust-lang/miri

@rust-log-analyzer

This comment has been minimized.

@rustbot rustbot added O-hermit Operating System: Hermit O-itron Operating System: ITRON O-unix Operating system: Unix-like O-wasi Operating system: Wasi, Webassembly System Interface O-windows Operating system: Windows WG-trait-system-refactor The Rustc Trait System Refactor Initiative (-Znext-solver) labels Mar 3, 2024
@rustbot

This comment was marked as resolved.

@Gankra

This comment was marked as resolved.

@rust-log-analyzer

This comment has been minimized.

@rust-log-analyzer

This comment has been minimized.

@@ -37,7 +37,7 @@ fn main() {
let size = 31;
assert_eq!(libc::posix_memalign(&mut ptr, align, size), 0);
assert!(!ptr.is_null());
assert!(ptr.is_aligned_to(align));
Copy link
Member

@RalfJung RalfJung Mar 3, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This does seem like the function can be quite nice to have, doesn't it? ptr.is_aligned_to(align) is a lot easier to read than the modulo check.

And if it's used heavily inside the standard library (and hence can't be removed entirely, only be made private), that is also a data point in favor of it actually being useful outside of the standard library. So I don't quite see why it should get removed.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It seems to only be used for asserts. Maybe we should have a new assert macro?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In general, an application developer probably wants .is_aligned_to::<N>. It is rare that you truly want a dynamic alignment check.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

so it's only used heavily in the stdlib at this point because:

  • people not being aware how powerful ptr.cast::<T>().some_check() is as an idiom
  • assert_unsafe_precondition was added in a ton of places calling is_aligned_and_not_null which calls this

The former I rewrote, the latter is a bit ??? to me. The functions/macros are clearly written in a very specific style that avoids generics, and I can't tell if this is Important For Something or someone being idiosyncratic for no good reason.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry just to clarify: as used is_aligned_and_not_null could just be changed to be generic and call .is_aligned(). But I'm not sure if that would break some magic.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

also Extremely funny saethlin is the one who suggested removing it X3

Copy link
Member

@saethlin saethlin Mar 3, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🤨 I don't and didn't mean that we should never stabilize such a function. But at the current time, I think we have evidence that this doesn't meet the bar for what goes in the standard library.

In particular, I find the API of this function quite vexing. The usize argument raises annoying questions because not every usize is a valid alignment. The design needs to commit to one of

  • Don't try to detect alignments that aren't a power of 2. I dislike this option because we shouldn't let trivial-to-detect bugs go unnoticed. A debug assertion would get compiled out of the distributed standard library and therefore not really exist for most users so I'm not really in favor of that.
  • Panic when passed an alignment that's not a power of 2. I dislike this option because generates a substantial amount of IR and I expect that if this function is used by performance nerds like me the minor inefficiency will invite people to roll their own and advocate against using the standard library function. At which point, why are we stabilizing something people will replace in a third-party library.
  • Make the alignment a const param like Jubilee says above. This would rule out 2 of the 3 users of a function called is_aligned_to that I linked in the tracking issue. So I'm not particularly convinced that there are many users of a const ALIGN version, considering that the 1 user who could use such an API can also use is_aligned::<T>().
  • Change the argument type to an Alignment. This seems to me like the right way to design a Rust API, because it rules out invalid usage with the type system. This option also increases the difficulty of stabilizing something, but that seems fine when the other options are stabilizing something with a high chance of regret.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

To be clear I think it's perfectly fine to stabilize is_aligned (which checks the pointee type, right?) and leave is_aligned_to unstable, if there is consensus that is_aligned is sufficiently useful and will remain useful even if is_aligned_to eventually becomes stable. That would require moving them to different feature gates.

I am just surprised about the proposal of making them private. That's a pretty rare thing to be done with a unstable std API I think. Usually it either gets removed or stabilized.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah I guess you're already doing that in #121948. :)

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'll add my 2¢: I think is_aligned_to is useful (even if much less than plain is_aligned), as suggested by the uses in std and other potential uses in the ecosystem. But I also agree that accepting usize is not nice.

IMO we should change it to accepting Alignment and stabilize is_aligned separately.

Per rust-lang#96284 (comment)
this API is a mess and is regarded as insufficiently motivated. Removing
it from the public API is potentially the only blocker on stabilizing
its pleasant brother .is_aligned().

I initially just deleted it completely but it's since become Heavily Used
for the purposes of assert_unsafe_precondition, and there's clearly
Some Stuff going on with that API that I have no interest in poking.
@rust-log-analyzer
Copy link
Collaborator

The job x86_64-gnu-llvm-16 failed! Check out the build log: (web) (plain)

Click to see the possible cause of the failure (guessed by this bot)
GITHUB_ACTION=__run_7
GITHUB_ACTIONS=true
GITHUB_ACTION_REF=
GITHUB_ACTION_REPOSITORY=
GITHUB_ACTOR=Gankra
GITHUB_API_URL=https://api.github.com
GITHUB_BASE_REF=master
GITHUB_ENV=/home/runner/work/_temp/_runner_file_commands/set_env_e8c8e909-0239-4222-aecc-3d30aefc5d27
GITHUB_EVENT_NAME=pull_request
---
GITHUB_SERVER_URL=https://github.com
GITHUB_SHA=6208b7cadf135967a9bb250e1b8cad12fb992bc9
GITHUB_STATE=/home/runner/work/_temp/_runner_file_commands/save_state_e8c8e909-0239-4222-aecc-3d30aefc5d27
GITHUB_STEP_SUMMARY=/home/runner/work/_temp/_runner_file_commands/step_summary_e8c8e909-0239-4222-aecc-3d30aefc5d27
GITHUB_TRIGGERING_ACTOR=Gankra
GITHUB_WORKFLOW_REF=rust-lang/rust/.github/workflows/ci.yml@refs/pull/121920/merge
GITHUB_WORKFLOW_SHA=6208b7cadf135967a9bb250e1b8cad12fb992bc9
GITHUB_WORKSPACE=/home/runner/work/rust/rust
GOROOT_1_20_X64=/opt/hostedtoolcache/go/1.20.14/x64
---
#12 writing image sha256:4253a932050ed852ce3d1f0b4c99fd9e4d6d38cd94cdad2f3aefbe18a39ffacf done
#12 naming to docker.io/library/rust-ci done
#12 DONE 10.0s
##[endgroup]
Setting extra environment values for docker:  --env ENABLE_GCC_CODEGEN=1 --env GCC_EXEC_PREFIX=/usr/lib/gcc/
[CI_JOB_NAME=x86_64-gnu-llvm-16]
##[group]Clock drift check
  local time: Sun Mar  3 13:51:26 UTC 2024
  network time: Sun, 03 Mar 2024 13:51:26 GMT
  network time: Sun, 03 Mar 2024 13:51:26 GMT
##[endgroup]
sccache: Starting the server...
##[group]Configure the build
configure: processing command line
configure: 
configure: build.configure-args := ['--build=x86_64-unknown-linux-gnu', '--llvm-root=/usr/lib/llvm-16', '--enable-llvm-link-shared', '--set', 'rust.thin-lto-import-instr-limit=10', '--set', 'change-id=99999999', '--enable-verbose-configure', '--enable-sccache', '--disable-manage-submodules', '--enable-locked-deps', '--enable-cargo-native-static', '--set', 'rust.codegen-units-std=1', '--set', 'dist.compression-profile=balanced', '--dist-compression-formats=xz', '--set', 'build.optimized-compiler-builtins', '--disable-dist-src', '--release-channel=nightly', '--enable-debug-assertions', '--enable-overflow-checks', '--enable-llvm-assertions', '--set', 'rust.verify-llvm-ir', '--set', 'rust.codegen-backends=llvm,cranelift,gcc', '--set', 'llvm.static-libstdcpp', '--enable-new-symbol-mangling']
configure: target.x86_64-unknown-linux-gnu.llvm-config := /usr/lib/llvm-16/bin/llvm-config
configure: llvm.link-shared     := True
configure: rust.thin-lto-import-instr-limit := 10
configure: change-id            := 99999999
---
##[endgroup]
##[group]Testing stage2 compiletest suite=assembly mode=assembly (x86_64-unknown-linux-gnu)

running 412 tests
ii.....................iiiiiiiiiiii.....iFi..iiiiiiiiiiiiiiiF...........................  88/412
........................................................................................ 264/412
........................................................................................ 352/412
..............................i..iii........................


failures:

---- [assembly] tests/assembly/is_aligned.rs#opt-speed stdout ----

error in revision `opt-speed`: compilation failed!
status: exit status: 1
command: RUSTC_ICE="0" "/checkout/obj/build/x86_64-unknown-linux-gnu/stage2/bin/rustc" "/checkout/tests/assembly/is_aligned.rs" "-Zthreads=1" "-Zsimulate-remapped-rust-src-base=/rustc/FAKE_PREFIX" "-Ztranslate-remapped-path-to-local-path=no" "-Z" "ignore-directory-in-diagnostics-source-blocks=/cargo" "--sysroot" "/checkout/obj/build/x86_64-unknown-linux-gnu/stage2" "--target=x86_64-unknown-linux-gnu" "--cfg" "opt_speed" "-O" "-Cdebug-assertions=no" "--emit" "asm" "-C" "prefer-dynamic" "-o" "/checkout/obj/build/x86_64-unknown-linux-gnu/test/assembly/is_aligned.opt-speed/is_aligned.s" "-A" "internal_features" "-Crpath" "-Cdebuginfo=0" "-Lnative=/checkout/obj/build/x86_64-unknown-linux-gnu/native/rust-test-helpers" "-L" "/checkout/obj/build/x86_64-unknown-linux-gnu/test/assembly/is_aligned.opt-speed/auxiliary" "-Copt-level=2" "-Cdebug-assertions=no"
stdout: none
--- stderr -------------------------------
error[E0624]: method `is_aligned_to` is private
##[error]  --> /checkout/tests/assembly/is_aligned.rs:22:9
##[error]  --> /checkout/tests/assembly/is_aligned.rs:22:9
   |
22 |     ptr.is_aligned_to(align)
  --> /rustc/FAKE_PREFIX/library/core/src/ptr/const_ptr.rs:1512:5
   |
   = note: private method defined here

---


---- [assembly] tests/assembly/is_aligned.rs#opt-size stdout ----

error in revision `opt-size`: compilation failed!
status: exit status: 1
command: RUSTC_ICE="0" "/checkout/obj/build/x86_64-unknown-linux-gnu/stage2/bin/rustc" "/checkout/tests/assembly/is_aligned.rs" "-Zthreads=1" "-Zsimulate-remapped-rust-src-base=/rustc/FAKE_PREFIX" "-Ztranslate-remapped-path-to-local-path=no" "-Z" "ignore-directory-in-diagnostics-source-blocks=/cargo" "--sysroot" "/checkout/obj/build/x86_64-unknown-linux-gnu/stage2" "--target=x86_64-unknown-linux-gnu" "--cfg" "opt_size" "-O" "-Cdebug-assertions=no" "--emit" "asm" "-C" "prefer-dynamic" "-o" "/checkout/obj/build/x86_64-unknown-linux-gnu/test/assembly/is_aligned.opt-size/is_aligned.s" "-A" "internal_features" "-Crpath" "-Cdebuginfo=0" "-Lnative=/checkout/obj/build/x86_64-unknown-linux-gnu/native/rust-test-helpers" "-L" "/checkout/obj/build/x86_64-unknown-linux-gnu/test/assembly/is_aligned.opt-size/auxiliary" "-Copt-level=s" "-Cdebug-assertions=no"
--- stderr -------------------------------
error[E0624]: method `is_aligned_to` is private
##[error]  --> /checkout/tests/assembly/is_aligned.rs:22:9
   |
   |
22 |     ptr.is_aligned_to(align)
  --> /rustc/FAKE_PREFIX/library/core/src/ptr/const_ptr.rs:1512:5
   |
   = note: private method defined here

@Gankra
Copy link
Contributor Author

Gankra commented Mar 3, 2024

(PR currently failing because: there's a codegen test for this function, which, is still desirable in a sense. Leaving the PR as-is for the sake of discussing whether "insufficiently motivated" is still true.)

Gankra added a commit to Gankra/rust that referenced this pull request Mar 3, 2024
Gankra added a commit to Gankra/rust that referenced this pull request Mar 3, 2024
@m-ou-se m-ou-se added the I-libs-api-nominated Nominated for discussion during a libs-api team meeting. label Mar 5, 2024
@bors
Copy link
Contributor

bors commented Mar 6, 2024

☔ The latest upstream changes (presumably #122045) made this pull request unmergeable. Please resolve the merge conflicts.

bors added a commit to rust-lang-ci/rust that referenced this pull request Mar 16, 2024
stabilize ptr.is_aligned, move ptr.is_aligned_to to a new feature gate

This is an alternative to rust-lang#121920
@Amanieu
Copy link
Member

Amanieu commented Mar 19, 2024

Libs-api discussed this and is happy to remove this unstable API by making is crate-private.

@rfcbot fcp merge

@rfcbot
Copy link

rfcbot commented Mar 19, 2024

Team member @Amanieu has proposed to merge this. The next step is review by the rest of the tagged team members:

No concerns currently listed.

Once a majority of reviewers approve (and at most 2 approvals are outstanding), this will enter its final comment period. If you spot a major issue that hasn't been raised at any point in this process, please speak up!

See this document for info about what commands tagged team members can give me.

@rfcbot rfcbot added proposed-final-comment-period Proposed to merge/close by relevant subteam, see T-<team> label. Will enter FCP once signed off. disposition-merge This issue / PR is in PFCP or FCP with a disposition to merge it. labels Mar 19, 2024
@Amanieu Amanieu removed the I-libs-api-nominated Nominated for discussion during a libs-api team meeting. label Mar 19, 2024
@rfcbot rfcbot added the final-comment-period In the final comment period and will be merged soon unless new substantive objections are raised. label Mar 19, 2024
@rfcbot
Copy link

rfcbot commented Mar 19, 2024

🔔 This is now entering its final comment period, as per the review above. 🔔

@rfcbot rfcbot removed the proposed-final-comment-period Proposed to merge/close by relevant subteam, see T-<team> label. Will enter FCP once signed off. label Mar 19, 2024
@rfcbot rfcbot added finished-final-comment-period The final comment period is finished for this PR / Issue. and removed final-comment-period In the final comment period and will be merged soon unless new substantive objections are raised. labels Mar 29, 2024
@rfcbot
Copy link

rfcbot commented Mar 29, 2024

The final comment period, with a disposition to merge, as per the review above, is now complete.

As the automated representative of the governance process, I would like to thank the author for their work and everyone else who contributed.

This will be merged soon.

@rfcbot rfcbot added the to-announce Announce this issue on triage meeting label Mar 29, 2024
@Gankra
Copy link
Contributor Author

Gankra commented Mar 30, 2024

uhhh this pr is a strict alternative to #121948, which is also accepted? (i rebased that one, it's... strictly more pleasant, i think?)

bors pushed a commit to rust-lang-ci/rust that referenced this pull request Mar 30, 2024
bors added a commit to rust-lang-ci/rust that referenced this pull request Mar 30, 2024
stabilize ptr.is_aligned, move ptr.is_aligned_to to a new feature gate

This is an alternative to rust-lang#121920
@RalfJung
Copy link
Member

Agreed, we should land #121948, not this.

@rust-lang/libs-api you FCP-approved two PRs that contradict each other about how ptr.is_aligned_to should be handled: make it a new nightly feature vs make it crate-private. #121948 made it a new nightly feature and already landed. I think we should close this PR despite FCP having passed here.

@RalfJung RalfJung added the I-libs-api-nominated Nominated for discussion during a libs-api team meeting. label Mar 30, 2024
@workingjubilee workingjubilee removed the to-announce Announce this issue on triage meeting label Mar 30, 2024
@m-ou-se
Copy link
Member

m-ou-se commented Apr 2, 2024

I believe the point of the FCP on #121948 was to accept stabilization of is_aligned, while the FCP on this PR is to accept the downgrade of is_aligned_to.

@RalfJung
Copy link
Member

RalfJung commented Apr 2, 2024

The author of this PR (and other people, like myself) no longer see a need to downgrade is_aligned_to. The original motivation was that it was believed to help stabilizing is_aligned, but that turned out not to be the case. Do you still think that it should be done?

@dtolnay
Copy link
Member

dtolnay commented Apr 2, 2024

Taking into account #96284 (comment), those of us in today's libs-api meeting didn't see is_aligned_to being on track for stabilization in the future. We'd like to rip it out and reset the clock on is_aligned_to: the next step would be to bring an API Change Proposal that justifies why this function is worth having once is_aligned already is available.

If, in short order, we can find someone who volunteers that they plan to write an ACP justifying is_aligned_to, we can hold off on ripping it out.

@Amanieu Amanieu removed the I-libs-api-nominated Nominated for discussion during a libs-api team meeting. label Apr 16, 2024
GuillaumeGomez pushed a commit to GuillaumeGomez/rust that referenced this pull request Jul 10, 2024
@Dylan-DPC Dylan-DPC added the needs-acp This change is blocked on the author creating an ACP. label Aug 10, 2024
@Dylan-DPC
Copy link
Member

@Gankra any updates on the acp required for this? thanks

@Gankra
Copy link
Contributor Author

Gankra commented Aug 11, 2024

This PR should have been closed a while ago, per #121948

@Gankra Gankra closed this Aug 11, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
disposition-merge This issue / PR is in PFCP or FCP with a disposition to merge it. finished-final-comment-period The final comment period is finished for this PR / Issue. needs-acp This change is blocked on the author creating an ACP. S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. T-libs-api Relevant to the library API team, which will review and decide on the PR/issue.
Projects
None yet
Development

Successfully merging this pull request may close these issues.