-
Notifications
You must be signed in to change notification settings - Fork 12.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Resolve overflow behavior for RangeFrom #72368
Conversation
(rust_highfive has picked a reviewer for you, use r? to override) |
r? @Amanieu |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
@rfcbot fcp merge
@rfcbot fcp merge |
Team member @Amanieu has proposed to merge this. The next step is review by the rest of the tagged team members: No concerns currently listed. Once a majority of reviewers approve (and at most 2 approvals are outstanding), this will enter its final comment period. If you spot a major issue that hasn't been raised at any point in this process, please speak up! See this document for info about what commands tagged team members can give me. |
In most crates, rustc decides at compile-time whether to emit code for overflow checks based on configuration. The standard library however is distributed pre-compiled. I vaguely recall there is some mechanism to make standard library functions/methods run overflow checks based on whether the caller is in a crate that wants them. However I don’t remember any more than that, including how it’s called so I could grep for it. How does this work? Does this require annotation to be added to impls of |
It's the rustc_inherit_overflow_checks attribute. I believe it works on traits too. I think it only needs to be added to the function containing the + operator (or whatever math is being done). |
You mean on trait Lines 89 to 95 in 64ad709
@CAD97 Is that why rust/src/librustc_mir_build/hair/cx/mod.rs Lines 69 to 72 in 64ad709
Per that comment,
|
I believe if something is marked as |
My understanding of |
We don't need the function to be inlined by LLVM -- we just need the codegen to happen in leaf crates. Currently, that's the behavior that inline forces, so in that respect it should be fine. We rely on this for pretty much all of the "maybe checked" arithmetic exposed by libcore/std I think |
Yes, and this is the way that it was handled before the |
🔔 This is now entering its final comment period, as per the review above. 🔔 |
Sounds good, thanks all. |
@bors r+ |
📌 Commit 406852a has been approved by |
Resolve overflow behavior for RangeFrom This specifies a documented unspecified implementation detail of `RangeFrom` and makes it consistently implement the specified behavior. Specifically, `(u8::MAX).next()` is defined to cause an overflow, and resolve that overflow in the same manner as the `Step::forward` implementation. The inconsistency that has existed is `<RangeFrom as Iterator>::nth`. The existing behavior should be plain to see after rust-lang#69659: the skipping part previously always panicked if it caused an overflow, but the final step (to set up the state for further iteration) has always been debug-checked. The inconsistency, then, is that `RangeFrom::nth` does not implement the same behavior as the naive (and default) implementation of just calling `next` multiple times. This PR aligns `RangeFrom::nth` to have identical behavior to the naive implementation. It also lines up with the standard behavior of primitive math in Rust everywhere else in the language: debug checked overflow. cc @Amanieu --- Followup to rust-lang#69659. Closes rust-lang#25708 (by documenting the panic as intended). The documentation wording is preliminary and can probably be improved. This will probably need an FCP, as it changes observable stable behavior.
@bors rollup |
Rollup of 9 pull requests Successful merges: - rust-lang#72299 (more `LocalDefId`s) - rust-lang#72368 (Resolve overflow behavior for RangeFrom) - rust-lang#72441 (Fix ICE with explicit late-bound lifetimes) - rust-lang#72499 (Override Box::<[T]>::clone_from) - rust-lang#72521 (Properly handle InlineAsmOperand::SymFn when collecting monomorphized items) - rust-lang#72540 (mir: adjust conditional in recursion limit check) - rust-lang#72563 (multiple Return terminators are possible) - rust-lang#72585 (Only capture tokens for items with outer attributes) - rust-lang#72607 (Eagerly lower asm sub-expressions to HIR even if there is an error) Failed merges: r? @ghost
This specifies a documented unspecified implementation detail of
RangeFrom
and makes it consistently implement the specified behavior.Specifically,
(u8::MAX).next()
is defined to cause an overflow, and resolve that overflow in the same manner as theStep::forward
implementation.The inconsistency that has existed is
<RangeFrom as Iterator>::nth
. The existing behavior should be plain to see after #69659: the skipping part previously always panicked if it caused an overflow, but the final step (to set up the state for further iteration) has always been debug-checked.The inconsistency, then, is that
RangeFrom::nth
does not implement the same behavior as the naive (and default) implementation of just callingnext
multiple times. This PR alignsRangeFrom::nth
to have identical behavior to the naive implementation. It also lines up with the standard behavior of primitive math in Rust everywhere else in the language: debug checked overflow.cc @Amanieu
Followup to #69659. Closes #25708 (by documenting the panic as intended).
The documentation wording is preliminary and can probably be improved.
This will probably need an FCP, as it changes observable stable behavior.