KEMBAR78
Mark `simplify_aggregate_to_copy` mir-opt as unsound by jieyouxu · Pull Request #132356 · rust-lang/rust · GitHub
Skip to content

Conversation

@jieyouxu
Copy link
Member

@jieyouxu jieyouxu commented Oct 30, 2024

Mark the simplify_aggregate_to_copy mir-opt added in #128299 as unsound as it seems to miscompile the MCVE reported in #132353. The mir-opt can be re-enabled once this case is fixed.

fn pop_min(mut score2head: Vec<Option<usize>>) -> Option<usize> {
    loop {
        if let Some(col) = score2head[0] {
            score2head[0] = None;
            return Some(col);
        }
    }
}

fn main() {
    let min = pop_min(vec![Some(1)]);
    println!("min: {:?}", min);
    // panic happens here on beta in release mode
    // but not in debug mode
    min.unwrap();
}

This MCVE is included as a run-pass ui regression test in the first commit. I built the ui test with a nightly manually, and can reproduce the behavioral difference with -C opt-level=0 and -C opt-level=1. Locally, this ui test will fail unless it was run on a compiler built with the second commit marking the mir-opt as unsound thus disabling it by default.

This PR partially reverts commit e7386b3, reversing changes made to 02b1be1. The mir-opt implementation is just marked as unsound but not reverted to make reland reviews easier. Test changes are reverted if they were not pure additions. Tests added by the original PR received -Z unsound-mir-opts compile-flags.

cc @dianqk @cjgillot (PR author and reviewer of #128299)

@rustbot
Copy link
Collaborator

rustbot commented Oct 30, 2024

r? @Nadrieril

rustbot has assigned @Nadrieril.
They will have a look at your PR within the next two weeks and either review your PR or reassign to another reviewer.

Use r? to explicitly pick a reviewer

@rustbot rustbot added S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. T-compiler Relevant to the compiler team, which will review and decide on the PR/issue. labels Oct 30, 2024
@rustbot
Copy link
Collaborator

rustbot commented Oct 30, 2024

Some changes occurred to MIR optimizations

cc @rust-lang/wg-mir-opt

@jieyouxu
Copy link
Member Author

Nominating for beta-backport as this is a mir-opt miscompile.
@rustbot label +beta-nominated

@rustbot rustbot added the beta-nominated Nominated for backporting to the compiler in the beta channel. label Oct 30, 2024
@jieyouxu jieyouxu added S-waiting-on-author Status: This is awaiting some action (such as code changes or more information) from the author. and removed S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. labels Oct 30, 2024
@jieyouxu jieyouxu force-pushed the unsound-simplify_aggregate_to_copy branch from 4010d46 to e09ee93 Compare October 30, 2024 13:28
@jieyouxu

This comment was marked as resolved.

@jieyouxu jieyouxu force-pushed the unsound-simplify_aggregate_to_copy branch from e09ee93 to 981f9ec Compare October 30, 2024 13:38
@jieyouxu jieyouxu force-pushed the unsound-simplify_aggregate_to_copy branch from 981f9ec to 51e1b28 Compare October 30, 2024 13:53
@jieyouxu
Copy link
Member Author

Changes since last review:

@jieyouxu
Copy link
Member Author

Probably r? mir-opt

@rustbot rustbot assigned wesleywiser and unassigned Nadrieril Oct 30, 2024
Copy link
Contributor

@cjgillot cjgillot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Indeed, we aren't allowed to introduce new dereferences without checking for aliasing.
r=me

// reproduce the miscompile.
//@[release] compile-flags: -C opt-level=1
//@[debug] compile-flags: -C opt-level=0
//@ run-pass
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could you copy this into mir-opt test which shows pop_min.GVN.diff?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

To clarify, do you mean retain this ui test (for now), but also create a new mir-opt test which shows the GVN diff?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You can use this for a mir-opt test if you like:

#![allow(internal_features)]
#![feature(rustc_attrs, core_intrinsics)]

#[no_mangle]
fn foo(v: &mut Option<i32>) -> Option<i32> {
    if let &Some(col) = get(&v) {
        *v = None;
        return Some(col);
    } else {
        unsafe { std::intrinsics::unreachable() }
    }
}

#[no_mangle]
#[inline(never)]
#[rustc_nounwind]
fn get(v: &Option<i32>) -> &Option<i32> {
    v
}

Copy link
Member Author

@jieyouxu jieyouxu Oct 30, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, I tried to add a GVN.diff test w/ this snippet, lmw if the test needs adjustments.

@jieyouxu jieyouxu force-pushed the unsound-simplify_aggregate_to_copy branch from 51e1b28 to 29db55e Compare October 30, 2024 15:05
@jieyouxu
Copy link
Member Author

Added a GVN diff mir-opt test as requested.
@rustbot ready

@rustbot rustbot added S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. and removed S-waiting-on-author Status: This is awaiting some action (such as code changes or more information) from the author. labels Oct 30, 2024
@cjgillot
Copy link
Contributor

@bors r+

@bors
Copy link
Collaborator

bors commented Oct 30, 2024

📌 Commit 29db55e has been approved by cjgillot

It is now in the queue for this repository.

@cjgillot
Copy link
Contributor

Thanks!

@bors bors removed the S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. label Oct 30, 2024
matthiaskrgr added a commit to matthiaskrgr/rust that referenced this pull request Oct 31, 2024
…e_to_copy, r=cjgillot,DianQK

Mark `simplify_aggregate_to_copy` mir-opt as unsound

Mark the `simplify_aggregate_to_copy` mir-opt added in rust-lang#128299 as unsound as it seems to miscompile the MCVE reported in rust-lang#132353. The mir-opt can be re-enabled once this case is fixed.

```rs
fn pop_min(mut score2head: Vec<Option<usize>>) -> Option<usize> {
    loop {
        if let Some(col) = score2head[0] {
            score2head[0] = None;
            return Some(col);
        }
    }
}

fn main() {
    let min = pop_min(vec![Some(1)]);
    println!("min: {:?}", min);
    // panic happens here on beta in release mode
    // but not in debug mode
    min.unwrap();
}
```

This MCVE is included as a `run-pass` ui regression test in the first commit. I built the ui test with a nightly manually, and can reproduce the behavioral difference with `-C opt-level=0` and `-C opt-level=1`. Locally, this ui test will fail unless it was run on a compiler built with the second commit marking the mir-opt as unsound thus disabling it by default.

This PR **partially reverts** commit e7386b3, reversing changes made to 02b1be1. The mir-opt implementation is just marked as unsound but **not** reverted to make reland reviews easier. The test changes are **fully** reverted.

cc `@DianQK` `@cjgillot` (PR author and reviewer of rust-lang#128299)
@klensy
Copy link
Contributor

klensy commented Oct 31, 2024

Maybe don't rollup pr where optimization was disabled?

@dianqk
Copy link
Member

dianqk commented Oct 31, 2024

Maybe don't rollup pr where optimization was disabled?

cc @matthiaskrgr

@matthiaskrgr
Copy link
Member

ah, didn't see that this affected default mir opt levels
@bors rollup=never
shoud have been set then instead of iffy :)

@jieyouxu
Copy link
Member Author

Oh oops should have rollup=never yeah.

@apiraino
Copy link
Contributor

Beta backport accepted as per compiler team on Zulip, once it gets merged. A backport PR will be authored by the release team at the end of the current development cycle.

@rustbot label +beta-accepted

@rustbot rustbot added the beta-accepted Accepted for backporting to the compiler in the beta channel. label Oct 31, 2024
@bors
Copy link
Collaborator

bors commented Oct 31, 2024

⌛ Testing commit cfb4c05 with merge a0d98ff...

@bors
Copy link
Collaborator

bors commented Oct 31, 2024

☀️ Test successful - checks-actions
Approved by: cjgillot,DianQK
Pushing a0d98ff to master...

@bors bors added the merged-by-bors This PR was explicitly merged by bors. label Oct 31, 2024
@bors bors merged commit a0d98ff into rust-lang:master Oct 31, 2024
7 checks passed
@rustbot rustbot added this to the 1.84.0 milestone Oct 31, 2024
@jieyouxu jieyouxu deleted the unsound-simplify_aggregate_to_copy branch October 31, 2024 18:19
@rust-timer
Copy link
Collaborator

Finished benchmarking commit (a0d98ff): comparison URL.

Overall result: ❌✅ regressions and improvements - please read the text below

Our benchmarks found a performance regression caused by this PR.
This might be an actual regression, but it can also be just noise.

Next Steps:

  • If the regression was expected or you think it can be justified,
    please write a comment with sufficient written justification, and add
    @rustbot label: +perf-regression-triaged to it, to mark the regression as triaged.
  • If you think that you know of a way to resolve the regression, try to create
    a new PR with a fix for the regression.
  • If you do not understand the regression or you think that it is just noise,
    you can ask the @rust-lang/wg-compiler-performance working group for help (members of this group
    were already notified of this PR).

@rustbot label: +perf-regression
cc @rust-lang/wg-compiler-performance

Instruction count

This is the most reliable metric that we have; it was used to determine the overall result at the top of this comment. However, even this metric can sometimes exhibit noise.

mean range count
Regressions ❌
(primary)
0.7% [0.3%, 1.9%] 14
Regressions ❌
(secondary)
0.7% [0.2%, 2.3%] 16
Improvements ✅
(primary)
-0.3% [-0.3%, -0.3%] 1
Improvements ✅
(secondary)
-0.3% [-0.4%, -0.3%] 5
All ❌✅ (primary) 0.7% [-0.3%, 1.9%] 15

Max RSS (memory usage)

Results (primary -2.2%, secondary 0.6%)

This is a less reliable metric that may be of interest but was not used to determine the overall result at the top of this comment.

mean range count
Regressions ❌
(primary)
3.9% [3.5%, 4.3%] 2
Regressions ❌
(secondary)
2.7% [1.9%, 4.5%] 4
Improvements ✅
(primary)
-6.2% [-9.1%, -3.5%] 3
Improvements ✅
(secondary)
-2.2% [-2.6%, -2.0%] 3
All ❌✅ (primary) -2.2% [-9.1%, 4.3%] 5

Cycles

Results (primary 0.9%)

This is a less reliable metric that may be of interest but was not used to determine the overall result at the top of this comment.

mean range count
Regressions ❌
(primary)
0.9% [0.9%, 0.9%] 2
Regressions ❌
(secondary)
- - 0
Improvements ✅
(primary)
- - 0
Improvements ✅
(secondary)
- - 0
All ❌✅ (primary) 0.9% [0.9%, 0.9%] 2

Binary size

Results (primary 0.1%, secondary 0.3%)

This is a less reliable metric that may be of interest but was not used to determine the overall result at the top of this comment.

mean range count
Regressions ❌
(primary)
0.2% [0.0%, 1.3%] 25
Regressions ❌
(secondary)
0.6% [0.2%, 1.2%] 12
Improvements ✅
(primary)
-0.1% [-0.3%, -0.0%] 11
Improvements ✅
(secondary)
-0.0% [-0.0%, -0.0%] 10
All ❌✅ (primary) 0.1% [-0.3%, 1.3%] 36

Bootstrap: 784.059s -> 782.659s (-0.18%)
Artifact size: 333.59 MiB -> 333.43 MiB (-0.05%)

@rustbot rustbot added the perf-regression Performance regression. label Oct 31, 2024
@lqd
Copy link
Member

lqd commented Nov 1, 2024

This deactivated an unsound MIR optimization until it is fixed.

@rustbot label: +perf-regression-triaged

@rustbot rustbot added the perf-regression-triaged The performance regression has been triaged. label Nov 1, 2024
@cuviper cuviper mentioned this pull request Nov 1, 2024
@cuviper cuviper modified the milestones: 1.84.0, 1.83.0 Nov 1, 2024
@cuviper cuviper removed the beta-nominated Nominated for backporting to the compiler in the beta channel. label Nov 1, 2024
bors added a commit to rust-lang-ci/rust that referenced this pull request Nov 2, 2024
[beta] backports

- Bump libc to 0.2.161 rust-lang#131823
- Avoid use imports in `thread_local_inner!` rust-lang#131866
- Mark `simplify_aggregate_to_copy` mir-opt as unsound rust-lang#132356

r? cuviper
bors added a commit to rust-lang-ci/rust that referenced this pull request Dec 20, 2024
Invalidate all dereferences when encountering non-local assignments

Fixes rust-lang#132353.

This PR removes the computation value by traversing SSA locals through `for_each_assignment_mut`.

Because the `for_each_assignment_mut` traversal skips statements which have side effects, such as dereference assignments, the computation may be unsound. Instead of `for_each_assignment_mut`, we compute values by traversing in reverse postorder.

Because we compute and use the symbolic representation of values on the fly, I invalidate all old values when encountering a dereference assignment. The current approach does not prevent the optimization of a clone to a copy.

In the future, we may add an alias model, or dominance information for dereference assignments, or SSA form to help GVN.

r? cjgillot

cc `@jieyouxu` rust-lang#132356
cc `@RalfJung` rust-lang#133474
bors added a commit to rust-lang-ci/rust that referenced this pull request Dec 21, 2024
Invalidate all dereferences when encountering non-local assignments

Fixes rust-lang#132353.

This PR removes the computation value by traversing SSA locals through `for_each_assignment_mut`.

Because the `for_each_assignment_mut` traversal skips statements which have side effects, such as dereference assignments, the computation may be unsound. Instead of `for_each_assignment_mut`, we compute values by traversing in reverse postorder.

Because we compute and use the symbolic representation of values on the fly, I invalidate all old values when encountering a dereference assignment. The current approach does not prevent the optimization of a clone to a copy.

In the future, we may add an alias model, or dominance information for dereference assignments, or SSA form to help GVN.

r? cjgillot

cc `@jieyouxu` rust-lang#132356
cc `@RalfJung` rust-lang#133474

try-job: x86_64-mingw-1
bors added a commit to rust-lang-ci/rust that referenced this pull request Apr 2, 2025
gvn: Invalid dereferences for all non-local mutations

Fixes rust-lang#132353.

This PR removes the computation value by traversing SSA locals through `for_each_assignment_mut`.

Because the `for_each_assignment_mut` traversal skips statements which have side effects, such as dereference assignments, the computation may be unsound. Instead of `for_each_assignment_mut`, we compute values by traversing in reverse postorder.

Because we compute and use the symbolic representation of values on the fly, I invalidate all old values when encountering a dereference assignment. The current approach does not prevent the optimization of a clone to a copy.

In the future, we may add an alias model, or dominance information for dereference assignments, or SSA form to help GVN.

r? cjgillot

cc `@jieyouxu` rust-lang#132356
cc `@RalfJung` rust-lang#133474
bors added a commit to rust-lang-ci/rust that referenced this pull request Apr 3, 2025
gvn: Invalid dereferences for all non-local mutations

Fixes rust-lang#132353.

This PR removes the computation value by traversing SSA locals through `for_each_assignment_mut`.

Because the `for_each_assignment_mut` traversal skips statements which have side effects, such as dereference assignments, the computation may be unsound. Instead of `for_each_assignment_mut`, we compute values by traversing in reverse postorder.

Because we compute and use the symbolic representation of values on the fly, I invalidate all old values when encountering a dereference assignment. The current approach does not prevent the optimization of a clone to a copy.

In the future, we may add an alias model, or dominance information for dereference assignments, or SSA form to help GVN.

r? cjgillot

cc `@jieyouxu` rust-lang#132356
cc `@RalfJung` rust-lang#133474
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

beta-accepted Accepted for backporting to the compiler in the beta channel. CI-spurious-fail-msvc CI spurious failure: target env msvc merged-by-bors This PR was explicitly merged by bors. perf-regression Performance regression. perf-regression-triaged The performance regression has been triaged. S-waiting-on-bors Status: Waiting on bors to run and complete tests. Bors will change the label on completion. T-compiler Relevant to the compiler team, which will review and decide on the PR/issue.

Projects

None yet

Development

Successfully merging this pull request may close these issues.