Some cleanup and miri fixes #2439
Conversation
commit c41aba6 removed the num feature but a few cfgs remained
- removed some unsafe - added some safety comments - add explicit types to transmute calls - reworked UntypedArenaPtr -> TypedArenaPtr conversion might help with mthom#2438, I noticed fewer complains from miri after changing the default impl for `ArenaAllocated::alloc`
- I think this used to overallocate when the alignment was already met
- the msrv (i.e. rust-version in Cargo.toml) is high enough that all gated code can now be used on stabe
probably relevant to mthom#2438
pre-genrate constants instaed of driectly genrating the literal for the insert
|
Marking as Draft as I plan to fix the clippy warnings and want to investigate some of the remaining miri problems |
relevant for wide pointers i.e. pointers with metadata
- write directly to formatter, eliminating intermediate String allocations
- take Value by reference eliminating clones
- remove trim() called on the result of QueryResolution::to_string
- we only emit "true", "false", or "[<resolutions>]"
neither of which contains trailing or leading withespace,
so the calls was effectively a noop
The arcu crate is a more general implementation of the Rcu I implemented in here in scryer. It contains some bug-fixes regarding race-conditions in the Rcu update function, which could cause leaks and uses after free. Source of the problem was the Relaxed load/strore/update of the reference count in side the Arc not being properly ordered with other load/stores.
|
@bakaq I think this now resolves all the UB detected with miri, except maybe for some hiding in the test that run very long in miri as I didn't have quite the patients to wait that long. |
|
I think this might fix #2391 |
|
Ah, I think I introduced a memory leak with my fix for arena and stream. Previously a Some streams could also be dropped early, the Now we still allocate a I am a bit surprised miri's leak detection hasn't caught this, though maybe non of the test that run under miri exercise this edge case. |
|
Wow, very impressive. The test suite passing Miri is a good step in verifying the unsafe code in Scryer. This doesn't mean that there isn't UB, just that the tests don't stumble on any. I'm not sure how much the current test suite covers all the relevant unsafe code interleavings (for example, this possible leak edge case that @Skgland described), but this is a very good start. I think it's a good idea to make some benchmarks of this just to make sure we haven't lost a bunch of performance for some obscure reason, but it's probably fine. I was going to point out that, just like Wasm, Miri is an interpreter so it makes sense to run it in just one machine in CI, but it seems you already did it like that. |
A few changes may eliminate optimization potential, but mostly I would assume no change.
Miri is only available in nightly so I just added it to the nightly job. |
|
I have removed ArenaHeaderTag::Dropped, wrapping (parts of) the Payload in an Option for those that can be dropped early. Also noticed that I was leaking ArenaAllocated IndexPtr and fixed that. This fixes all issues with this PR I know of. Tests and miri still pass (at least locally, still waiting on CI), so the unwraps should hopefully be unreachable due to checking early whether the stream is missing or not. |
|
Looks like some of the miri enables test take a very long time in CI while all run relatively fast locally (under Windows). |
|
Other than that I would consider now this ready again. |
|
Miri now completes in a resonable time with one additional test disabled🎉 Also I have an Idea for how ArenaHeaderTag::Dropped could work, so I will try that to undo a60c669, as the added |
so that the value type passed to `arena_alloc!` can differ from the `ArenaAllocated::Payload` type
- get rid of HeaderOrIdxPtr - add IndexPtrSlab - add UntypedArenaSlab - add to_untyped for converting a typed slab into an unsyped slab - remove TypedArenaPtr::new, as they shouldn't be created outside of this module
The solution have now took implemented is to add the Additionally for for the This is now ready again. |
numfeaturerust_beta_channelfeature, everything that was gates is stable in the rust-version defined in Cargo.toml