-
Notifications
You must be signed in to change notification settings - Fork 349
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add a lot more information to SB fatal errors #1971
Conversation
Also, this is going to break the tests. I could do with some advice on fixing them. I'm not entirely sure what the methodology is. |
Thanks a lot for the PR! Just as a heads-up, I am busy with job interviews for probably at least another month, so it will be a while until I will be able to review this PR. |
Hm, I ran into this with
|
This is a diagnostics PR, I fail to see the connection with that bug? |
You of course know SB better than I do, but this looks to me like a bug in Miri, probably a bug in this PR. I feel like a pointer that grants Unique over alloc100517[0x0..0x2] should be able to be reborrows into SRO over that same memory range. I'm going to try minimizing whatever is causing this, just posting here for general awareness that this PR may be buggy. |
I started to review this, but then noticed I am confused since I thought the main motivation is about better errors when a tag is missing. But then the PR also does a lot of things with So, could you reduce this PR to just the part about better diagnostics on missing tags, and make a separate PR for the tag creation message change, including a motivation for that change? In particular, as you noticed, there is no such thing as the single permission that is granted to a new tag -- the same tag can have different permissions for different parts of memory, and when that is the case, the message needs to reflect this to avoid being plain wrong. This mismatch between the structure of Stacked Borrows and the message you want to print explains a lot of the complexity in this PR (the
I feel like the borrow stack is a core concept of Stacked Borrows (the name kind of gives it away ;), so I am not convinced that removing it from the messages is really helpful. What do you think about rewording the message to make it clear that this is "the borrow stack for location alloc1337+42", which hopefully should clarify that there is no single global borrow stack? |
My guess would be that the parent tag simply does not exist in the borrow stack any more, and hence also cannot grant that permission. EDIT: Oh, the point is that should have triggered a message that 271733 got removed? Hm, true. Would be good to have a small example reproducing the problem. |
I'm really struggling to do this. I made a point of wording the diagnostics as "Tried to do X but not possible because Y" because I think that is a very easy form to read, and for the most part trying to mention borrow stacks seems to make them convoluted. Can you suggest a diff? |
Looking at the source, the message actually uses the term "borrow stack" where I would expect it to show up. :) However, are the messages in the OP still up to date? In particular the last one seems odd, since in the code it looks like "does not grant the required permission over" is only printed for untagged parents. |
Just over a week ago I was trying to turn off GitHub email notifications and I accidentally turned them all off for a few days. I knew something would slip through. Gah! I've updated the diagnostic you mentioned in the OP (and I rebased onto |
Along with addressing your feedback, I squashed this back down and rebased it onto |
src/stacked_borrows.rs
Outdated
error_offset: Size, | ||
) -> InterpError<'static> { | ||
let action = format!( | ||
"trying to reborrow {:?}[{:#x}] with {:?} permission via tag {:?}", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"via tag" sounds odd to me, I think something about "derived from tag" or "from parent tag" or so is more evocative.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm concerned that both "derived from tag" and "from parent tag" are both too suggestive that only the permission is from the tag.
I went back and forth with some other people and came up with other wordings which are very similar to your original ones 😂
Yeah I think I like these wordings you have now. :) |
This tries to clarify exactly why an access is not valid by printing what memory range the access was over, which in combination with tag-tracking may help a user figure out the source of the problem.
Squashed down and apparently I got too fancy somewhere so this is now rebased onto |
@bors r=RalfJung |
📌 Commit 730cd27 has been approved by |
☀️ Test successful - checks-actions |
☀️ Test successful - checks-actions |
In fatal errors, this clarifies the difference between a tag not being present in the borrow stack at all, and the tag being present but granting SRO. It also introduces a little notation for memory ranges so we can mention to the user that the span may point to code that operates on multiple memory locations, but we are reporting an error at a particular offset.
This also gets rid of the unqualified phrase "the borrow stack" in errors, and clarifies that it is the borrow stack for some location.
The crate
pdqselect
v0.1.1:Before:
After:
And the crate
half
v1.8.2Before:
After: