memory access sanity checks: abort instead of panic #73054
Conversation
|
r? @shepmaster (rust_highfive has picked a reviewer for you, use r? to override) |
rust-highfive
added
the
S-waiting-on-review
|
To be clear, I'm not sure :) I think my measurements were inconclusive. But, in theory, I would expect this to be better able to inline etc. Ideally we'd run perf.r-l.o against this but to do that we'd need to build and publish a debug assertions compiler to compare against... |
Is that enough to land this? I don't think I'll have time to do proper benchmarking any time soon... and this code is UB if we don't |
So how do you suggest we proceed? I don't have time to do proper measurements here. Should I close the PR, or should we land this because it'll surely not degrade debug-std performance? |
|
I can try to find some time to prepare the try commits for perf.rlo to benchmark (by pushing to this PR), hopefully today. |
Mark-Simulacrum
force-pushed
the
dont-panic
branch
from
8827d60
to
166480e
Compare
|
@bors try |
|
⌛ Trying commit 166480e3a0a9a89bacbf30e3abf3ac45cccb1391 with merge d94127aecf2bae628907d43c376b8fe5070431db... |
|
And with reverts of the first two commits.. @bors try @rust-timer queue I think perf will only pick up the first try build to complete (or maybe neither, unsure) but we can check the other one manually anyway. |
|
Awaiting bors try build completion |
|
⌛ Trying commit da345f73558c5aa1768bf0b780a5ab3573e97a79 with merge ebc6a503e956df6a5e66b34fd34b251b596d3431... |
|
☀️ Try build successful - checks-azure |
|
Queued ebc6a503e956df6a5e66b34fd34b251b596d3431 with parent f315c35, future comparison URL. |
|
Finished benchmarking try commit (ebc6a503e956df6a5e66b34fd34b251b596d3431): comparison url. |
|
@rust-timer build d94127aecf2bae628907d43c376b8fe5070431db |
|
Queued d94127aecf2bae628907d43c376b8fe5070431db with parent f315c35, future comparison URL. |
|
Finished benchmarking try commit (d94127aecf2bae628907d43c376b8fe5070431db): comparison url. |
|
Okay so now both of those are done, the right thing to look at is this comparison: https://perf.rust-lang.org/compare.html?start=ebc6a503e956df6a5e66b34fd34b251b596d3431&end=d94127aecf2bae628907d43c376b8fe5070431db, which compares "debug asserts w/o this PR" and "debug asserts w/ this PR" -- it looks like it's a pretty nice win, 3-10% pretty much across the board. It's also notable that debug assertions are really expensive today regardless, 10-30% regressions on many benchmarks. We probably don't want to apply this pattern exactly across the board -- abort() is after all harder to debug -- but I wonder if we can invent some "low-cost" debug_assert, e.g., one that emulates panic=abort or so (so we still get a backtrace potentially and such, but we still avoid the unwind). I imagine you probably don't have the bandwidth to explore doing so? Maybe we should re-run benchmarks on a PR that changes cc @nnethercote as well |
I'm afraid I do not. I also have no idea how you did the benchmarking here.^^ But it seems like the PR is a clear win, and only some very low-level methods are changed to not have backtraces any more, so seems like a good sign to me independent of the other changes you suggested. |
|
Okay I'll remove the benchmarking commits on this PR and approve it, I agree it's a sufficient win just by itself. The way to do benchmarks like this is to get a build from just debug asserts being enabled and another build (critically with same parent on master) with debug asserts plus this PR's changes, then you compare the two try commits directly in perf.rlo. |
|
Oh and you adjusted CI config to get debug assertions in try builds, I see. |
Mark-Simulacrum
force-pushed
the
dont-panic
branch
from
da345f7
to
81c7ebd
Compare
|
@bors r+ |
|
📌 Commit 81c7ebd has been approved by |
bors
added
S-waiting-on-bors
|
(Should be fine to rollup, as there's no expected impact on non-debug-assert builds). |
Rollup of 10 pull requests Successful merges: - rust-lang#72280 (Fix up autoderef when reborrowing) - rust-lang#72785 (linker: MSVC supports linking static libraries as a whole archive) - rust-lang#73011 (first stage of implementing LLVM code coverage) - rust-lang#73044 (compiletest: Add directives to detect sanitizer support) - rust-lang#73054 (memory access sanity checks: abort instead of panic) - rust-lang#73136 (Change how compiler-builtins gets many CGUs) - rust-lang#73280 (Add E0763) - rust-lang#73317 (bootstrap: read config from $RUST_BOOTSTRAP_CONFIG) - rust-lang#73350 (bootstrap/install.rs: support a nonexistent `prefix` in `x.py install`) - rust-lang#73352 (Speed up bootstrap a little.) Failed merges: r? @ghost
Suggested by @Mark-Simulacrum, this should help reduce the performance impact of these checks.