-
Notifications
You must be signed in to change notification settings - Fork 430
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
new UniformInt bound checks #592
Comments
I guess this is a side-effect of the way compiler optimisations work; presumably the optimiser knows that The new code is here and here. @alexcrichton any ideas, or know who better to ask? |
There is some work on a standard |
An example which needs no rand code: pub fn bar(rand: u64) -> usize {
let arr = [1; 3];
let mul = rand as u128 * arr.len() as u128;
let hi = (mul >> 64) as u64;
arr[hi as usize]
} |
@dhardy oh the best thing to do for something like this is to try and get a minimal example. With that it's relatively easy to inspect the LLVM IR and deduce why LLVM can't perform the optimization, and that will likely also lead to a solution one way or another. (I'm not too familiar here with the specifics, unfortunately) |
%1 = zext i32 %rand to i64
%2 = mul nuw nsw i64 %1, 3
%3 = lshr i64 %2, 32
%4 = icmp eq i64 %3, 3 from pub fn bar(rand: u32, arr: [u8; 3]) -> u8 {
let mul = rand as u64 * arr.len() as u64;
let hi = (mul >> 32) as u32;
arr[hi as usize]
} https://play.rust-lang.org/?gist=da0698f29ba0d0c28c5adec4d6717a18&version=nightly&mode=release |
|
Only when it's known that In any case you have a valid minimal example ( |
The widening multiply bounding technique is useful for a lot of problems, so it's likely to be used a lot in the future. It would be good if this problem were handled automatically. Is there any chance of an upstream change in Rust/LLVM? |
Paper describing the technique btw: https://arxiv.org/pdf/1805.10941.pdf#page=3 |
Constant widening multiply works as well. |
Does anyone know where I should start asking about an upstream change? |
Sorry, no. Perhaps @nikomatsakis has some idea how a proof of bounds can be added to widening multiply? |
Will this be fixed by #1154? |
That new method still uses the widening multiply method so I doubt it will affect this. |
The Presumably we could use |
The previous version of
UniformInt
allowed the compiler to remove bounds checks. It can't do the same for our new widening multiply method.You can verify with
RUSTFLAGS='--emit=asm' cargo build --release
:Is there something we could do to fix this? A change in
UniformInt
? Some sort of compiler hint? Or would this require a smarter compiler?If we can't fix it, perhaps we should document this behavior. We should consider ways to mitigate the problem, such as using unchecked indexing in library code like
shuffle
,choose
, etc.The text was updated successfully, but these errors were encountered: