-
Notifications
You must be signed in to change notification settings - Fork 12.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
incorrect integer comparison in release build #116913
Comments
Potential duplicate of #107975. |
closing as duplicate |
Out of curiosity, what thought process led you to this bug? |
A colleague who dislikes rust sent it to me as an example of "memory unsafety" in rust, without realizing that it was a compiler bug. I will admit, it took me discussing it with several friends before I started to realize it was surely a compiler bug, esp with respect to the optimizer. (In a past life I had many a shouting match, err, I mean "spirited discussion" with people who didn't realize just how dangerous things like Anyhow From a However, writing an idiom that triggers this bug would not be uncommon in embedded rust, which is my primary interest! (NB I will probably cross-post this bug to the Ferrocene Project, because they are working towards "Safety Crititcal" embedded rust, where the compiler doesn't need to be perfect, but defects need to be known!) |
ferrocene is aware of all I-unsound issues already |
Ah! Was hoping that would be the case… cheers! |
I'll admit that I find this curious, as this bug is rather niche. For a person who “dislikes Rust”, your colleague is oddly knowledgeable. |
Yeah, that's an interesting story. My colleague is a phenomenal C++ coder... the type of person who not only knows the standard, but understands the reasoning behind the standard. So... very bright and thoughtful. Unfortunately, they had the misfortune of working somewhere that decided to cargo-cult Rust for "safety". You know the attitude, I suspect: "Build it in Rust, and it will be safe and secure!" Said colleague then had a very miserable time as the company shoehorned really bad software and really bad practices into Rust, believing that The One True Language would save them from themselves. This appears to have left them very sour on Rust. For what it's worth, I have several friends and colleagues that work at companies that have experimented (poorly) with Rust. The common experience seems to be that they end up with the unholy combination of shoehorned-in C-like constructs and drag-down, knock-em-down fights with the borrow checker! The worst of both worlds! I kind-of understand this, because I enjoyed writing Java for many years before getting introduced to (now lampoon-able) "Enterprise Java". These days I don't care how great Java is in theory... I'd rather jump off of a cliff than touch it. "Once burned, twice shy" and all that. So what I suspect is happening is that many of my corporate-software-developer friends are doing the equivalent of "trying to learn Fortran by writing a full-stack modern web app", having a miserable experience, and then reverting via Stockholm Syndrome to PHP, where they are comfortable. Make sense? And yes, I know that people have written a web framework in Fortran... 😆 |
This does make sense. Still, I saw the C reproduction to which you linked, and… it appears oddly verbose, somehow. This is all that's needed to reproduce the bug: #include <stdio.h>
#include <stdint.h>
int main(void) {
uintptr_t a;
uintptr_t b;
{
int v[2] = {0, 0};
a = (uintptr_t)&(v[0]);
}
{
int v[2] = {0, 0};
b = (uintptr_t)&(v[0]);
}
printf("%ld ==/^ %ld is %d, %ld\n", a, b, a == b, a ^ b);
a ^= 1, b ^= 1;
printf("%ld ==/^ %ld is %d, %ld\n", a, b, a == b, a ^ b);
return 0;
} As long as optimisations are enabled, this bug reproduces in both C and C++, in both As for the rest you mentioned… admittedly, the worst thing one can do in Rust is to try to use it to implement other languages' solutions for those other languages' problems. It is staggering how many problems that can cause—and the worst part is that it can happen from various languages of departure, from C to PHP. |
The following code is well-formed, as far as I can tell:
For debug builds, we see the expected output, where the two
println!
macros output the same string:However, for release builds, the second line no longer matches the first:
Rust Playground Link
Since both
a
andb
are integer constants, it should not matter that the variable pointed to goes out of scope.I would expect that the
release
build gives identical output to thedebug
output.Note that both
evaluates to true
andevaluates to false
are acceptable.However, the
release
build is implying that two identical integers can mis-compare, in that the booleana==b
is not constant!Meta
Occurs on both
x86_64-unknown-linux-gnu
andaarch64-unknown-linux-gnu
.rustc --version --verbose
:and
The text was updated successfully, but these errors were encountered: