Stream: t-compiler/wg-prioritization/alerts

Topic: I-prioritize #78477 BTree's `insert_fit` breaks pointer pro…


triagebot (Oct 28 2020 at 11:14, on Zulip):

@WG-prioritization/alerts issue #78477 has been requested for prioritization.

Procedure

Hameer Abbasi (Oct 28 2020 at 11:17, on Zulip):

P-high/P-critical?

Hameer Abbasi (Oct 28 2020 at 11:17, on Zulip):

It's unsoundness in the stdlib.

apiraino (Oct 28 2020 at 11:29, on Zulip):

I'm slightly in favor of P-high considering that there is a patch already on the way for this.

Also, probably dumb and unrelated question: does unsafe code has a weight on the priority? As in: unsafe code is unsafe so to a certain extend unsound behaviours are expected (?). I'm still confused about the expectations of unsafe code

Hameer Abbasi (Oct 28 2020 at 11:31, on Zulip):

That's a good question. If the unsoundness can be triggered by compiling or by running anything included in the stdlib without any unsafe in user code, then yes, I'd say a higher priority is warranted.

lcnr (Oct 28 2020 at 12:10, on Zulip):

p-high seems good, I am doubtful that this unsoundness causes miscompilations rn so I don't think this is P-critical

lcnr (Oct 28 2020 at 12:18, on Zulip):

I do not fully get the question posed by apiraino. unsafe code has to always be correct as long as all invariants are upheld. Unsafe functions can propagate some of these invariants to their caller but must also not cause UB if used correctly.

I personally do not think that it matters whether the user code which can trigger unsoundness in std uses unsafe code or not, as long as the unsafe code upholds all the requirements listed in stds documentation.

/// has to be greater than 0
unsafe fn gt_zero(x: u32) {
    if x <= 1 {
        unsafe { std::hint::unreachable_unchecked() };
    }
}

fn checked_gt_zero(x: u32) {
    assert_ne!(x, 0);
    if x >= 1 {
         return;
    }
    unsafe { std::hint::unreachable_unchecked() };
}
lcnr (Oct 28 2020 at 12:18, on Zulip):

^ i expect us to treat the unsoundness in both of the above functions equally

apiraino (Oct 28 2020 at 12:24, on Zulip):

ah thanks a lot for the explaination! Yes, now I understand it better in terms of unsafe != random clearly wrong behaviour.

triagebot (Oct 28 2020 at 18:56, on Zulip):

Issue #78477's prioritization request has been removed.

Santiago Pastorino (Oct 29 2020 at 11:34, on Zulip):

lowering to P-medium after RalfJ's comment

Last update: Apr 11 2021 at 17:30UTC