Add overflow_checks intrinsic by pitaj · Pull Request #128666 · rust-lang/rust (original) (raw)

Oh wow that wording I left was very unclear. I'll try to explain myself better this time.

The implementation strategy that is currently used for the runtime UB checks (intrinsic which lowers to a new NullOp that's branched on) is concerningly heavy on both compiler implementation complexity and compile-time overhead. There are 4 places where the runtime UB checks are cfg'd out or not merged yet because their compile-time overhead isn't justifiable (ptr::read, ptr::write, Alignment::new_unchecked, and Layout::from_size_align_unchecked). The compile-time overhead is directly caused by the fact that both sides of the if are implemented in the library source.

Before we merge the compiler complexity in this PR, I want evidence that actually using the new intrinsic for its intended purpose has tolerable compile-time overhead. If the compile-time overhead of the approach in this PR is so high that its use must be avoided in often-instantiated code paths, we should find another strategy. So what would make me happy is a draft PR based on this one (or just modifying this PR) that swaps in the new range types and uses this new overflow_checks() intrinsic in their implementation, and a perf run that demonstrates a tolerable compile-time hit.

I've mostly put up with the UB checks implementation because I have finite time to investigate things, and it has so far been a mostly-successful way to deliver a feature we've been missing for years. My leading theory on a better way to do this is to have a magic const (I mentioned it in this issue #120848 and now I wish I could link to that one checkbox directly) because that would prevent this system from leaking into the types for MIR.