-
-
Notifications
You must be signed in to change notification settings - Fork 426
Add length, lower and upper bounds to RangeError/_d_arraybounds #2377
Conversation
Thanks for your pull request and interest in making D better, @thewilsonator! We are looking forward to reviewing it, and you should be hearing from a maintainer soon.
Please see CONTRIBUTING.md for more information. If you have addressed all reviews or aren't sure how to proceed, don't hesitate to ping us with a simple comment. Bugzilla referencesYour PR doesn't reference any Bugzilla issue. If your PR contains non-trivial changes, please reference a Bugzilla issue or create a manual changelog. Testing this PR locallyIf you don't have a local development environment setup, you can use Digger to test this PR: dub fetch digger
dub run digger -- build "master + druntime#2377" |
Ah, need to do phobos as well. |
1956414
to
3109d18
Compare
Hmm, test is being compiled with |
Mark the |
Thanks! |
Hmm, nope: |
Ahh, |
3109d18
to
c11b413
Compare
That's nice. I wasn't expecting that to be the case, but it really should be.
Yeah, if you can't make the whole thing |
This doubles as a nice test for that then. |
c11b413
to
6612594
Compare
(I've altered the testes to figure out what indices are passed to |
6612594
to
ac0446b
Compare
|
I think you were over-zealous with the copy/paste of your print code rather than the arguments being garbage. That length does seem a bit odd, but it being repeated is just it printing the same variable three times. |
ac0446b
to
8cfdc1f
Compare
CircleCI reports its triple as |
} | ||
|
||
void _d_arraybounds(string file, uint line) | ||
void _d_arraybounds(string file, uint line, size_t lower, size_t upper, size_t length) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Rather than changing the signatures of the public extern C interface, new functions should be introduced.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Agreed. Then we don't have to risk merging this + the DMD change at the same time - this could be merged first, then the DMD patch can be merged if it passes CI.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For reference the DMD patch is already in, hence why I want to get this in. Also as noted by Jacob, we don't guarantee binary compatibility across releases.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
See _aaGet
, _aaGetX
, _aaGetY
for examples of doing this in the past. Infact pick any function that ends in X (_d_arrayliteralTX
)
Even _d_arrayboundsp
was a new name given to replace _d_arrayboundsm
. :-)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
But what's the point of doing so and creating more legacy cruft if we don't we don't guarantee binary compatibility across releases anyhow?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Call parameter stack layout: adding args to the end doesn't affect previous ones. I.e. passing too many will ignore the later ones, whereas passing too few will lead to garbage/corruption.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great, so that means it works on x86, x86_64, and ... ? I don't think this calling convention is universal, is it?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
x86 is the only target that pushes arguments in reverse. All others are left to right.
I have an ARM and Aarch64 server that I can run a test on. Regressions on those targets could warrant a revert... Did the druntime changes end up in a release?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Assuming that it's a dmd backend change only though, it's not so critical. If array bounds checks were being generated by the frontend, then it's another matter.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It is a backend thing.
Right, not sure what I was thinking. |
5983260
to
5b3b7fa
Compare
@ibuclaw signature of public functions is now compatible with default arguments. The functions you commented in are compiler generated. |
They will still silently break with applications linked to previous libraries. Just questioning whether this warrants a backwards incompatible ABI version bump. |
We don't guarantee any ABI compatibility as far as I know. |
Hey, it passes on CircleCI! Yay! I've no idea why that was failing before. |
src/core/exception.d
Outdated
} | ||
catch (Throwable) | ||
{ | ||
// ignore more errors |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This code was copied from https://github.com/CyberShadow/druntime/blob/c6b6803646c24c8e748ff9961595c99cd99089cb/src/object.d#L2631-L2660 .
} | ||
|
||
void _d_arraybounds(string file, uint line) | ||
void _d_arraybounds(string file, uint line, size_t lower, size_t upper, size_t length) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Agreed. Then we don't have to risk merging this + the DMD change at the same time - this could be merged first, then the DMD patch can be merged if it passes CI.
9b07597
to
c566854
Compare
BTW, how did the DMD PR get merged without this one? Wouldn't the change in function signatures break the DMD/Druntime ABI? |
Because is passed the CI. Arguments added to the end of the parameter list don't collide with ones earlier in the list. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looking at this again - the if (upper)
and if (lower)
checks do not look good and generate inconsistent and potentially misleading messages.
For example:
auto a = (new int[0])[1]; // Range violation: index [1] exceeds array length 0
auto b = (new int[0])[0]; // Range violation
auto c = (new int[0])[1..1]; // Range violation: indicies [1 .. 1] exceeds array length 0
auto d = (new int[0])[0..1]; // Range violation: index [1] exceeds array length 0
auto e = (new int[0])[-1..0]; // Range violation
The d
one in particular is outright misleading, we are not accessing index 1, only slicing up to it.
I think we should avoid misleading users, so that should probably need to be fixed before this is merged. What do you think?
Suggested fix:
|
a,b,c and e are edge cases, I will fix those soon. d while potentially misleading, cross-referencing the line number will show a slice. |
Not sure what you mean by fix - a and c look correct, they are there for comparison. I don't think there's a reasonable way to fix this in general without additional state / transmitted information. There are no free bits to hold information on whether the indices are actually indices, and the two indices don't necessarily have a relation to each other.
That doesn't sound great. It's the worst case, and it might not be the only indexing operation on the line. |
My bad about a, the rest were wrong and I assumed that was too. c, unless you mispasted, is missing the the length of the array at the end. |
Yes, that was a mispaste, sorry. |
I would love to get this in. Are you still going to work on this @thewilsonator? |
not with any sense of urgency. |
How much left is needed for this to be done? |
Closing for lack of activity (and to clean up upstream branches). The enhancement would be amazing to have, though. |
No description provided.