Use bitand when checking for signed integer division overflow #89459
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
For `self == Self::MIN && rhs == -1`, LLVM does not realize that this is the same check made by `self / rhs`, so the code generated may have some unnecessary duplication. For `(self == Self::MIN) & (rhs == -1)`, LLVM realizes it is the same check.
|
r? @kennytm (rust-highfive has picked a reviewer for you, use r? to override) |
rust-highfive
added
the
S-waiting-on-review
|
An example for Note that this PR does not affect |
|
I really think this is something that should be improved at the code generation level instead of doing this manually for every case like this because there are likely a lot more cases and doing so would be cleaner and could cover more cases IMO. |
kennytm
approved these changes
Oct 3, 2021
|
@bors r+ rollup=never |
|
📌 Commit 1139ee3 has been approved by |
bors
added
S-waiting-on-bors
|
☀️ Test successful - checks-actions |
|
Finished benchmarking commit (4479cb8): comparison url. Summary: This benchmark run did not return any relevant changes. If you disagree with this performance assessment, please file an issue in rust-lang/rustc-perf. @rustbot label: -perf-regression |
bors
added a commit
to rust-lang-ci/rust
that referenced
this pull request
Oct 29, 2021
Replace some operators in libcore with their short-circuiting equivalents In libcore there are a few occurrences of bitwise operators used in boolean expressions instead of their short-circuiting equivalents. This makes it harder to perform some kinds of source code analysis over libcore, for example [MC/DC] code coverage (a requirement in safety-critical environments). This PR aims to remove as many bitwise operators in boolean expressions from libcore as possible, without any performance regression and without other changes. This means not all bitwise operators are removed, only the ones that don't have any difference with their short-circuiting counterparts. This already simplifies achieving MC/DC coverage, and the other functions can be changed in future PRs. The PR is best reviewed commit-by-commit, and each commit has the resulting assembly in the message. ## Checked integer methods These methods recently switched to bitwise operators in PRs rust-lang#89459 and rust-lang#89351. I confirmed bitwise operators are needed in most of the functions, except these two: * `{integer}::checked_div` ([Godbolt link (nightly)](https://rust.godbolt.org/z/17efh5jPc)) * `{integer}::checked_rem` ([Godbolt link (nightly)](https://rust.godbolt.org/z/85qGWc94K)) `@tspiteri` already mentioned this was the case in rust-lang#89459 (comment), but opted to also switch those two to bitwise operators for consistency. As that makes MC/DC analysis harder this PR proposes switching those two back to short-circuiting operators. ## `{unsigned_ints}::carrying_add` [Godbolt link (1.56.0)](https://rust.godbolt.org/z/vG9vx8x48) In this instance replacing the `|` with `||` produces the exact same assembly when optimizations are enabled, so switching to the short-circuiting operator shouldn't have any impact. ## `{unsigned_ints}::borrowing_sub` [Godbolt link (1.56.0)](https://rust.godbolt.org/z/asEfKaGE4) In this instance replacing the `|` with `||` produces the exact same assembly when optimizations are enabled, so switching to the short-circuiting operator shouldn't have any impact. ## String UTF-8 validation [Godbolt link (1.56.0)](https://rust.godbolt.org/z/a4rEbTvvx) In this instance replacing the `|` with `||` produces practically the same assembly, with the two operands for the "or" swapped: ```asm ; Old mov rax, qword ptr [rdi + rdx + 8] or rax, qword ptr [rdi + rdx] test rax, r9 je .LBB0_7 ; New mov rax, qword ptr [rdi + rdx] or rax, qword ptr [rdi + rdx + 8] test rax, r8 je .LBB0_7 ``` [MC/DC]: https://en.wikipedia.org/wiki/Modified_condition/decision_coverage
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
For
self == Self::MIN && rhs == -1, LLVM does not realize that this is the same check made byself / rhs, so the code generated may have some unnecessary duplication. For(self == Self::MIN) & (rhs == -1), LLVM realizes it is the same check.