Remove implicit total orderings

[dingxiangfei2009]

This PR will attempt to remove implicit orderings on sty data that are not naturally bestowed with either total or partial ordering.

It has come to attention specifically that a subtle mis-compilation was introduced in #104786 causing segfaults. By transposing the order of the variants in Mutability, in rare cases ADT constructors are miscompiled with incorrect memory layout. More details will come as the investigation into making a MVCE is underway.

[rustbot]

r? @wesleywiser

(rustbot has picked a reviewer for you, use r? to override)

[compiler-errors]

I'm happy with this implementation, but I'm curious why...

By transposing the order of the variants in Mutability, in rare cases ADT constructors are miscompiled with incorrect memory layout.

^ this was happening. My understanding of #104786 (seeing that I reviewed it) is that we're allowed to rely on the total ordering of enums in Rust. In what cases were segfaults occurring? Are there any issue # filed against rust-lang/rust associated with it?

[bors]

☔ The latest upstream changes (presumably #107924) made this pull request unmergeable. Please resolve the merge conflicts.

[dingxiangfei2009]

@compiler-errors I am curious, too. It is unfortunate that the code is proprietary, but I will post as much detail as possible here.

The segfault happens when a Option<&String> is read from without checking if it is None. I have inspected the disassembly of the mis-compiled binary.
The original Rust program. Sketch

let options = if cond {
    Some(format!(...))
} else {
    None
};
// ...
let obj = Struct {
    val: options.as_ref(),
};

This is compiled into this AArch64 disassembly. Sketch

LAB_COND_TRUE:
    # some calls to alloc::fmt::format::format_inner
    ldr q0, [x25] # move the String...
    str q0, [sp, 0xb0] # ... into the destination place
    b LAB_BOMB
LAB_COND_FALSE:
    str xzr, [sp, 0xb8]
    b LAB_BOMB
    # ...
LAB_BOMB:
    add x12, sp, 0xb0 # unconditionally take pointer to Option<String>
    str x12, [sp, 0x1b0] # and put it into the "Struct"

Further in another call, it would test if this pointer to Option<String> is not null and access the content accordingly. However, since $sp+0xb0 is never properly initialized, it is reading garbage in that call because the pointer here is never null.

This appears to happen on AMD64 as well.

By inserting println! randomly, it sometimes compiles correctly. Here is the difference in the disassembly.

LAB_COND_TRUE:
    # some calls to alloc::fmt::format::format_inner
    ldr q0, [x25] # move the String...
    str q0, [sp, 0xb0] # ... into the destination place
    # ...
    ldr x8, [sp, 0xb8]
    add x9, sp, 0xb0
    cmp x8, 0x0
    csel x11, xzr, x9, eq # I believe it is checking if String is empty
    b LAB_GOOD
LAB_COND_FALSE:
    mov x11, 0x0
    str xzr, [sp, 0xb8]
    b LAB_GOOD
    # ...
LAB_GOOD:
    str x11, [sp, 0x1b0] # Put it into the "Struct"

Strangely, it is really hard to make a MVCE out of it. It seems that even by adding RUSTFLAGS=--emit=llvm-ir or --emit=mir would make the segfault go away. I would happily accept advice on how to dump the IRs without "disturbing" the internals to much.

[cjgillot]

Why doesn't find_map work any more?

[cjgillot]

Mutability is perhaps the one case where keeping the order is useful and sensible.

[cjgillot]

This definitely needs a comment.

[cjgillot]

This does not need to be in a separate file.

[cjgillot]

Directly make candidates a FxIndexSet.

[bors]

☔ The latest upstream changes (presumably #108116) made this pull request unmergeable. Please resolve the merge conflicts.

[Dylan-DPC]

@dingxiangfei2009 any updates on this?

[dingxiangfei2009]

@Dylan-DPC I forgot about this! The original issue was fixed in LLVM. However, I think it might still be a good idea to work with the types without ordering. If there is no objection to this idea, I will come back to it, rebase it and post fresh commits.

[compiler-errors]

If this was due to an LLVM bug, and not a Rust bug, then I don't see why it's beneficial to remove these total orderings personally.

[JohnCSimon]

@dingxiangfei2009
Ping from triage: I'm closing this due to inactivity, Please reopen when you are ready to continue with this.
Note: if you are going to continue please open the PR BEFORE you push to it, else you won't be able to reopen - this is a quirk of github.
Thanks for your contribution.

@rustbot label: +S-inactive