hi rust twitter: ptr:add (doc.rust-lang.org/std/primitive.) points to wrapping_add (doc.rust-lang.org/std/primitive.) as an alternative if safety requirements are difficult to uphold, but says that wrapping_add disallows some "aggressive compiler optimizations"
anyone know what those are?
Conversation
Replying to
It has a list of the guarantees provided to the compiler by ptr::add at doc.rust-lang.org/std/primitive..
It maps to an LLVM inbounds GEP rather than GEP. There's documentation on this at llvm.org/docs/LangRef.h. Guarantees result will be within the bounds of the object without wrapping.
1
2
It can't cheat by wrapping all the around and back into the same object. It's a bit silly that the safe one is called wrapping_add because allowing wrapping is only one of the things it allows.
Note that ptr::wrapping_add is safe and ptr::add is unsafe due to the UB.
1
1
It's UB to deference a pointer outside the bounds of the object it was derived from regardless of which one you use. The purpose of ptr::add is that it's also undefined to create the pointer outside bounds of the object which enables optimizations even if load isn't right there.
1
Replying to
i need you to realize you linked me at the exact same part of rust docs that i, myself, linked. i was not asking why one is safe and the other is not, i was asking what optimization differences there are
2
Replying to
FWIW, I was just trying to show that the section was based on the LLVM IR specification. I think I likely wrote the initial version of it when I was working on closing these soundness holes in the standard library. Around same time as adding isize::MAX object size limit.