Port all viable contracts from verify-rust-std #147148

tautschnig · 2025-09-29T07:08:36Z

Ports over all contracts (other than those for Alignment, see the separate PR) that can be expressed using the current, experimental contracts syntax. (Notably, this excludes all contracts that refer to pointer validity.)

library/alloc/src/collections/vec_deque/iter.rs

bjorn3 · 2025-09-30T11:19:20Z

library/core/src/num/uint_macros.rs

+        #[core::contracts::requires(!self.overflowing_mul(rhs).1)]
        pub const unsafe fn unchecked_mul(self, rhs: Self) -> Self {
            assert_unsafe_precondition!(
                check_language_ub,


Many contracts are duplicating existing assert_unsafe_precondition!(). How should we handle this duplication?

My personal opinion is that all uses of assert_unsafe_precondition should be replaced by contracts::requires clauses as contracts provide a more general framework.

bjorn3 · 2025-09-30T11:23:21Z

tests/mir-opt/inline/unchecked_shifts.unchecked_shl_unsigned_smaller.Inline.panic-unwind.diff

+         _7 = &_4;
+         _6 = {closure@$SRC_DIR/core/src/num/uint_macros.rs:LL:COL} { 0: copy _7 };
+         StorageDead(_7);
+         _5 = contract_check_requires::<{closure@core::num::<impl u16>::unchecked_shl::{closure#0}}>(move _6) -> [return: bb1, unwind continue];


All these extra checks would slow down debug builds a lot in terms of runtime performance and likely a bit in build times, right? Can we check by how much exactly?

With #144438 merged there should not be any runtime impact (not even in debug builds), unless contract checks are enabled. Build times, however, may indeed be affects. Would you have any suggestion on what experiments we should perform to obtain numbers?

bors · 2025-10-03T16:26:18Z

☔ The latest upstream changes (presumably #142771) made this pull request unmergeable. Please resolve the merge conflicts.

Ports over all contracts (other than those for `Alignment`, see the separate PR) that can be expressed using the current, experimental contracts syntax. (Notably, this excludes all contracts that refer to pointer validity.)

Updated via `./x.py test mir-opt --bless --stage 1`.

These are now expressible thanks to aeae085.

rustbot · 2025-10-30T12:23:39Z

⚠️ #[rustc_allow_const_fn_unstable] needs careful audit to avoid accidentally exposing unstable
implementation details on stable.

cc @rust-lang/wg-const-eval

The Miri subtree was changed

cc @rust-lang/miri

Some changes occurred to the intrinsics. Make sure the CTFE / Miri interpreter
gets adapted for the changes, if necessary.

cc @rust-lang/miri, @RalfJung, @oli-obk, @lcnr

rustbot · 2025-10-30T12:23:41Z

r? @scottmcm

rustbot has assigned @scottmcm.
They will have a look at your PR within the next two weeks and either review your PR or reassign to another reviewer.

Use r? to explicitly pick a reviewer

tautschnig · 2025-10-30T17:20:43Z

@bors try @rust-timer queue

rust-bors · 2025-10-30T17:20:46Z

@tautschnig: 🔑 Insufficient privileges: not in try users

saethlin · 2025-10-30T17:53:16Z

@bors try @rust-timer queue

You can always ask for a perf run here: https://rust-lang.zulipchat.com/#narrow/channel/182449-t-compiler.2Fhelp/topic/perf.20run/with/543397764

…r=<try> Port all viable contracts from verify-rust-std

rust-bors · 2025-10-30T20:13:32Z

☀️ Try build successful (CI)
Build commit: 2c09cd9 (2c09cd94b5816629b10657151037a6951ff7a7d6, parent: 8205e6b75ec656305ac235d4726d2c7a1ddcef14)

rust-timer · 2025-10-30T22:29:40Z

Finished benchmarking commit (2c09cd9): comparison URL.

Overall result: ❌ regressions - please read the text below

Benchmarking this pull request means it may be perf-sensitive – we'll automatically label it not fit for rolling up. You can override this, but we strongly advise not to, due to possible changes in compiler perf.

Next Steps: If you can justify the regressions found in this try perf run, please do so in sufficient writing along with @rustbot label: +perf-regression-triaged. If not, please fix the regressions and do another perf run. If its results are neutral or positive, the label will be automatically removed.

@bors rollup=never
@rustbot label: -S-waiting-on-perf +perf-regression

Instruction count

Our most reliable metric. Used to determine the overall result above. However, even this metric can be noisy.

	mean	range	count
Regressions ❌ (primary)	1.0%	[0.1%, 12.2%]	79
Regressions ❌ (secondary)	3.3%	[0.0%, 17.6%]	53
Improvements ✅ (primary)	-	-	0
Improvements ✅ (secondary)	-0.1%	[-0.3%, -0.1%]	3
All ❌✅ (primary)	1.0%	[0.1%, 12.2%]	79

Max RSS (memory usage)

Results (primary 1.6%, secondary 2.9%)

A less reliable metric. May be of interest, but not used to determine the overall result above.

	mean	range	count
Regressions ❌ (primary)	2.0%	[0.8%, 3.8%]	22
Regressions ❌ (secondary)	3.5%	[1.0%, 8.0%]	28
Improvements ✅ (primary)	-2.2%	[-3.6%, -0.7%]	2
Improvements ✅ (secondary)	-3.1%	[-4.2%, -1.3%]	3
All ❌✅ (primary)	1.6%	[-3.6%, 3.8%]	24

Cycles

Results (primary 4.5%, secondary 4.1%)

A less reliable metric. May be of interest, but not used to determine the overall result above.

	mean	range	count
Regressions ❌ (primary)	4.5%	[2.1%, 10.7%]	8
Regressions ❌ (secondary)	6.0%	[1.4%, 18.2%]	36
Improvements ✅ (primary)	-	-	0
Improvements ✅ (secondary)	-4.6%	[-8.0%, -1.3%]	8
All ❌✅ (primary)	4.5%	[2.1%, 10.7%]	8

Binary size

Results (primary 0.3%, secondary 0.9%)

A less reliable metric. May be of interest, but not used to determine the overall result above.

	mean	range	count
Regressions ❌ (primary)	0.3%	[0.0%, 1.2%]	103
Regressions ❌ (secondary)	0.9%	[0.0%, 3.9%]	42
Improvements ✅ (primary)	-0.0%	[-0.0%, -0.0%]	1
Improvements ✅ (secondary)	-	-	0
All ❌✅ (primary)	0.3%	[-0.0%, 1.2%]	104

Bootstrap: 475.886s -> 478.145s (0.47%)
Artifact size: 390.36 MiB -> 390.64 MiB (0.07%)

bors · 2025-11-03T04:04:19Z

☔ The latest upstream changes (presumably #148412) made this pull request unmergeable. Please resolve the merge conflicts.

Noratrieb reviewed Sep 29, 2025

View reviewed changes

library/alloc/src/collections/vec_deque/iter.rs Outdated Show resolved Hide resolved

This comment has been minimized.

Sign in to view

bjorn3 reviewed Sep 30, 2025

View reviewed changes

tautschnig force-pushed the upstream-contracts/not-alignment branch from fc56734 to f47406e Compare October 29, 2025 12:46

This comment has been minimized.

Sign in to view

tautschnig force-pushed the upstream-contracts/not-alignment branch 2 times, most recently from fa3bb5c to b38b44c Compare October 29, 2025 19:00

This comment has been minimized.

Sign in to view

tautschnig added 4 commits October 30, 2025 10:09

Port all viable contracts from verify-rust-std

677b604

Ports over all contracts (other than those for `Alignment`, see the separate PR) that can be expressed using the current, experimental contracts syntax. (Notably, this excludes all contracts that refer to pointer validity.)

Update expected MIR in tests

919d34a

Updated via `./x.py test mir-opt --bless --stage 1`.

Add contracts that require contract variables

e6c9c8d

These are now expressible thanks to aeae085.

Bless Miri test change

357743f

tautschnig force-pushed the upstream-contracts/not-alignment branch from 2daa184 to 357743f Compare October 30, 2025 10:09

tautschnig marked this pull request as ready for review October 30, 2025 12:23

rustbot added the S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. label Oct 30, 2025

rustbot removed the S-waiting-on-author Status: This is awaiting some action (such as code changes or more information) from the author. label Oct 30, 2025

rustbot assigned scottmcm Oct 30, 2025

This comment has been minimized.

Sign in to view

rust-bors bot added a commit that referenced this pull request Oct 30, 2025

Auto merge of #147148 - tautschnig:upstream-contracts/not-alignment, …

2c09cd9

…r=<try> Port all viable contracts from verify-rust-std

rustbot added the S-waiting-on-perf Status: Waiting on a perf run to be completed. label Oct 30, 2025

This comment has been minimized.

Sign in to view

rustbot added perf-regression Performance regression. and removed S-waiting-on-perf Status: Waiting on a perf run to be completed. labels Oct 30, 2025

dawidl022 mentioned this pull request Nov 6, 2025

Remove 'static bound on contract ensures closure #148595

Open

Port all viable contracts from verify-rust-std #147148

Are you sure you want to change the base?

Port all viable contracts from verify-rust-std #147148

Conversation

tautschnig commented Sep 29, 2025

Uh oh!

Uh oh!

This comment has been minimized.

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

bors commented Oct 3, 2025

Uh oh!

This comment has been minimized.

This comment has been minimized.

rustbot commented Oct 30, 2025

Uh oh!

rustbot commented Oct 30, 2025

Uh oh!

tautschnig commented Oct 30, 2025

Uh oh!

This comment has been minimized.

rust-bors bot commented Oct 30, 2025

Uh oh!

saethlin commented Oct 30, 2025

Uh oh!

This comment has been minimized.

This comment has been minimized.

rust-bors bot commented Oct 30, 2025

Uh oh!

This comment has been minimized.

rust-timer commented Oct 30, 2025

Overall result: ❌ regressions - please read the text below

Uh oh!

bors commented Nov 3, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

10 participants