Reduce runtime panics through SystemParam validation
#15276
+616
−24
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
alice-i-cecile
added
A-ECS
|
The opinions of the SME-ECS (@JoJoJet @maniwani @james7132 and myself) and frankly the rest of the ECS community are very positive on the broad direction of this work, so I'm marking it as |
|
|
urben1680
reviewed
Sep 18, 2024
alice-i-cecile
approved these changes
Sep 18, 2024
There was a problem hiding this comment.
As follow-up, we should make the warning behavior configurable, as discussed in #15265.
|
Blocked on #15289 (if we want miri resolved) |
This was referenced Sep 19, 2024
Closed
This was referenced Sep 19, 2024
github-merge-queue bot
pushed a commit
that referenced
this pull request
Sep 19, 2024
# Objective - I was running miri locally to check the UB in #15276 and it detected an unrelated memory leak, due to the `RawCommandQueue` changes. (I probably should have turned the leak detection off because we do purposely leak interned string labels and I assume that's why CI didn't detect it.) ## Solution - The memory allocated to `RawCommandQueue` needs to be manually dropped. This was being done for `bytes` and `cursor`, but was missed for `panic_recovery`. ## Testing - Ran miri locally and the related memory leaks errors when away.
alice-i-cecile
added
S-Needs-Review
|
I'll decline to review, too deep in the ECS internals for my experience. Can't say anything confidently. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Objective
The goal of this PR is to introduce
SystemParamvalidation in order to reduce runtime panics.Fixes #15265
Solution
SystemParamnow has a new methodvalidate_param(...) -> bool, which takes immutable variants ofget_paramarguments. The returned value indicates whether the parameter can be acquired from the world. If parameters cannot be acquired for a system, it won't be executed, similarly to run conditions. This reduces panics when using params likeRes,ResMut, etc. as well as allows for new, ergonomic params like various kinds ofSingle(Query::single) orNonEmptyQuery.Param validation happens at the level of executors. System validation happens after updating archetypes and checking access, but before checking system/system set run conditions. (Technically, we can run validation right after updating archetypes and before checking access, but that'd require a bigger refactor in the executors.) The operation short circuits and marks system as ready, skipping all system and system set run conditions evaluation.
System and system set run conditions are validated per system/system set, if params are invalid the conditions are marked as not met.
Warning about system skipping will be part of another PR.
Testing
Two executor tests check that all executors:
Migration Guide
SystemParamimplementations need to implementvalidate_param.