Commit Graph

7414 Commits

Author SHA1 Message Date
Dylan DPC
f7f2d83eda
Rollup merge of - saethlin:swap-test-invalidation, r=Dylan-DPC
Fix &mut invalidation in ptr::swap doctest

Under Stacked Borrows with raw pointer tagging, the previous code was UB
because the code which creates the the second pointer borrows the array
through a tag in the borrow stacks below the Unique tag that our first
pointer is based on, thus invalidating the first pointer.

This is not definitely a bug and may never be real UB, but I desperately
want people to write code that conforms to SB with raw pointer tagging
so that I can write good diagnostics. The alternative aliasing models
aren't possible to diagnose well due to state space explosion.
Therefore, it would be super cool if the standard library nudged people
towards writing code that is valid with respect to SB with raw pointer
tagging.

The diagnostics that I want to write are implemented in a branch of Miri and the one for this case is below:
```
error: Undefined Behavior: attempting a read access using <2170> at alloc1068[0x0], but that tag does not exist in the borrow stack for this location
    --> /home/ben/rust/library/core/src/intrinsics.rs:2103:14
     |
2103 |     unsafe { copy_nonoverlapping(src, dst, count) }
     |              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
     |              |
     |              attempting a read access using <2170> at alloc1068[0x0], but that tag does not exist in the borrow stack for this location
     |              this error occurs as part of an access at alloc1068[0x0..0x8]
     |
     = help: this indicates a potential bug in the program: it performed an invalid operation, but the rules it violated are still experimental
     = help: see https://github.com/rust-lang/unsafe-code-guidelines/blob/master/wip/stacked-borrows.md for further information
help: <2170> was created due to a retag at offsets [0x0..0x10]
    --> ../libcore/src/ptr/mod.rs:640:9
     |
8    | let x = array[0..].as_mut_ptr() as *mut [u32; 2]; // this is `array[0..2]`
     |         ^^^^^^^^^^^^^^^^^^^^^^^
help: <2170> was later invalidated due to a retag at offsets [0x0..0x10]
    --> ../libcore/src/ptr/mod.rs:641:9
     |
9    | let y = array[2..].as_mut_ptr() as *mut [u32; 2]; // this is `array[2..4]`
     |         ^^^^^
     = note: inside `std::intrinsics::copy_nonoverlapping::<[u32; 2]>` at /home/ben/rust/library/core/src/intrinsics.rs:2103:14
     = note: inside `std::ptr::swap::<[u32; 2]>` at /home/ben/rust/library/core/src/ptr/mod.rs:685:9
note: inside `main::_doctest_main____libcore_src_ptr_mod_rs_635_0` at ../libcore/src/ptr/mod.rs:12:5
    --> ../libcore/src/ptr/mod.rs:644:5
     |
12   |     ptr::swap(x, y);
     |     ^^^^^^^^^^^^^^^
note: inside `main` at ../libcore/src/ptr/mod.rs:15:3
    --> ../libcore/src/ptr/mod.rs:647:3
     |
15   | } _doctest_main____libcore_src_ptr_mod_rs_635_0() }
     |   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace

error: aborting due to previous error
```
2022-04-03 23:21:43 +02:00
Ben Kimock
34bcc8e8ff Don't cast thread name to an integer for prctl
libc::prctl and the prctl definitions in glibc, musl, and the kernel
headers are C variadic functions. Therefore, all the arguments (except
for the first) are untyped. It is only the Linux man page which says
that prctl takes 4 unsigned long arguments. I have no idea why it says
this.

In any case, the upshot is that we don't need to cast the pointer to an
integer and confuse Miri.
2022-04-03 17:03:59 -04:00
Ben Kimock
f4a7ed4338 Fix &mut invalidation in ptr::swap doctest
Under Stacked Borrows with raw pointer tagging, the previous code was UB
because the code which creates the the second pointer borrows the array
through a tag in the borrow stacks below the Unique tag that our first
pointer is based on, thus invalidating the first pointer.

This is not definitely a bug and may never be real UB, but I desperately
want people to write code that conforms to SB with raw pointer tagging
so that I can write good diagnostics. The alternative aliasing models
aren't possible to diagnose well due to state space explosion.
Therefore, it would be super cool if the standard library nudged people
towards writing code that is valid with respect to SB with raw pointer
tagging.
2022-04-03 16:16:33 -04:00
bors
2ad4eb207b Auto merge of - createyourpersonalaccount:derefmut-docfix, r=Dylan-DPC
Improve doc example of DerefMut

It is more illustrative, after using `*x` to modify the field, to show
in the assertion that the field has indeed been modified.
2022-04-03 19:06:20 +00:00
bjorn3
6d0b61e2f5 Mark Location::caller() as #[inline]
This function gets compiled to a single register move as it actually
gets it's return value passed in as argument.
2022-04-03 20:32:39 +02:00
Adam Sandberg Ericsson
9d4d5a4eeb core: document that the align_of* functions return the alignment in bytes 2022-04-03 19:06:21 +01:00
bors
168a020900 Auto merge of - saethlin:unsafe-debug-asserts, r=Amanieu
Add debug assertions to some unsafe functions

As suggested by https://github.com/rust-lang/rust/issues/51713

~~Some similar code calls `abort()` instead of `panic!()` but aborting doesn't work in a `const fn`, and the intrinsic for doing dispatch based on whether execution is in a const is unstable.~~

This picked up some invalid uses of `get_unchecked` in the compiler, and fixes them.

I can confirm that they do in fact pick up invalid uses of `get_unchecked` in the wild, though the user experience is less-than-awesome:
```
     Running unittests (target/x86_64-unknown-linux-gnu/debug/deps/rle_decode_fast-04b7918da2001b50)

running 6 tests
error: test failed, to rerun pass '--lib'

Caused by:
  process didn't exit successfully: `/home/ben/rle-decode-helper/target/x86_64-unknown-linux-gnu/debug/deps/rle_decode_fast-04b7918da2001b50` (signal: 4, SIGILL: illegal instruction)
```

~~As best I can tell these changes produce a 6% regression in the runtime of `./x.py test` when `[rust] debug = true` is set.~~
Latest commit (6894d559bd) brings the additional overhead from this PR down to 0.5%, while also adding a few more assertions. I think this actually covers all the places in `core` that it is reasonable to check for safety requirements at runtime.

Thoughts?
2022-04-03 16:04:47 +00:00
bors
15a242a432 Auto merge of - drmorr0:drmorr-memcmp-cint-cfg, r=petrochenkov
make memcmp return a value of c_int_width instead of i32

This is an attempt to fix  and , namely, that `memcmp` always returns an `i32` regardless of the platform.  I'm running into some issues and was hoping I could get some help.

Here's what I've been attempting so far:

1. Build the stage0 compiler with all the changes _expect_ for the changes in `library/core/src/slice/cmp.rs` and `compiler/rustc_codegen_llvm/src/context.rs`; this is because `target_c_int_width` isn't passed through and recognized as a valid config option yet.  I'm building with `./x.py build --stage 0 library/core library/proc_macro compiler/rustc`
2. Next I add in the `#[cfg(c_int_width = ...)]` params to `cmp.rs` and `context.rs` and build the stage 1 compiler by running `./x.py build --keep-stage 0 --stage 1 library/core library/proc_macro compiler/rustc`.  This step now runs successfully.
3. Lastly, I try to build the test program for AVR mentioned in  with `RUSTFLAGS="--emit llvm-ir" cargo build --release`, and look at the resulting llvm IR, which still shows:

```
...
%11 = call addrspace(1) i32 `@memcmp(i8*` nonnull %5, i8* nonnull %10, i16 5) , !dbg                                                                                                                                                                                                                                 %.not = icmp eq i32 %11, 0, !dbg 
...
; Function Attrs: nounwind optsize                                                                                                                                                                                                                                                                                          declare i32 `@memcmp(i8*,` i8*, i16) local_unnamed_addr addrspace(1) 
```

Any ideas what I'm missing here?  Alternately, if this is totally the wrong approach I'm open to other suggestions.

cc `@Rahix`
2022-04-03 11:16:22 +00:00
Nikolaos Chatzikonstantinou
53887a5d9e
Improve doc example of DerefMut
It is more illustrative, after using `*x` to modify the field, to show
in the assertion that the field has indeed been modified.
2022-04-03 12:42:19 +09:00
David Morrison
aa67016624 make memcmp return a value of c_int_width instead of i32 2022-04-02 17:21:08 -07:00
Dylan DPC
0e528f062d
Rollup merge of - dtolnay:threadlocalu8, r=Dylan-DPC
Refer to u8 by absolute path in expansion of thread_local

The standard library's `thread_local!` macro previously referred to `u8` just as `u8`, resolving to whatever `u8` existed in the type namespace at the call site. This PR replaces those with `$crate::primitive::u8` which always refers to `std::primitive::u8` regardless of what's in scope at the call site. Unambiguously naming primitives inside macro-generated code is the reason that std::primitive was introduced in the first place.

<details>
<summary>Here is the error message prior to this PR ⬇️</summary>

```console
error[E0308]: mismatched types
 --> src/main.rs:6:1
  |
6 | / std::thread_local! {
7 | |     pub static A: i32 = f();
8 | |     pub static B: i32 = const { 0 };
9 | | }
  | |_^ expected struct `u8`, found integer
  |
  = note: this error originates in the macro `$crate::__thread_local_inner` (in Nightly builds, run with -Z macro-backtrace for more info)

error[E0308]: mismatched types
 --> src/main.rs:6:1
  |
6 | / std::thread_local! {
7 | |     pub static A: i32 = f();
8 | |     pub static B: i32 = const { 0 };
9 | | }
  | | ^
  | | |
  | |_expected struct `u8`, found integer
  |   this expression has type `u8`
  |
  = note: this error originates in the macro `$crate::__thread_local_inner` (in Nightly builds, run with -Z macro-backtrace for more info)

error[E0308]: mismatched types
 --> src/main.rs:6:1
  |
6 | / std::thread_local! {
7 | |     pub static A: i32 = f();
8 | |     pub static B: i32 = const { 0 };
9 | | }
  | |_^ expected `u8`, found struct `u8`
  |
  = note: expected raw pointer `*mut u8` (`u8`)
             found raw pointer `*mut u8` (struct `u8`)
  = note: this error originates in the macro `$crate::__thread_local_inner` (in Nightly builds, run with -Z macro-backtrace for more info)

error[E0308]: mismatched types
 --> src/main.rs:6:1
  |
6 | / std::thread_local! {
7 | |     pub static A: i32 = f();
8 | |     pub static B: i32 = const { 0 };
9 | | }
  | |_^ expected `u8`, found struct `u8`
  |
  = note: expected fn pointer `unsafe extern "C" fn(*mut u8)`
                found fn item `unsafe extern "C" fn(*mut u8) {destroy}`
  = note: this error originates in the macro `$crate::__thread_local_inner` (in Nightly builds, run with -Z macro-backtrace for more info)

error[E0308]: mismatched types
 --> src/main.rs:6:1
  |
6 | / std::thread_local! {
7 | |     pub static A: i32 = f();
8 | |     pub static B: i32 = const { 0 };
9 | | }
  | | ^
  | | |
  | |_expected struct `u8`, found integer
  |   expected due to this type
  |
  = note: this error originates in the macro `$crate::__thread_local_inner` (in Nightly builds, run with -Z macro-backtrace for more info)

error[E0369]: binary operation `==` cannot be applied to type `u8`
 --> src/main.rs:6:1
  |
6 | / std::thread_local! {
7 | |     pub static A: i32 = f();
8 | |     pub static B: i32 = const { 0 };
9 | | }
  | | ^
  | | |
  | |_u8
  |   {integer}
  |
note: an implementation of `PartialEq<_>` might be missing for `u8`
 --> src/main.rs:4:1
  |
4 | struct u8;
  | ^^^^^^^^^^ must implement `PartialEq<_>`
  = note: this error originates in the macro `$crate::assert_eq` (in Nightly builds, run with -Z macro-backtrace for more info)
help: consider annotating `u8` with `#[derive(PartialEq)]`
  |
4 | #[derive(PartialEq)]
  |

error[E0277]: `u8` doesn't implement `Debug`
 --> src/main.rs:6:1
  |
6 | / std::thread_local! {
7 | |     pub static A: i32 = f();
8 | |     pub static B: i32 = const { 0 };
9 | | }
  | |_^ `u8` cannot be formatted using `{:?}`
  |
  = help: the trait `Debug` is not implemented for `u8`
  = note: add `#[derive(Debug)]` to `u8` or manually `impl Debug for u8`
  = note: this error originates in the macro `$crate::assert_eq` (in Nightly builds, run with -Z macro-backtrace for more info)
```
</details>
2022-04-02 22:38:22 +02:00
Dylan DPC
2edc4b8e9f
Rollup merge of - m-ou-se:std-remove-associated-type-bounds, r=Dylan-DPC
Remove need for associated_type_bounds in std.
2022-04-02 22:38:19 +02:00
David Tolnay
d93af61981
Refer to u8 by absolute path in expansion of thread_local 2022-04-02 11:38:11 -07:00
Ralf Jung
dd85a7682c refine wording and describe alternatives 2022-04-02 11:19:29 -04:00
Dylan DPC
dc11de63e0
Rollup merge of - niluxv:issue-95533, r=dtolnay
Fix `thread_local!` macro to be compatible with `no_implicit_prelude`

Fixes issue  .
2022-04-02 03:34:25 +02:00
Dylan DPC
d6f6084b24
Rollup merge of - declanvk:nonnull-provenance, r=dtolnay
Implement provenance preserving methods on NonNull

### Description
 Add the `addr`, `with_addr`, `map_addr` methods to the `NonNull` type, and map the address type to `NonZeroUsize`.

 ### Motivation
 The `NonNull` type is useful for implementing pointer types which have  the 0-niche. It is currently possible to implement these provenance  preserving functions by calling `NonNull::as_ptr` and `new_unchecked`. The adding these methods makes it more ergonomic.

 ### Testing
 Added a unit test of a non-null tagged pointer type. This is based on some real code I have elsewhere, that currently routes the pointer through a `NonZeroUsize` and back out to produce a usable pointer. I wanted to produce an ideal version of the same tagged pointer struct that preserved pointer provenance.

### Related

Extension of APIs proposed in  . I can also split this out into a separate tracking issue if that is better (though I may need some pointers on how to do that).
2022-04-02 03:34:24 +02:00
Dylan DPC
d7a24003d8
Rollup merge of - dtolnay:rustc_const_stable, r=lcnr
Handle rustc_const_stable attribute in library feature collector

The library feature collector in [compiler/rustc_passes/src/lib_features.rs](551b4fa395/compiler/rustc_passes/src/lib_features.rs) has only been looking at `#[stable(…)]`, `#[unstable(…)]`, and `#[rustc_const_unstable(…)]` attributes, while ignoring `#[rustc_const_stable(…)]`. The consequences of this were:

- When any const feature got stabilized (changing one or more `rustc_const_unstable` to `rustc_const_stable`), users who had previously enabled that unstable feature using `#![feature(…)]` would get told "unknown feature", rather than rustc's nicer "the feature … has been stable since … and no longer requires an attribute to enable".

    This can be seen in the way that https://github.com/rust-lang/rust/pull/93957#issuecomment-1079794660 failed after rebase:

    ```console
    error[E0635]: unknown feature `const_ptr_offset`
      --> $DIR/offset_from_ub.rs:1:35
       |
    LL | #![feature(const_ptr_offset_from, const_ptr_offset)]
       |                                   ^^^^^^^^^^^^^^^^
    ```

- We weren't enforcing that a particular feature is either stable everywhere or unstable everywhere, and that a feature that has been stabilized has the same stabilization version everywhere, both of which we enforce for the other stability attributes.

This PR updates the library feature collector to handle `rustc_const_stable`, and fixes places in the standard library and test suite where `rustc_const_stable` was being used in a way that does not meet the rules for a stability attribute.
2022-04-02 03:34:21 +02:00
bors
297a8018b5 Auto merge of - matthiaskrgr:rollup-bxminn9, r=matthiaskrgr
Rollup of 6 pull requests

Successful merges:

 -  (Clean up, categorize and sort unstable features in std.)
 -  (Better suggestions for `Fn`-family trait selection errors)
 -  (suggest wrapping single-expr blocks in square brackets)
 -  (Make `impl Debug for rustdoc::clean::Item` easier to read)
 -  (interpret: make isize::MAX the limit for dynamic value sizes)
 -  (rustdoc: do not show primitives and keywords as private)

Failed merges:

r? `@ghost`
`@rustbot` modify labels: rollup
2022-04-01 17:19:15 +00:00
Matthias Krüger
a92286f9c9
Rollup merge of - autumnontape:allocator-realloc-align-docs, r=Amanieu
add notes about alignment-altering reallocations to Allocator docs

As I said in https://github.com/rust-lang/wg-allocators/issues/97, the fact that calls to `grow`, `grow_zeroed`, and `shrink` may request altered alignments is surprising and may be a pitfall for implementors of `Allocator` if it's left implicit. This pull request adds a note to the "Safety" section of each function's docs making it explicit.
2022-04-01 12:07:05 +02:00
Matthias Krüger
b81d235974
Rollup merge of - RalfJung:utf8_char_counts, r=Dylan-DPC
make utf8_char_counts test faster in Miri

This currently takes >3min on GHA, so let's reduce the test size a bit more for Miri.
2022-04-01 12:07:05 +02:00
Matthias Krüger
c37aeb0299
Rollup merge of - RalfJung:miri-is-too-slow, r=scottmcm
skip slow int_log tests in Miri

Iterating over i16::MAX many things takes a long time in Miri, let's not do that.
I added https://github.com/rust-lang/miri/pull/2044 on the Miri side to still give us some test coverage.
2022-04-01 12:07:03 +02:00
Matthias Krüger
3245e61298
Rollup merge of - RalfJung:ptrs-not-ints, r=dtolnay
ptr_metadata test: avoid ptr-to-int transmutes

Pointers can have provenance, integers don't, so transmuting pointers to integers creates "non-standard" values and it is unclear how well those can be supported (https://github.com/rust-lang/unsafe-code-guidelines/issues/286).

So for this test let's take the safer option and use a pointer type instead. That also makes Miri happy. :)
2022-04-01 12:07:02 +02:00
Mara Bos
4b1b305ccb Use MaybeUninit for clock_gettime's timespec. 2022-04-01 11:11:58 +02:00
Mara Bos
321690c827 Don't spin on contended mutexes. 2022-04-01 11:11:46 +02:00
Mara Bos
6392f1555e Shuffle around #[inline] and #[cold] in mutex impl. 2022-04-01 11:11:28 +02:00
Mara Bos
c49887da27 Add comment about futex_wait timeout. 2022-04-01 11:10:58 +02:00
niluxv
1f232b8e6d Fix thread_local! macro to be compatible with no_implicit_prelude
Fixes issue  
2022-04-01 10:38:41 +02:00
Mara Bos
aec51fbf40 Remove need for associated_type_bounds in std. 2022-04-01 10:38:39 +02:00
Declan Kelly
2a827635ba Implement provenance preserving method on NonNull
**Description**
 Add the `addr`, `with_addr, `map_addr` methods to the `NonNull` type,
 and map the address type to `NonZeroUsize`.

 **Motiviation**
 The `NonNull` type is useful for implementing pointer types which have
 the 0-niche. It is currently possible to implement these provenance
 preserving functions by calling `NonNull::as_ptr` and `new_unchecked`.
 The addition of these methods simply make it more ergonomic to use.

 **Testing**
 Added a unit test of a nonnull tagged pointer type. This is based on
 some real code I have elsewhere, that currently routes the pointer
 through a `NonZeroUsize` and back out to produce a usable pointer.
2022-04-01 00:23:09 -07:00
Matthias Krüger
3cb5925660
Rollup merge of - m-ou-se:std-features, r=yaahc
Clean up, categorize and sort unstable features in std.
2022-04-01 06:59:40 +02:00
Ralf Jung
2d74528c21 caution against ptr-to-int transmutes 2022-03-31 21:11:37 -04:00
Autumn
e2466821ad add notes about alignment-altering reallocs to Allocator docs 2022-03-31 16:13:19 -07:00
David Tolnay
971ecff70f
Fix feature name of stable parts of strict_provenance 2022-03-31 12:46:30 -07:00
David Tolnay
3c8e7b9e56
Adjust MaybeUninit feature names to avoid changing unstable one 2022-03-31 12:34:49 -07:00
David Tolnay
4246916619
Adjust feature names that disagree on const stabilization version 2022-03-31 12:34:48 -07:00
Ralf Jung
85bfe2d99d make utf8_char_counts test faster in Miri 2022-03-31 13:11:44 -04:00
Mara Bos
79220247cd Categorize and sort unstable features in std. 2022-03-31 18:43:12 +02:00
Ralf Jung
487bd8184f skip slow int_log tests in Miri 2022-03-31 11:48:51 -04:00
Dylan DPC
b4f140f75c
Rollup merge of - rust-lang:ptrtypo, r=lcnr
Fix typos in core::ptr docs
2022-03-31 17:29:55 +02:00
Dylan DPC
eb0e8c3418
Rollup merge of - ehuss:doc-target_has_atomic-stabilized, r=Dylan-DPC
Update target_has_atomic documentation for stabilization

`cfg(target_has_atomic)` was stabilized in , but this small note in the docs was not updated at the time.
2022-03-31 17:29:53 +02:00
bstrie
bd49581dcf
Fix typos in core::ptr docs 2022-03-31 09:56:36 -04:00
Ralf Jung
907ba11490 ptr_metadata test: avoid ptr-to-int transmutes 2022-03-31 09:32:30 -04:00
Dylan DPC
0b71ca84b0
Rollup merge of - sunfishcode:sunfishcode/fix-openbsd, r=dtolnay
Fix library/std compilation on openbsd.

Fix a minor typo from  which prevented compilation on x86_64-unknown-openbsd.
2022-03-31 13:09:55 +02:00
Dylan DPC
c90a94707f
Rollup merge of - faern:stabilize-vec_retain_mut, r=yaahc
Stabilize feature vec_retain_mut on Vec and VecDeque

Closes 
2022-03-31 04:57:27 +02:00
Dylan DPC
32c5a57a00
Rollup merge of - workingjubilee:stably-finished, r=m-ou-se
Stabilize thread::is_finished

Closes .

r? `@m-ou-se`
2022-03-31 04:57:25 +02:00
Dan Gohman
c89f11e1db Fix library/std compilation on openbsd.
Fix a minor typo from  which prevented compilation on x86_64-unknown-openbsd.
2022-03-30 18:06:21 -07:00
Dylan DPC
d6c959c680
Rollup merge of - jhorstmann:fix-double-drop-of-allocator-in-vec-into-iter, r=oli-obk
Fix double drop of allocator in IntoIter impl of Vec

Fixes 

The `drop` impl of `IntoIter` reconstructs a `RawVec` from `buf`, `cap` and `alloc`, when that `RawVec` is dropped it also drops the allocator. To avoid dropping the allocator twice we wrap it in `ManuallyDrop` in the `InttoIter` struct.

Note this is my first contribution to the standard library, so I might be missing some details or a better way to solve this.
2022-03-31 00:26:32 +02:00
Vadim Petrochenkov
1004783ef9 Stabilize native library modifier syntax and the whole-archive modifier specifically 2022-03-30 23:53:21 +03:00
Linus Färnstrand
796f385190 Stabilize feature vec_retain_mut on Vec and VecDeque 2022-03-30 20:28:50 +02:00
bors
3e7514670d Auto merge of - lcnr:inherent-impls-std, r=oli-obk,m-ou-se
allow arbitrary inherent impls for builtin types in core

Part of https://github.com/rust-lang/compiler-team/issues/487. Slightly adjusted after some talks with `@m-ou-se` about the requirements of `t-libs-api`.

This adds a crate attribute `#![rustc_coherence_is_core]` which allows arbitrary impls for builtin types in core.

For other library crates impls for builtin types should be avoided if possible. We do have to allow the existing stable impls however. To prevent us from accidentally adding more of these in the future, there is a second attribute `#[rustc_allow_incoherent_impl]` which has to be added to **all impl items**. This only supports impls for builtin types but can easily be extended to additional types in a future PR.

This implementation does not check for overlaps in these impls. Perfectly checking that requires us to check the coherence of these incoherent impls in every crate, as two distinct dependencies may add overlapping methods. It should be easy enough to detect if it goes wrong and the attribute is only intended for use inside of std.

The first two commits are mostly unrelated cleanups.
2022-03-30 12:28:50 +00:00
Mara Bos
25eb060779
Don't stabilize ScopedJoinHandle::is_finished yet. 2022-03-30 13:59:27 +02:00
Chris Denton
547504795c
Synchronize asynchronous pipe reads and writes 2022-03-30 11:19:51 +01:00
bors
e50ff9b452 Auto merge of - Gankra:cleaned-provenance, r=workingjubilee
Strict Provenance MVP

This patch series examines the question: how bad would it be if we adopted
an extremely strict pointer provenance model that completely banished all
int<->ptr casts.

The key insight to making this approach even *vaguely* pallatable is the

ptr.with_addr(addr) -> ptr

function, which takes a pointer and an address and creates a new pointer
with that address and the provenance of the input pointer. In this way
the "chain of custody" is completely and dynamically restored, making the
model suitable even for dynamic checkers like CHERI and Miri.

This is not a formal model, but lots of the docs discussing the model
have been updated to try to the *concept* of this design in the hopes
that it can be iterated on.

See 
2022-03-30 10:09:10 +00:00
lcnr
afbecc0f68 remove now unnecessary lang items 2022-03-30 11:23:58 +02:00
lcnr
bef6f3e895 rework implementation for inherent impls for builtin types 2022-03-30 11:23:58 +02:00
Dylan DPC
abb02d40a4
Rollup merge of - yaahc:termination-version-correction, r=ehuss
fix since field version for termination stabilization

fixes incorrect version fields in stabilization of https://github.com/rust-lang/rust/pull/93840

r? `@ehuss`
2022-03-30 09:10:05 +02:00
Dylan DPC
e332f3b45e
Rollup merge of - sourcefrog:doc-copy, r=dtolnay
Document Linux kernel handoff in std::io::copy and std::fs::copy
2022-03-30 09:10:04 +02:00
Martin Pool
cfee2ed8cb Warn that platform-specific behavior may change 2022-03-29 19:49:15 -07:00
Aria Beingessner
e3a3afe050 fix unix typedef 2022-03-29 22:45:31 -04:00
Aria Beingessner
37d4753776 fixup feature position in liballoc 2022-03-29 20:18:29 -04:00
Aria Beingessner
a91a9eefff clarify that WASM has address spaces 2022-03-29 20:18:28 -04:00
Aria Beingessner
075c576182 fix doc link 2022-03-29 20:18:28 -04:00
Aria Beingessner
378ed259d9 refine the definition of temporal provenance 2022-03-29 20:18:28 -04:00
Aria Beingessner
28576e9c51 mark FIXMES for all the places found that are probably offset_from 2022-03-29 20:18:28 -04:00
Aria Beingessner
5f720fa55e more review fixes to ptr docs 2022-03-29 20:18:28 -04:00
Aria Beingessner
9efcd996d5 Add even more details to top-level pointer docs 2022-03-29 20:18:27 -04:00
Aria Beingessner
7514d760b8 cleanup some of the less terrifying library code 2022-03-29 20:18:27 -04:00
Aria Beingessner
31e1cde4b5 clean up pointer docs 2022-03-29 20:18:27 -04:00
Aria Beingessner
b608df8277 revert changes that cast functions to raw pointers, portability hazard 2022-03-29 20:18:27 -04:00
Alexis Beingessner
09395f626b Make some linux/unix APIs better conform to strict provenance.
This largely makes the stdlib conform to strict provenance on Ubuntu.
Some hairier things have been left alone for now.
2022-03-29 20:18:27 -04:00
Aria Beingessner
c7de289e1c Make the stdlib largely conform to strict provenance.
Some things like the unwinders and system APIs are not fully conformant,
this only covers a lot of low-hanging fruit.
2022-03-29 20:18:21 -04:00
Aria Beingessner
5167b6891c Introduce experimental APIs for conforming to "strict provenance".
This patch series examines the question: how bad would it be if we adopted
an extremely strict pointer provenance model that completely banished all
int<->ptr casts.

The key insight to making this approach even *vaguely* pallatable is the

ptr.with_addr(addr) -> ptr

function, which takes a pointer and an address and creates a new pointer
with that address and the provenance of the input pointer. In this way
the "chain of custody" is completely and dynamically restored, making the
model suitable even for dynamic checkers like CHERI and Miri.

This is not a formal model, but lots of the docs discussing the model
have been updated to try to the *concept* of this design in the hopes
that it can be iterated on.
2022-03-29 20:16:34 -04:00
Jane Lusby
09e7b0b951 fix since field version for termination stabilization 2022-03-29 17:10:49 -07:00
Dylan DPC
3208ed7b21
Rollup merge of - thomcc:fix-unwind-safe, r=m-ou-se
Ensure io::Error's bitpacked repr doesn't accidentally impl UnwindSafe

Sadly, I'm not sure how to easily test that we don't impl a trait, though (or can libstd use `where io::Error: !UnwindSafe` or something).

Fixes 
2022-03-29 22:46:33 +02:00
Dylan DPC
bba2a64d0c
Rollup merge of - yaahc:termination-stabilization-celebration-station, r=joshtriplett
Stabilize Termination and ExitCode

From https://github.com/rust-lang/rust/issues/43301

This PR stabilizes the Termination trait and associated ExitCode type. It also adjusts the ExitCode feature flag to replace the placeholder flag with a more permanent name, as well as splitting off the `to_i32` method behind its own permanently unstable feature flag.

This PR stabilizes the termination trait with the following signature:

```rust
pub trait Termination {
    fn report(self) -> ExitCode;
}
```

The existing impls of `Termination` are effectively already stable due to the prior stabilization of `?` in main.

This PR also stabilizes the following APIs on exit code

```rust
#[derive(Clone, Copy, Debug)]
pub struct ExitCode(_);

impl ExitCode {
    pub const SUCCESS: ExitCode;
    pub const FAILURE: ExitCode;
}

impl From<u8> for ExitCode { /* ... */ }
```

---

All of the previous blockers have been resolved. The main ones that were resolved recently are:

* The trait's name: We decided against changing this since none of the alternatives seemed particularly compelling. Instead we decided to end the bikeshedding and stick with the current name. ([link to the discussion](https://rust-lang.zulipchat.com/#narrow/stream/219381-t-libs/topic/Termination.2FExit.20Status.20Stabilization/near/269793887))
* Issues around platform specific representations: We resolved this issue by changing the return type of `report` from `i32` to the opaque type `ExitCode`. That way we can change the underlying representation without affecting the API, letting us offer full support for platform specific exit code APIs in the future.
* Custom exit codes: We resolved this by adding `From<u8> for ExitCode`. We choose to only support u8 initially because it is the least common denominator between the sets of exit codes supported by our current platforms. In the future we anticipate adding platform specific extension traits to ExitCode for constructors from larger or negative numbers, as needed.
2022-03-29 22:46:31 +02:00
Thom Chiovoloni
3ac93abfb2
Indicate the correct error code in the compile_fail block.
Co-authored-by: Mara Bos <m-ou.se@m-ou.se>
2022-03-29 11:45:49 -07:00
Mara Bos
f225808f49 Add tracking issue for sync_unsafe_cell. 2022-03-29 19:54:00 +02:00
Mara Bos
750ab0370e Add SyncUnsafeCell. 2022-03-29 19:48:39 +02:00
bors
05d22212e8 Auto merge of - yanganto:show-ignore-message, r=m-ou-se
Show ignore message in console and json output

- Provide ignore the message in console and JSON output
- Modify the ignore message style in the log file

related: 
2022-03-29 15:18:57 +00:00
Ben Kimock
6e6d0cbf83 Add debug assertions to some unsafe functions
These debug assertions are all implemented only at runtime using
`const_eval_select`, and in the error path they execute
`intrinsics::abort` instead of being a normal debug assertion to
minimize the impact of these assertions on code size, when enabled.

Of all these changes, the bounds checks for unchecked indexing are
expected to be most impactful (case in point, they found a problem in
rustc).
2022-03-29 11:05:24 -04:00
Mara Bos
b1c3494d88
Remove unnecessary .as_ref(). 2022-03-29 15:53:09 +02:00
Antonio Yang
3a0ae49135 Refactor after review
Co-authored-by: Mara Bos <m-ou.se@m-ou.se>
2022-03-29 20:34:13 +08:00
bors
e2301ca543 Auto merge of - MarcusCalhoun-Lopez:i686_apple_darwin, r=m-ou-se
Fix build on i686-apple-darwin systems

Replace `target_arch = "x86_64"` with `not(target_arch = "aarch64")` so that i686-apple-darwin systems dynamically choose implementation.
2022-03-29 10:08:03 +00:00
bors
c1230e137b Auto merge of - HeroicKatora:set-ptr-value, r=dtolnay
Refactor set_ptr_value as with_metadata_of

Replaces `set_ptr_value` () with methods of reversed argument order:

```rust
impl<T: ?Sized> *mut T {
    pub fn with_metadata_of<U: ?Sized>(self, val: *mut U) -> *mut U;
}

impl<T: ?Sized> *const T {
    pub fn with_metadata_of<U: ?Sized>(self, val: *const U) -> *const U;
}
```

By reversing the arguments we achieve several clarifications:

- The function closely resembles `cast` with an argument to
  initialize the metadata. This is easier to teach and answers a long
  outstanding question that had restricted cast to `Sized` pointee
  targets. See multiples reviews of
  <https://github.com/rust-lang/rust/pull/47631>
- The 'object identity', in the form of provenance, is now preserved
  from the receiver argument to the result. This helps explain the method as
  a builder-style, instead of some kind of setter that would modify
  something in-place. Ensuring that the result has the identity of the
  `self` argument is also beneficial for an intuition of effects.
- An outstanding concern, 'Correct argument type', is avoided by not
  committing to any specific argument type. This is consistent with cast
  which does not require its receiver to be a 'raw address'.

Hopefully the usage examples in `sync/rc.rs` serve as sufficient examples of the style to convince the reader of the readability improvements of this style, when compared to the previous order of arguments.

I want to take the opportunity to motivate inclusion of this method _separate_ from metadata API, separate from `feature(ptr_metadata)`. It does _not_ involve the `Pointee` trait in any form. This may be regarded as a very, very light form that does not commit to any details of the pointee trait, or its associated metadata. There are several use cases for which this is already sufficient and no further inspection of metadata is necessary.

- Storing the coercion of `*mut T` into `*mut dyn Trait` as a way to dynamically cast some an arbitrary instance of the same type to a dyn trait instance. In particular, one can have a field of type `Option<*mut dyn io::Seek>` to memorize if a particular writer is seekable. Then a method `fn(self: &T) -> Option<&dyn Seek>` can be provided, which does _not_ involve the static trait bound `T: Seek`. This makes it possible to create an API that is capable of utilizing seekable streams and non-seekable streams (instead of a possible less efficient manner such as more buffering) through the same entry-point.

- Enabling more generic forms of unsizing for no-`std` smart pointers. Using the stable APIs only few concrete cases are available. One can unsize arrays to `[T]` by `ptr::slice_from_raw_parts` but unsizing a custom smart pointer to, e.g., `dyn Iterator`, `dyn Future`, `dyn Debug`, can't easily be done generically. Exposing `with_metadata_of` would allow smart pointers to offer their own `unsafe` escape hatch with similar parameters where the caller provides the unsized metadata. This is particularly interesting for embedded where `dyn`-trait usage can drastically reduce code size.
2022-03-28 22:47:31 +00:00
Marcus Calhoun-Lopez
8c18844324 Fix build on i686-apple-darwin systems
On 32-bit systems, fdopendir is called `_fdopendir$INODE64$UNIX2003`.
On 64-bit systems, fdopendir is called `_fdopendir$INODE64`.
2022-03-28 12:52:14 -07:00
Marcus Calhoun-Lopez
c2d5c64132 Fix build on i686-apple-darwin systems
Replace `target_arch = "x86_64"` with `not(target_arch = "aarch64")` so that i686-apple-darwin systems dynamically choose implementation.
2022-03-28 12:52:14 -07:00
Dylan DPC
1f33cd1827
Rollup merge of - xfix:inline-u8-is_utf8_char_boundary, r=scottmcm
Inline u8::is_utf8_char_boundary

Since Rust beta, Rust is incapable of inlining this function in the following example function.

```rust
pub fn safe_substr_to(s: &str, mut length: usize) -> &str {
    loop {
        if let Some(s) = s.get(..length) {
            return s;
        }
        length -= 1;
    }
}
```

When compiled with beta or nightly compiler on Godbolt with `-C opt-level=3` flag it prints the following assembly.

```asm
example::safe_substr_to:
        push    r15
        push    r14
        push    r12
        push    rbx
        push    rax
        mov     r14, rdi
        test    rdx, rdx
        je      .LBB0_8
        mov     rbx, rdx
        mov     r15, rsi
        mov     r12, qword ptr [rip + core::num::<impl u8>::is_utf8_char_boundary@GOTPCREL]
        jmp     .LBB0_4
.LBB0_2:
        je      .LBB0_9
.LBB0_3:
        add     rbx, -1
        je      .LBB0_8
.LBB0_4:
        cmp     rbx, r15
        jae     .LBB0_2
        movzx   edi, byte ptr [r14 + rbx]
        call    r12
        test    al, al
        je      .LBB0_3
        mov     r15, rbx
        jmp     .LBB0_9
.LBB0_8:
        xor     r15d, r15d
.LBB0_9:
        mov     rax, r14
        mov     rdx, r15
        add     rsp, 8
        pop     rbx
        pop     r12
        pop     r14
        pop     r15
        ret
```

`qword ptr [rip + core::num::<impl u8>::is_utf8_char_boundary@GOTPCREL]` is not inlined. `-C remark=all` outputs the following message:

```
note: /rustc/7bccde19767082c7865a12902fa614ed4f8fed73/library/core/src/str/mod.rs:214:25: inline: _ZN4core3num20_$LT$impl$u20$u8$GT$21is_utf8_char_boundary17hace9f12f5ba07a7fE will not be inlined into _ZN4core3str21_$LT$impl$u20$str$GT$16is_char_boundary17hf2587e9a6b8c5e43E because its definition is unavailable
```

Stable compiler outputs more reasonable code:

```asm
example::safe_substr_to:
        mov     rcx, rdx
        mov     rax, rdi
        test    rdx, rdx
        je      .LBB0_9
        mov     rdx, rsi
        jmp     .LBB0_4
.LBB0_2:
        cmp     rdx, rcx
        je      .LBB0_7
.LBB0_3:
        add     rcx, -1
        je      .LBB0_9
.LBB0_4:
        cmp     rcx, rdx
        jae     .LBB0_2
        cmp     byte ptr [rax + rcx], -64
        jl      .LBB0_3
        mov     rdx, rcx
.LBB0_7:
        ret
.LBB0_9:
        xor     edx, edx
        ret
```
2022-03-28 20:41:53 +02:00
Dylan DPC
4c8bc046b9
Rollup merge of - dtolnay:disclaimer, r=m-ou-se
Link to std::io's platform-specific behavior disclaimer

This PR adds some links in standard library documentation to point to https://doc.rust-lang.org/std/io/index.html#platform-specific-behavior.

> ### Platform-specific behavior
>
> Many I/O functions throughout the standard library are documented to indicate what various library or syscalls they are delegated to. This is done to help applications both understand what’s happening under the hood as well as investigate any possibly unclear semantics. Note, however, that this is informative, not a binding contract. The implementation of many of these functions are subject to change over time and may call fewer or more syscalls/library functions.

Many of the `std::fs` APIs already link to this disclaimer when discussing system calls.
2022-03-28 20:41:52 +02:00
Noa
97c58e8a87 Touch up ExitCode docs 2022-03-28 09:54:57 -07:00
Konrad Borowski
12c085a057 Inline u8::is_utf8_char_boundary 2022-03-28 18:37:11 +02:00
David Tolnay
d55854d484
Link to std::io's platform-specific behavior disclaimer 2022-03-27 21:01:28 -07:00
Dylan DPC
8bfc03fde0
Rollup merge of - shepmaster:vec-from-array-ref, r=dtolnay
impl From<&[T; N]> and From<&mut [T; N]> for Vec<T>

I really wanted to write:

```rust
fn example(a: impl Into<Vec<u8>>) {}

fn main() {
    example(b"raw");
}
```
2022-03-28 04:12:11 +02:00
Dylan DPC
d88c03c0f1
Rollup merge of - janpaul123:patch-1, r=dtolnay
Docs: make Vec::from_raw_parts documentation less strict

This is my first PR; be gentle!

In https://users.rust-lang.org/t/why-does-vec-from-raw-parts-require-same-size-and-not-same-size-capacity/73036/2?u=janpaul123 it was suggested to me that I should make a PR to make the documentation of `Vec::from_raw_parts` less strict, since we don't require `T` to have the same size, just `size_of::<T>() * capacity` to be the same, since that is what results in `Layout::size` being the same in `dealloc`, which is really what matters.

Also in https://users.rust-lang.org/t/why-does-vec-from-raw-parts-require-same-size-and-not-same-size-capacity/73036/8?u=janpaul123 it was suggested that it's better to use `slice::from_raw_parts`, which I think is useful advise that could also be mentioned in the docs, so I added that too.

Let me know what you think! :)
2022-03-28 04:12:10 +02:00
Dylan DPC
6ed1a67b38
Rollup merge of - ChayimFriedman2:allow-comparing-vecs-with-different-allocators, r=dtolnay
Allow comparing `Vec`s with different allocators using `==`

See https://stackoverflow.com/q/71021633/7884305.

I did not changed the `PartialOrd` impl too because it was not generic already (didn't support `Vec<T> <=> Vec<U> where T: PartialOrd<U>`).

Does it needs tests?

I don't think this will hurt type inference much because the default allocator is usually not inferred (`new()` specifies it directly, and even with other allocators, you pass the allocator to `new_in()` so the compiler usually knows the type).

I think this requires FCP since the impls are already stable.
2022-03-28 04:12:10 +02:00
Dylan DPC
9412316ac3
Rollup merge of - joshlf:patch-3, r=dtolnay
Clarify that ManuallyDrop<T> has same layout as T

This PR implements the documentation change under discussion in https://github.com/rust-lang/unsafe-code-guidelines/issues/302. It should not be approved or merged until the discussion there is resolved.
2022-03-28 04:12:09 +02:00
Eric Huss
182d4b32d5 Update target_has_atomic documentation for stabilization 2022-03-27 15:13:17 -07:00
Dylan DPC
eca2531155
Rollup merge of - lopopolo:lopopolo/string-try-reserve-exact-doc-typo, r=Dylan-DPC
Fix typo in `String::try_reserve_exact` docs

Copying the pattern from `Vec::try_reserve_exact` and `String::try_reserve`,
it looks like this doc comment is intending to refer to the currently-being-documented
function.
2022-03-27 22:51:42 +02:00
Ryan Lopopolo
1ba885113a
Fix typo in String::try_reserve_exact docs
Copying the pattern from `Vec::try_reserve_exact` and `String::try_reserve`,
it looks like this doc comment is intending to refer to the currently-being-documented
function.
2022-03-27 06:53:55 -07:00
David Tolnay
2ac9efbe95
Debug print char 0 as '\0' rather than '\u{0}' 2022-03-27 04:49:10 -07:00
David Tolnay
333756f1c5
Bump const_ptr_offset stabilization to 1.61 2022-03-26 21:15:16 -07:00
bors
1d9c262eea Auto merge of - jendrikw:slice-must-use, r=Dylan-DPC
add #[must_use] to functions of slice and its iterators.

Continuation of .

Tracking issue: .
2022-03-26 20:17:04 +00:00
bors
1fca19c8ca Auto merge of - lupd:std-iter-doc, r=Dylan-DPC
Remove mention of `HashMap<K, V>` not offering `iter_mut`

HashMap<K, V> does offer iter_mut. Fixes .

r? rust-lang/libs
`@rustbot` label +A-docs +T-libs
2022-03-26 12:01:58 +00:00
Jendrik
5f88c23c39 add #[must_use] to functions of slice and its iterators. 2022-03-26 10:24:25 +01:00
dlup
15134249f4 Remove mention of HashMap<K, V> not offering iter_mut 2022-03-26 02:05:34 -04:00
bjorn3
6eab9802c9 Add note about feature gates 2022-03-25 19:04:30 +01:00
bjorn3
ec7efa75f9 Avoid negative impls in the bridge 2022-03-25 17:24:27 +01:00
bjorn3
4b67506baa Remove usage of extern_types feature gate 2022-03-25 17:24:27 +01:00
bjorn3
681ea25b20 Remove usage of panic_update_hook feature gate 2022-03-25 17:24:27 +01:00
bjorn3
e85722946a Remove unused auto_traits feature gate 2022-03-25 17:24:27 +01:00
Jörn Horstmann
d9a438dc73 Add another assertion without into_iter 2022-03-25 16:57:59 +01:00
est31
8c0e6a8f10 std::process docs: linkify references to output, spawn and status 2022-03-25 14:41:37 +01:00
Jörn Horstmann
4b53f563bd Add a test verifying the number of drop calls 2022-03-25 13:28:19 +01:00
Jörn Horstmann
d14c0d2acb
Use ManuallyDrop::take instead of into_inner
Co-authored-by: Daniel Henry-Mantilla <daniel.henry.mantilla@gmail.com>
2022-03-25 13:27:18 +01:00
Jörn Horstmann
0cf606177e Fix double drop of allocator in IntoIter impl of Vec 2022-03-25 11:39:11 +01:00
Martin Pool
93e9f5e966 Document Linux kernel handoff in std::io::copy and std::fs::copy 2022-03-24 21:44:39 -07:00
Dylan DPC
3716c4275f
Rollup merge of - FoseFx:clippy_trim_split_whitespace, r=flip1995
add diagnostic items for clippy's `trim_split_whitespace`

Adding the following diagnostic items:
 * str_split_whitespace,
 * str_trim,
 * str_trim_start,
 * str_trim_end

They are needed for https://github.com/rust-lang/rust-clippy/pull/8575

r? `@flip1995`
2022-03-25 01:34:32 +01:00
bors
4b133a7e27 Auto merge of - aDotInTheVoid:inline_wrapping_next_power_two, r=yaahc
Mark `uint::wrapping_next_power_of_two` as `#[inline]`

This brings it in line with `next_power_of_two` and `checked_next_power_of_two`

https://godbolt.org/z/Tr18GnqKj

<details>
<summary> Output as of `rustc 1.61.0-nightly (4ce374923 2022-02-28)` </summary>

```asm
example::npot:
        lea     eax, [rdi - 1]
        movzx   eax, al
        lzcnt   ecx, eax
        add     ecx, -24
        mov     al, -1
        shr     al, cl
        inc     al
        cmp     dil, 2
        movzx   ecx, al
        mov     eax, 1
        cmovae  eax, ecx
        ret

example::cnpot:
        lea     eax, [rdi - 1]
        movzx   eax, al
        lzcnt   ecx, eax
        add     ecx, -24
        mov     al, -1
        shr     al, cl
        xor     ecx, ecx
        cmp     dil, 2
        movzx   edx, al
        cmovb   edx, ecx
        inc     dl
        setne   al
        ret

example::wrapping_next_power_of_two:
        jmp     qword ptr [rip + _ZN4core3num20_$LT$impl$u20$u8$GT$26wrapping_next_power_of_two17hd879a85055735264E@GOTPCREL]
```

</details>
2022-03-24 17:32:40 +00:00
Max Baumann
64ad96dd9a
add diagnostic items for clippy's 2022-03-24 18:18:44 +01:00
Jendrik
dcdde01aa3 add #[must_use] to functions of slice and its iterators. 2022-03-24 15:21:03 +01:00
Mara Bos
c9ae3fe68f Explicitly use CLOCK_MONOTONIC in futex_wait.
Instant might be changed to use CLOCK_BOOTTIME at some point.
2022-03-24 11:11:31 +01:00
Mara Bos
23badeb4cb Make Timespec available in sys::unix. 2022-03-24 11:11:03 +01:00
Mara Bos
87299298d9 Use FUTEX_WAIT_BITSET rather than FUTEX_WAIT on Linux. 2022-03-24 09:51:48 +01:00
bors
6970f88db3 Auto merge of - the8472:document-in-place-iter, r=yaahc
add module-level documentation for vec's in-place iteration

As requested in the last libs team meeting and during previous reviews.

Feel free to point out any gaps you encounter, after all non-obvious things may with hindsight seem obvious to me.

r? `@yaahc`

CC `@steffahn`
2022-03-24 01:43:21 +00:00
Thom Chiovoloni
09d83e292d
Add a compile_fail doctest to check that io::Error: !UnwindSafe 2022-03-23 17:29:19 -07:00
Thom Chiovoloni
b898ad499f
Ensure io::Error's bitpacked repr doesn't accidentally impl UnwindSafe 2022-03-23 17:12:47 -07:00
The 8472
29e29ce65d fix some links, clarify documentation based on review feedback 2022-03-23 20:57:49 +01:00
Andreas Molzer
d489ea777d Refactor set_ptr_value as with_metadata_of
By reversing the arguments we achieve several clarifications:

- The function closely resembles `cast` but with an argument to
  initialized the metadata. This is easier to teach and answers an long
  outstanding question that had restricted cast to `Sized` targets
  initially. See multiples reviews of
  <https://github.com/rust-lang/rust/pull/47631>
- The 'object identity', in the form or provenance, is now preserved
  from the call receiver to the result. This helps explain the method as
  a builder-style, instead of some kind of setter that would modify
  something in-place. Ensuring that the result has the identity of the
  `self` argument is also beneficial for an intuition of effects.
- An outstanding concern, 'Correct argument type', is avoided by not
  committing to any specific argument type. This is consistent with cast
  which does not require its receiver to be a raw address.
2022-03-23 19:59:37 +01:00
bors
9280445570 Auto merge of - fee1-dead:destructable, r=oli-obk
Rename `~const Drop` to `~const Destruct`

r? `@oli-obk`

Completely switching to `~const Destructible` would be rather complicated, so it seems best to add it for now and wait for it to be backported to beta in the next release.

The rationale is to prevent complications such as  and  by introducing an entirely new trait. And `~const Destructible` reads a bit better than `~const Drop`. Name Bikesheddable.
2022-03-23 14:04:38 +00:00
Mara Bos
da4ef044c1 Spin before blocking in Mutex::lock. 2022-03-23 14:58:44 +01:00
Mara Bos
10b6f33508 Update tests. 2022-03-23 14:58:44 +01:00
Mara Bos
7f26adeac1 Replace Linux Mutex and Condvar with futex based ones. 2022-03-23 14:58:44 +01:00
Mara Bos
73d63488e4 Add futex_wake_all. 2022-03-23 14:53:59 +01:00
Mara Bos
4fbd71c943 Return timeout status in futex_wait. 2022-03-23 14:53:59 +01:00
bors
c99b42cf14 Auto merge of - asquared31415:ptr_eq_typo, r=Dylan-DPC
Fix `core::ptr::guaranteed_eq` and `guaranteed_ne` docs typo
2022-03-23 11:21:04 +00:00
asquared31415
0b81628aba ptr::guaranteed_eq doc typo 2022-03-23 04:51:59 -04:00
bors
36748cf814 Auto merge of - m-ou-se:sys-locks-module, r=dtolnay
Move std::sys::{mutex, condvar, rwlock} to std::sys::locks.

This cleans up the the std::sys modules a bit by putting the locks in a single module called `locks` rather than spread over the three modules `mutex`, `condvar`, and `rwlock`. This makes it easier to organise lock implementations, which helps with https://github.com/rust-lang/rust/issues/93740.
2022-03-23 06:01:48 +00:00
bors
7b0bf9efc9 Auto merge of - Dylan-DPC:rollup-idpb7ka, r=Dylan-DPC
Rollup of 6 pull requests

Successful merges:

 -  (Fold aarch64 feature +fp into +neon)
 -  (add perf side effect docs to `Iterator::cloned()`)
 -  (Add u16::is_utf16_surrogate)
 -  (Replace `this.clone()` with `this.create_snapshot_for_diagnostic()`)
 -  (Modernize `alloc-no-oom-handling` test)
 -  (interpret/validity: improve clarity)

Failed merges:

r? `@ghost`
`@rustbot` modify labels: rollup
2022-03-23 03:31:20 +00:00
Dylan DPC
25acd9331e
Rollup merge of - clarfonthey:is_char_surrogate, r=scottmcm
Add u16::is_utf16_surrogate

Right now, there are methods in the standard library for encoding and decoding UTF-16, but at least for the moment, there aren't any methods specifically for `u16` to help work with UTF-16 data. Since the full logic already exists, this wouldn't really add any code, just expose what's already there.

This method in particular is useful for working with the data returned by Windows `OsStrExt::encode_wide`. Initially, I was planning to also offer a `TryFrom<u16> for char`, but decided against it for now. There is plenty of code in rustc that could be rewritten to use this method, but I only checked within the standard library to replace them.

I think that offering more UTF-16-related methods to u16 would be useful, but I think this one is a good start. For example, one useful method might be `u16::is_pattern_whitespace`, which would check if something is the Unicode `Pattern_Whitespace` category. We can get away with this because all of the `Pattern_Whitespace` characters are in the basic multilingual plane, and hence we don't need to check for surrogates.
2022-03-23 03:05:31 +01:00
Dylan DPC
0e86cabdce
Rollup merge of - llogiq:cloned-side-effect-doc, r=yaahc
add perf side effect docs to `Iterator::cloned()`

Now that  has been closed, as the current state of affairs is neither here nor there, this at least adds a paragraph + example on what to expect performance-wise and how to deal with it to the .cloned() docs.

cc `@the8472`
2022-03-23 03:05:28 +01:00
Dylan DPC
67d6cc6ef3
Rollup merge of - workingjubilee:fold-neon-fp, r=nagisa,Amanieu
Fold aarch64 feature +fp into +neon

Arm's FEAT_FP and Feat_AdvSIMD describe the same thing on AArch64:
The Neon unit, which handles both floating point and SIMD instructions.
Moreover, a configuration for AArch64 must include both or neither.
Arm says "entirely proprietary" toolchains may omit floating point:
https://developer.arm.com/documentation/102374/0101/Data-processing---floating-point
In the Programmer's Guide for Armv8-A, Arm says AArch64 can have
both FP and Neon or neither in custom implementations:
https://developer.arm.com/documentation/den0024/a/AArch64-Floating-point-and-NEON

In "Bare metal boot code for Armv8-A", enabling Neon and FP
is just disabling the same trap flag:
https://developer.arm.com/documentation/dai0527/a

In an unlikely future where "Neon and FP" become unrelated,
we can add "[+-]fp" as its own feature flag.
Until then, we can simplify programming with Rust on AArch64 by
folding both into "[+-]neon", which is valid as it supersets both.

"[+-]neon" is retained for niche uses such as firmware, kernels,
"I just hate floats", and so on.

I am... pretty sure no one is relying on this.

An argument could be made that, as we are not an "entirely proprietary" toolchain, we should not support AArch64 without floats at all. I think that's a bit excessive. However, I want to recognize the intent: programming for AArch64 should be simplified where possible. For x86-64, programmers regularly set up illegal feature configurations because it's hard to understand them, see https://github.com/rust-lang/rust/issues/89586. And per the above notes, plus the discussion in https://github.com/rust-lang/rust/issues/86941, there should be no real use cases for leaving these features split: the two should in fact always go together.

- Fixes .
- Fixes .
- Fixes .
2022-03-23 03:05:28 +01:00
bors
2b50739b49 Auto merge of - bjorn3:fix_test_variadic_fnptr, r=dtolnay
Don't declare test_variadic_fnptr with two conflicting signatures

It is UB for LLVM and results in a compile error for Cranelift.

cc https://github.com/bjorn3/rustc_codegen_cranelift/issues/806
Fixes https://github.com/rust-lang/rust/issues/66690
2022-03-23 00:50:33 +00:00
Jubilee Young
b807d5970b Fold aarch64 feature +fp into +neon
Arm's FEAT_FP and Feat_AdvSIMD describe the same thing on AArch64:
The Neon unit, which handles both floating point and SIMD instructions.
Moreover, a configuration for AArch64 must include both or neither.
Arm says "entirely proprietary" toolchains may omit floating point:
https://developer.arm.com/documentation/102374/0101/Data-processing---floating-point
In the Programmer's Guide for Armv8-A, Arm says AArch64 can have
both FP and Neon or neither in custom implementations:
https://developer.arm.com/documentation/den0024/a/AArch64-Floating-point-and-NEON

In "Bare metal boot code for Armv8-A", enabling Neon and FP
is just disabling the same trap flag:
https://developer.arm.com/documentation/dai0527/a

In an unlikely future where "Neon and FP" become unrelated,
we can add "[+-]fp" as its own feature flag.
Until then, we can simplify programming with Rust on AArch64 by
folding both into "[+-]neon", which is valid as it supersets both.

"[+-]neon" is retained for niche uses such as firmware, kernels,
"I just hate floats", and so on.
2022-03-22 15:14:33 -07:00
bjorn3
4af755baf5 Limit test_variadic_fnptr to unix 2022-03-22 22:27:13 +01:00
Andre Bogus
1fb43f6662 add perf side effect docs to Iterator::cloned() 2022-03-22 19:07:23 +01:00
Mara Bos
733153f2e5 Move std::sys::{mutex, condvar, rwlock} to std::sys::locks. 2022-03-22 18:19:47 +01:00
ZHANGWENTAI
71e34231e0 add some fix
Signed-off-by: ZHANGWENTAI <2092913428@qq.com>
2022-03-22 23:33:08 +08:00
ZHANGWENTAI
161b01a9ac fix the lint problem
Signed-off-by: ZHANGWENTAI <2092913428@qq.com>
2022-03-22 23:10:00 +08:00
ZHANGWENTAI
6e971a8bc2 update Termination trait docs 2022-03-22 22:37:17 +08:00
bors
3ea44938e2 Auto merge of - r00ster91:fmt, r=joshtriplett
Improve formatting in macro

CC `@dtolnay`
2022-03-22 08:47:16 +00:00
bors
b9c4067417 Auto merge of - sunfishcode:sunfishcode/windows-8, r=joshtriplett
Preserve the Windows `GetLastError` error in `HandleOrInvalid`.

In the `TryFrom<HandleOrInvalid> for OwnedHandle` and
`TryFrom<HandleOrNull> for OwnedHandle` implemenations, `forget` the
owned handle on the error path, to avoid calling `CloseHandle` on an
invalid handle. It's harmless, except that it may overwrite the
thread's `GetLastError` error.

r? `@joshtriplett`
2022-03-22 05:48:49 +00:00