This commit ensures that if a `repr(transparent)` newtype's only
non-zero-sized field is FFI-safe then the newtype is also FFI-safe.
Previously, ZSTs were ignored for the purposes of linting FFI-safety
in transparent structs - thus, only the single non-ZST would be checked
for FFI-safety. However, if the non-zero-sized field is a generic
parameter, and is substituted for a ZST, then the type would be
considered FFI-unsafe (as when every field is thought to be zero-sized,
the type is considered to be "composed only of `PhantomData`" which is
FFI-unsafe).
In this commit, for transparent structs, the non-zero-sized field is
identified (before any substitutions are applied, necessarily) and then
that field's type (now with substitutions) is checked for FFI-safety
(where previously it would have been skipped for being zero-sized in
this case).
To handle the case where the non-zero-sized field is a generic
parameter, which is substituted for `()` (a ZST), and is being used
as a return type - the `FfiUnsafe` result (previously `FfiPhantom`) is
caught and silenced.
Signed-off-by: David Wood <david@davidtw.co>
This commit moves the check that skips unit return types to after
where the return type has been normalized - therefore ensuring that
FFI-safety lints are not emitted for types which normalize to unit.
Signed-off-by: David Wood <david@davidtw.co>
This commit adds a test of the improper ctypes lint, checking that
return type are normalized bethat return types are normalized before
being checked for FFI-safety, and that transparent newtype wrappers
are FFI-safe if the type being wrapped is FFI-safe.
Signed-off-by: David Wood <david@davidtw.co>
This patch brings the AVR calling convention argument classification
logic in line with AVR Clang's behaviour.
AVR-Clang currently uses the `clang::DefaultABIInfo` ABI implementation.
This calling convention promotes all aggregates to indirect, no matter their
size.
It is also unnecessary to perform any integer width extension for AVR as
the minimum argument size matches the minimum describable size of
abi::Primitive::Int - 8 bits.
At some point in the future, an AVR-GCC compatible argument
classification implementation should be adopted in both Clang and Rust.
This commit fixes debug printing of function pointers on AVR. AVR does
not support `addrspacecast` instructions, and so this patch modifies
libcore so that a `ptrtoint` IR instruction is used and the address
space cast is avoided.
Revert #71956
...since it caused unsoundness in #73137. Also adds a reduced version of #73137 to the test suite. The addition of the `MaybeInitializedLocals` dataflow analysis has not been reverted, but it is no longer used.
Presumably there is a more targeted fix, but I'm worried that other bugs may be lurking. I'm not yet sure what the root cause of #73137 is.
This will need to get backported to beta.
r? @tmandry
This is only really useful in debug messages, so I've switched to
calling `span_to_string` in any place that causes a `Span` to end up in
user-visible output.
Previously, we would parse `struct Foo where;` and `struct Foo;`
identically, leading to an 'empty' `where` clause being omitted during
pretty printing. This will cause us to lose spans when proc-macros
involved, since we will have a collected `where` token that does not
appear in the pretty-printed item.
We now explicitly track the presence of a `where` token during parsing,
so that we can distinguish between `struct Foo where;` and `struct Foo;`
during pretty-printing
Rollup of 8 pull requests
Successful merges:
- #71842 (doc: make impl block collapsible if it has an associated constant)
- #72912 (Add new E0758 error code)
- #73008 (Update RELEASES.md)
- #73090 (Use `LocalDefId` directly in `Resolver::export_map`)
- #73118 (Improve the wording in documentation of std::mem::drop)
- #73124 (Removed lifetime parameters from Explanation of E0207 )
- #73138 (Use shorthand linker strip arguments in order to support MacOS)
- #73143 (Update books)
Failed merges:
r? @ghost
- Use `len` more consistently for the number of elements in a vector,
because that's the usual name.
- Use `additional` more consistently for the number of elements we want
to add, because that's what `Vec::reserve()` uses.
- Use `cap` consistently rather than `capacity`.
- Plus a few other tweaks.
This increases consistency and conciseness.
They are pointless. No reasonable allocator will be able to satisfy a
`reserve_in_place` request that *doubles* the size of an allocation when
dealing with allocations that are 4 KiB and larger.
Just to be sure, I confirmed on Linux that the `reserve_in_place` calls
never succeed.
(Note however that the `reserve_in_place` call for `DroplessArena::grow`
did occasionally succeed prior to the off-by-one fix in the previous
commit, because we would sometimes do a `reserve_in_place` request for
the chunk's current size, which would trivially succeed!)
Update books
## nomicon
3 commits in d1517d4e3f29264c5c67bce2658516bb5202c800..bfe1ab96d717d1dda50e499b360f2e2f57e1750a
2020-05-12 13:47:00 -0400 to 2020-06-05 13:19:42 -0400
- Clarify that str data must still be initialized
- Remove language-level UB for non-UTF-8 str
- fix Nomicon transmute UB
## reference
5 commits in becdca9477c9eafa96a4eea5156fe7a2730d9dd2..5d40ba5c2515caffa7790cda621239dc21ef5a72
2020-05-21 21:08:02 +0100 to 2020-06-06 20:25:36 -0700
- Add some links to Disambiguating Function Calls. (rust-lang-nursery/reference#829)
- change bash to sh as shell code blocks language indentifier (rust-lang-nursery/reference#827)
- Fix sentence mistake in array-expr.md (rust-lang-nursery/reference#826)
- removed the word "Second" form the beginning of the 2nd list item and labelled it as `2` (rust-lang-nursery/reference#822)
- Update fn-like proc-macro invocation restrictions. (rust-lang-nursery/reference#816)
## book
14 commits in e8a4714a9d8a6136a59b8e63544e149683876e36..30cd9dfe71c446de63826bb4472627af45acc9db
2020-05-25 10:29:27 -0500 to 2020-06-07 23:07:19 -0500
- Unnecessarily long type name in Ch 13 (rust-lang/book#2362)
- Tweak example in chapter 10 (rust-lang/book#2363)
- Mention that to_lowercase isn't perfect (rust-lang/book#2364)
- fix typo in CONTRIBUTING.md (rust-lang/book#2360)
- Link German translation in appendix F (rust-lang/book#2347)
- Updates wording on Box example (rust-lang/book#2332)
- fix: match 15-24 with 15-18 (rust-lang/book#2324)
- Reword ch01-03 recap paragraph (rust-lang/book#2305)
- Remove some confusing wording. (rust-lang/book#2358)
- Clarify some wording a bit (rust-lang/book#2357)
- Update ch12-05 PowerShell note (rust-lang/book#2348)
- text -> console (rust-lang/book#2352)
- Improve wording around drop (rust-lang/book#2350)
- Make some statements about crates more correct (rust-lang/book#2349)
## edition-guide
1 commits in 0a8ab5046829733eb03df0738c4fafaa9b36b348..82bec5877c77cfad530ca11095db4456d757f668
2020-05-18 08:34:23 -0500 to 2020-06-03 08:56:02 -0500
- Add stuff for Rust 1.33 (rust-lang/edition-guide#214)
Use shorthand linker strip arguments in order to support MacOS
Per discussion from https://github.com/rust-lang/rust/issues/72110#issuecomment-636609419 onward, the current `-Z strip` options aren't supported by the MacOS linker, but I think only because it doesn't support the longhand arguments `--strip-debug` and `--strip-all`.
This PR switches to using the shorthand arguments `-s` and `-S` instead, which (I believe) are supported by all GCC linkers.
Improve the wording in documentation of std::mem::drop
I thought the original phrasing was somewhat awkward compared to rest of the (very well written) documentation, so figured I would propose a change to improve it.
Use `LocalDefId` directly in `Resolver::export_map`
This is to avoid the final conversion from `NodeId` to `HirId`
during call to `(clone|into)_outputs`
This brings down the post-lowering uses of `NodeId` down to 2 calls to convert the `trait_map`.
cc #50928
r? @petrochenkov
Enable LVI hardening for x86_64-fortanix-unknown-sgx
This implements mitigations for the Load Value Injection vulnerability (CVE-2020-0551) for the `x86_64-fortanix-unknown-sgx` target by enabling new LLVM passes. More information about LVI and mitigations may be found at https://software.intel.com/security-software-guidance/insights/deep-dive-load-value-injection.
This PR unconditionally enables the mitigations for `x86_64-fortanix-unknown-sgx` since there is no available hardware that doesn't require the mitigations. This may be reconsidered in the future.
* [x] This depends on https://github.com/rust-lang/compiler-builtins/pull/359/
let_and_return: avoid "does not live long enough" errors
EDIT: Add #3324 to the list of fixes
<details>
<summary>Description of old impl</summary>
<br>
Avoid suggesting turning the RHS expression of the last statement into the block tail expression if a temporary borrows from a local that would be destroyed before.
This is my first incursion into MIR so there's probably room for improvement!
</details>
Avoid linting if the return type of some method or function called in the last statement has a lifetime parameter.
changelog: Fix false positive in [`let_and_return`]
Fixes#3792Fixes#3324
