One just checks that we are feature-gating the UGEH attribute (as
usual for attributes associated with unstable features).
The other is adapted from the RFC 1238 text, except that it has been
extended somewhat to actually *illustrate* the scenario that we are
trying to prevent, namely observing the state of data, from safe code,
after the destructor for that data has been executed.
Illustrates cases that worked before and must continue to work, and a
case that shows how to use the `unsafe_destructor_blind_to_params`
attribute (aka "the UGEH attribute") to work around
cannot-assume-parametricity.
I needed it in `RawVec`, `Vec`, and `TypedArena` for `rustc` to
bootstrap; but of course that alone was not sufficient for `make
check`.
Later I added `unsafe_destructor_blind_to_params` to collections, in
particular `LinkedList` and `RawTable` (the backing representation for
`HashMap` and `HashSet`), to get the regression tests exercising
cyclic structure from PR #27185 building.
----
Note that the feature is `dropck_parametricity` (which is not the same
as the attribute's name). We will almost certainly vary our strategy
here in the future, so it makes some sense to have a not-as-ugly name
for the feature gate. (The attribute name was deliberately selected to
be ugly looking.)
Implement cannot-assume-parametricity (CAP) from RFC 1238, and add the
UGEH attribute.
----
Note that we check for the attribute attached to the dtor method, not
the Drop impl.
(This is just to match the specification of RFC and the tests; I am
not wedded to this approach.)
I had to fix a few things. Notable changes:
1. I removed the MIR support for constants, instead falling back to the existing `ConstVal`. I still think we ought to reform how we handle constants, but it's not clear to me that the approach I was taking is correct, and anyway I think we ought to do it separately.
2. I adjusted how we handle bindings in matches: we now *declare* all the bindings up front, rather than doing it as we encounter them. This is not only simpler, since we don't have to check if a binding has already been declared, it avoids ICEs if any of the arms turn out to be unreachable.
3. I do MIR construction *after* `check_match`, because it detects various broken cases. I'd like for `check_match` to be subsumed by MIR construction, but we can do that as a separate PR (if indeed it makes sense).
I did a crater run and found no regressions in the wild: https://gist.github.com/nikomatsakis/0038f90e10c8ad00f2f8
and track which arms are reached (though in fact we don't make use of
this right now -- we might later if we absorb the checking of patterns
into MIR, as I would like)
The output of rustdoc includes resources licensed under the SIL Open
Font License, the MIT license, and the Apache License 2.0. All of these
licenses permit redistribution provided that the license text is also
redistributed. Previously this was not the case, making rustdoc output
unsuitable for distribution by default. This resolves that problem by
including the license texts in rustdoc output.
See also: https://users.rust-lang.org/t/licensing-rustdoc-output/2880
The reason this was not failing is fascinating. The variable $(rustc)
is empty, so the make recipe was expanded as " -o foo foo.rs". make
interpreted this as an instruction to run the command "o foo foo.rs"
and ignore any failure that occurred, because it uses a leading '-' on
a command to signal that behavior.
"Rust Inside Other Languages" in the Rust book includes a library example. The reference specifies printing "done!" when the code finishes running, and the language examples (Ruby, Python, JS) all do this in their code.
However, the Rust library example code *also* does this, so that the examples as written would output "done!" twice.
This commit removes the "done!" from the Rust example code to tidy up the output to match expectations.
The "Rust Inside Other Languages" page includes a library example. The
reference specifies printing "done!" when the code finishes running, and
the language examples (Ruby, Python, JS) all do this in their code.
However, the Rust library example code *also* does this, so that the
examples as written would output "done!" twice.
This removes the "done!" from the Rust example code to clarify the docs.
By RFC1214:
> Before calling a fn, we check that its argument and return types are WF.
The previous code only checked the trait-ref, which was not enough
in several cases.
As this is a soundness fix, it is a [breaking-change]. Some new annotations are needed, which I think are because of #18653 and the imperfection of `projection_must_outlive` (that can probably be worked around by moving the wf obligation later).
Fixes#28609
r? @nikomatsakis
The reason this was not failing is fascinating. The variable $(rustc)
is empty, so the make recipe was expanded as " -o foo foo.rs". make
interpreted this as an instruction to run the command "o foo foo.rs"
and ignore any failure that occurred, because it uses a leading '-' on
a command to signal that behavior.
libcore.rlib reduced from 19121 kiB to 15934 kiB - 20% win.
The librustc encoded AST is 9013500 bytes long - for the record, librustc consists of about 2254126 characters. Might be worth looking at.
r? @eddyb
This adds a paragraph on how to generate documentation without sloooow `make doc`. I'm not a native English speaker, so there might be some language related bugs (I wish English was as hard to get wrong, as Rust)
This also includes whitespace cleanup of contributing.md in a separate commit. Whiltespace is not significant in github flavored markdown, and my Emacs just cleans ws automatically :)
r? @steveklabnik
Our docs were very basic for the various versions of from_utf8, so
this commit beefs them up.
It also improves docs for the &str variant's error, Utf8Error.
Our docs were very basic for the various versions of from_utf8, so
this commit beefs them up.
It also improves docs for the &str variant's error, Utf8Error.
By RFC1214:
Before calling a fn, we check that its argument and return types are WF. This check takes place after all higher-ranked lifetimes have been instantiated. Checking the argument types ensures that the implied bounds due to argument types are correct. Checking the return type ensures that the resulting type of the call is WF.
The previous code only checked the trait-ref, which was not enough
in several cases.
As this is a soundness fix, it is a [breaking-change].
Fixes#28609