Commit Graph

3666 Commits

Author SHA1 Message Date
Tim Vermeulen
8ff8d05279 Move shared logic of try_fold and advance_by into iter_try_fold 2022-08-05 03:43:39 +02:00
bors
e4417cf020 Auto merge of #92268 - jswrenn:transmute, r=oli-obk
Initial implementation of transmutability trait.

*T'was the night before Christmas and all through the codebase, not a miri was stirring — no hint of `unsafe`!*

This PR provides an initial, **incomplete** implementation of *[MCP 411: Lang Item for Transmutability](https://github.com/rust-lang/compiler-team/issues/411)*. The `core::mem::BikeshedIntrinsicFrom` trait provided by this PR is implemented on-the-fly by the compiler for types `Src` and `Dst` when the bits of all possible values of type `Src` are safely reinterpretable as a value of type `Dst`.

What this PR provides is:
- [x] [support for transmutations involving primitives](https://github.com/jswrenn/rust/tree/transmute/src/test/ui/transmutability/primitives)
- [x] [support for transmutations involving arrays](https://github.com/jswrenn/rust/tree/transmute/src/test/ui/transmutability/arrays)
- [x] [support for transmutations involving structs](https://github.com/jswrenn/rust/tree/transmute/src/test/ui/transmutability/structs)
- [x] [support for transmutations involving enums](https://github.com/jswrenn/rust/tree/transmute/src/test/ui/transmutability/enums)
- [x] [support for transmutations involving unions](https://github.com/jswrenn/rust/tree/transmute/src/test/ui/transmutability/unions)
- [x] [support for weaker validity checks](https://github.com/jswrenn/rust/blob/transmute/src/test/ui/transmutability/unions/should_permit_intersecting_if_validity_is_assumed.rs) (i.e., `Assume::VALIDITY`)
- [x] visibility checking

What isn't yet implemented:
- [ ] transmutability options passed using the `Assume` struct
- [ ] [support for references](https://github.com/jswrenn/rust/blob/transmute/src/test/ui/transmutability/references.rs)
- [ ] smarter error messages

These features will be implemented in future PRs.
2022-08-02 21:17:31 +00:00
BlackHoleFox
0e54d71e15 Add validation to const fn CStr creation 2022-07-31 13:14:18 -05:00
Yuki Okushi
9b3f49f1bd
Rollup merge of #99781 - workingjubilee:demo-string-from-cstr, r=thomcc
Use String::from_utf8_lossy in CStr demo

Fixes rust-lang/rust#99755.
2022-07-29 15:40:00 +09:00
Dylan DPC
48efd30c9d
Rollup merge of #99689 - dtolnay:write, r=Mark-Simulacrum
Revert `write!` and `writeln!` to late drop temporaries

Closes (on master, but not on beta) #99684 by reverting the `write!` and `writeln!` parts of #96455.

argument position | before<br>#94868 | after<br>#94868 | after<br>#96455 | after<br>this PR | desired<br>(unimplementable)
--- |:---:|:---:|:---:|:---:|:---:
`write!($tmp, "…", …)` | **⸺late** | **⸺late** | *early⸺* | **⸺late** | **⸺late**
`write!(…, "…", $tmp)` | **⸺late** | **⸺late** | *early⸺* | **⸺late** | *early⸺*
`writeln!($tmp, "…", …)` | **⸺late** | **⸺late** | *early⸺* | **⸺late** | **⸺late**
`writeln!(…, "…", $tmp)` | **⸺late** | **⸺late** | *early⸺* | **⸺late** | *early⸺*
`print!("…", $tmp)` | **⸺late** | **⸺late** | *early⸺* | *early⸺* | *early⸺*
`println!("…", $tmp)` | *early⸺* | **⸺late** | *early⸺* | *early⸺* | *early⸺*
`eprint!("…", $tmp)` | **⸺late** | **⸺late** | *early⸺* | *early⸺* | *early⸺*
`eprintln!("…", $tmp)` | *early⸺* | **⸺late**| *early⸺* | *early⸺* | *early⸺*
`panic!("…", $tmp)` | *early⸺* | *early⸺* | *early⸺* | *early⸺* | *early⸺*

"Late drop" refers to dropping temporaries at the nearest semicolon **outside** of the macro invocation.

"Early drop" refers to dropping temporaries inside of the macro invocation.
2022-07-28 22:14:46 +05:30
Vincenzo Palazzo
47a0a56c1d add more docs regarding ideographic numbers
Signed-off-by: Vincenzo Palazzo <vincenzopalazzodev@gmail.com>
2022-07-28 15:52:18 +00:00
bors
48316dfea1 Auto merge of #99182 - RalfJung:mitigate-uninit, r=scottmcm
mem::uninitialized: mitigate many incorrect uses of this function

Alternative to https://github.com/rust-lang/rust/pull/98966: fill memory with `0x01` rather than leaving it uninit. This is definitely bitewise valid for all `bool` and nonnull types, and also those `Option<&T>` that we started putting `noundef` on. However it is still invalid for `char` and some enums, and on references the `dereferenceable` attribute is still violated, so the generated LLVM IR still has UB -- but in fewer cases, and `dereferenceable` is hopefully less likely to cause problems than clearly incorrect range annotations.

This can make using `mem::uninitialized` a lot slower, but that function has been deprecated for years and we keep telling everyone to move to `MaybeUninit` because it is basically impossible to use `mem::uninitialized` correctly. For the cases where that hasn't helped (and all the old code out there that nobody will ever update), we can at least mitigate the effect of using this API. Note that this is *not* in any way a stable guarantee -- it is still UB to call `mem::uninitialized::<bool>()`, and Miri will call it out as such.

This is somewhat similar to https://github.com/rust-lang/rust/pull/87032, which proposed to make `uninitialized` return a buffer filled with 0x00. However
- That PR also proposed to reduce the situations in which we panic, which I don't think we should do at this time.
- The 0x01 bit pattern means that nonnull requirements are satisfied, which (due to references) is the most common validity invariant.

`@5225225` I hope I am using `cfg(sanitize)` the right way; I was not sure for which ones to test here.
Cc https://github.com/rust-lang/rust/issues/66151
Fixes https://github.com/rust-lang/rust/issues/87675
2022-07-28 01:11:10 +00:00
Jack Wrenn
b78c3daad0 safe transmute: reference tracking issue
ref: https://github.com/rust-lang/rust/pull/92268#discussion_r925266769
2022-07-27 17:33:57 +00:00
Jack Wrenn
21d1ab4877 safe transmute: add rustc_on_unimplemented to BikeshedIntrinsicFrom
ref: https://github.com/rust-lang/rust/pull/92268#discussion_r925266583
2022-07-27 17:33:57 +00:00
Jack Wrenn
bc4a1dea41 Initial (incomplete) implementation of transmutability trait.
This initial implementation handles transmutations between types with specified layouts, except when references are involved.

Co-authored-by: Igor null <m1el.2027@gmail.com>
2022-07-27 17:33:56 +00:00
Guillaume Gomez
ef81fca760
Rollup merge of #94247 - saethlin:chunksmut-aliasing, r=the8472
Fix slice::ChunksMut aliasing

Fixes https://github.com/rust-lang/rust/issues/94231, details in that issue.
cc `@RalfJung`

This isn't done just yet, all the safety comments are placeholders. But otherwise, it seems to work.

I don't really like this approach though. There's a lot of unsafe code where there wasn't before, but as far as I can tell the only other way to uphold the aliasing requirement imposed by `__iterator_get_unchecked` is to use raw slices, which I think require the same amount of unsafe code. All that would do is tie the `len` and `ptr` fields together.

Oh I just looked and I'm pretty sure that `ChunksExactMut`, `RChunksMut`, and `RChunksExactMut` also need to be patched. Even more reason to put up a draft.
2022-07-27 17:55:01 +02:00
Yuki Okushi
28b44ff5d4
Rollup merge of #99704 - fee1-dead-contrib:add_self_tilde_const_trait, r=oli-obk
Add `Self: ~const Trait` to traits with `#[const_trait]`

r? `@oli-obk`
2022-07-27 19:05:33 +09:00
Ben Kimock
746afe8952 Clarify safety comments 2022-07-26 21:25:56 -04:00
Ben Kimock
e2e3a88771 Explain how *mut [T] helps, and how we rely on the check in split_at_mut 2022-07-26 18:37:00 -04:00
Jubilee Young
d48a869b9d Force the Cow into a String 2022-07-26 14:45:28 -07:00
Jubilee Young
79e0543060 Use String::from_utf8_lossy in CStr demo 2022-07-26 13:26:05 -07:00
Matthias Krüger
a739e28aea
Rollup merge of #99757 - asquared31415:patch-1, r=Dylan-DPC
Make `transmute_copy` docs read better
2022-07-26 16:57:52 +02:00
Deadbeef
a6f9826979 Add Self: ~const Trait to traits with #[const_trait] 2022-07-26 14:14:21 +00:00
asquared31415
e241d5a093
Make transmute_copy docs read better 2022-07-26 05:59:44 -04:00
Dylan DPC
deab13c681
Rollup merge of #99692 - RalfJung:too-far, r=oli-obk
interpret, ptr_offset_from: refactor and test too-far-apart check

We didn't have any tests for the "too far apart" message, and indeed that check mostly relied on the in-bounds check and was otherwise probably not entirely correct... so I rewrote that check, and it is before the in-bounds check so we can test it separately.
2022-07-26 14:26:58 +05:30
Yuki Okushi
aeca079d7e
Rollup merge of #99084 - RalfJung:write_bytes, r=thomcc
clarify how write_bytes can lead to UB due to invalid values

Fixes https://github.com/rust-lang/unsafe-code-guidelines/issues/330

Cc ``@5225225``
2022-07-26 07:14:46 +09:00
Yuki Okushi
c1647e10ad
Rollup merge of #92390 - fee1-dead-contrib:const_cmp, r=oli-obk
Constify a few `(Partial)Ord` impls

Only a few `impl`s are constified for now, as #92257 has not landed in the bootstrap compiler yet and quite a few impls would need that fix.

This unblocks #92228, which unblocks marking iterator methods as `default_method_body_is_const`.
2022-07-26 07:14:43 +09:00
Ralf Jung
58f2ede15f interpret, ptr_offset_from: refactor and test too-far-apart check 2022-07-24 19:35:40 -04:00
Ralf Jung
d10a7b1243 add miri-track-caller to some intrinsic-exposing methods 2022-07-24 14:49:33 -04:00
David Tolnay
f1ca69d245
Revert write! and writeln! to late drop temporaries 2022-07-24 11:12:00 -07:00
Deadbeef
65fca6db19 add const hack comment 2022-07-24 12:01:23 +00:00
Deadbeef
a89510e5f9 Add issue numbers 2022-07-24 12:01:22 +00:00
Deadbeef
9fc5463c18 Constify a few const (Partial)Ord impls 2022-07-24 12:01:22 +00:00
bors
35a0617248 Auto merge of #98674 - RalfJung:miri-stacktrace-pruning, r=Mark-Simulacrum
miri: prune some atomic operation and raw pointer details from stacktrace

Since Miri removes `track_caller` frames from the stacktrace, adding that attribute can help make backtraces more readable (similar to how it makes panic locations better). I made them only show up with `cfg(miri)` to make sure the extra arguments induced by `track_caller` do not cause any runtime performance trouble.

This is also testing the waters for whether the libs team is okay with having these attributes in their code, or whether you'd prefer if we find some other way to do this. If you are fine with this, we will probably want to add it to a lot more functions (all the other atomic operations, to start).

Before:
```
error: Undefined Behavior: Data race detected between Atomic Load on Thread(id = 2) and Write on Thread(id = 1) at alloc1727 (current vector clock = VClock([9, 0, 6]), conflicting timestamp = VClock([0, 6]))
    --> /home/r/.rustup/toolchains/miri/lib/rustlib/src/rust/library/core/src/sync/atomic.rs:2594:23
     |
2594 |             SeqCst => intrinsics::atomic_load_seqcst(dst),
     |                       ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Data race detected between Atomic Load on Thread(id = 2) and Write on Thread(id = 1) at alloc1727 (current vector clock = VClock([9, 0, 6]), conflicting timestamp = VClock([0, 6]))
     |
     = help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
     = help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information

     = note: inside `std::sync::atomic::atomic_load::<usize>` at /home/r/.rustup/toolchains/miri/lib/rustlib/src/rust/library/core/src/sync/atomic.rs:2594:23
     = note: inside `std::sync::atomic::AtomicUsize::load` at /home/r/.rustup/toolchains/miri/lib/rustlib/src/rust/library/core/src/sync/atomic.rs:1719:26
note: inside closure at ../miri/tests/fail/data_race/atomic_read_na_write_race1.rs:22:13
    --> ../miri/tests/fail/data_race/atomic_read_na_write_race1.rs:22:13
     |
22   |             (&*c.0).load(Ordering::SeqCst)
     |             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
```

After:
```
error: Undefined Behavior: Data race detected between Atomic Load on Thread(id = 2) and Write on Thread(id = 1) at alloc1727 (current vector clock = VClock([9, 0, 6]), conflicting timestamp = VClock([0, 6]))
  --> tests/fail/data_race/atomic_read_na_write_race1.rs:22:13
   |
22 |             (&*c.0).load(Ordering::SeqCst)
   |             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Data race detected between Atomic Load on Thread(id = 2) and Write on Thread(id = 1) at alloc1727 (current vector clock = VClock([9, 0, 6]), conflicting timestamp = VClock([0, 6]))
   |
   = help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
   = help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information

   = note: inside closure at tests/fail/data_race/atomic_read_na_write_race1.rs:22:13
```
2022-07-24 06:46:46 +00:00
bors
ed793d86da Auto merge of #93397 - joshtriplett:sort-floats, r=Amanieu
Add `[f32]::sort_floats` and `[f64]::sort_floats`

It's inconvenient to sort a slice or Vec of floats, compared to sorting integers. To simplify numeric code, add a convenience method to `[f32]` and `[f64]` to sort them using `sort_unstable_by` with `total_cmp`.
2022-07-23 02:47:54 +00:00
Ralf Jung
35c6dec921 adjust UnsafeCell documentation 2022-07-22 14:25:41 -04:00
bors
41419e7036 Auto merge of #99491 - workingjubilee:sync-psimd, r=workingjubilee
Sync in portable-simd subtree

r? `@ghost`
2022-07-22 09:48:00 +00:00
Dylan DPC
5df3b98321
Rollup merge of #99579 - CleanCut:expect-warning, r=joshtriplett
Add same warning to Result::expect as Result::unwrap

I was reading a recent blog post by Jimmy Hartzell and [he noted](https://www.thecodedmessage.com/posts/2022-07-14-programming-unwrap/#context):

> I will however note that the documentation of `unwrap` comes with [a warning not to use it](https://doc.rust-lang.org/std/result/enum.Result.html#method.unwrap). The warning is framed in terms of the fact that `unwrap` may panic, but the [documentation of `expect`](https://doc.rust-lang.org/std/result/enum.Result.html#method.expect), where this is equally true, does not come with such a warning.

It _is_ equally true. Let's add the same warning to `expect`. This PR is a copy-and-paste of the warning text from the docstring for `unwrap`.
2022-07-22 11:53:43 +05:30
Dylan DPC
ad31d5c6a5
Rollup merge of #98174 - Kixunil:rename_ptr_as_mut_const_to_cast, r=scottmcm
Rename `<*{mut,const} T>::as_{const,mut}` to `cast_`

This renames the methods to use the `cast_` prefix instead of `as_` to
make it more readable and avoid confusion with `<*mut T>::as_mut()`
which is `unsafe` and returns a reference.

Sorry, didn't notice ACP process exists, opened https://github.com/rust-lang/libs-team/issues/51

See #92675
2022-07-22 11:53:39 +05:30
bors
aa01891700 Auto merge of #99420 - RalfJung:vtable, r=oli-obk
make vtable pointers entirely opaque

This implements the scheme discussed in https://github.com/rust-lang/unsafe-code-guidelines/issues/338: vtable pointers should be considered entirely opaque and not even readable by Rust code, similar to function pointers.

- We have a new kind of `GlobalAlloc` that symbolically refers to a vtable.
- Miri uses that kind of allocation when generating a vtable.
- The codegen backends, upon encountering such an allocation, call `vtable_allocation` to obtain an actually dataful allocation for this vtable.
- We need new intrinsics to obtain the size and align from a vtable (for some `ptr::metadata` APIs), since direct accesses are UB now.

I had to touch quite a bit of code that I am not very familiar with, so some of this might not make much sense...
r? `@oli-obk`
2022-07-22 01:33:49 +00:00
Nathan Stocks
7ba0be832a add same warning to Result::expect as Result::unwrap 2022-07-21 18:15:24 -06:00
Matthias Krüger
9610c71b1e
Rollup merge of #99454 - benluelo:control-flow/continue-combinators, r=scottmcm
Add map_continue and continue_value combinators to ControlFlow

As suggested in this comment: https://github.com/rust-lang/rust/issues/75744#issuecomment-1188549494

Related tracking issue: https://github.com/rust-lang/rust/issues/75744

r? ``````@scottmcm``````
2022-07-21 18:42:04 +02:00
Martin Habovstiak
eb5acc9b9b Rename <*{mut,const} T>::as_{const,mut} to cast_
This renames the methods to use the `cast_` prefix instead of `as_` to
make it more readable and avoid confusion with `<*mut T>::as_mut()`
which is `unsafe` and returns a reference.

See #92675
2022-07-21 18:30:05 +02:00
Jubilee Young
f8aa494c69 Introduce core::simd trait imports in tests 2022-07-20 18:08:20 -07:00
Ralf Jung
0318f07bdd various nits from review 2022-07-20 17:12:08 -04:00
Ralf Jung
114da84996 use extern type for extra opaqueness 2022-07-20 17:12:07 -04:00
Ralf Jung
5e840c5c8c incorporate some review feedback 2022-07-20 17:12:07 -04:00
Ralf Jung
8affef2ccb add intrinsic to access vtable size and align 2022-07-20 17:12:07 -04:00
Ralf Jung
13877a965d prune raw pointer read and write methods from Miri backtraces 2022-07-20 16:42:20 -04:00
Ralf Jung
2b269cad43 miri: prune some atomic operation details from stacktrace 2022-07-20 16:34:24 -04:00
benluelo
1993a5f7a8
Add map_continue and continue_value combinators to ControlFlow
Fix type error

Fix continue_value doc comment
2022-07-20 16:32:09 -04:00
Dylan DPC
feebc5f4d5
Rollup merge of #99452 - Stargateur:fix/typo, r=JohnTitor
int_macros was only using to_xe_bytes_doc and not from_xe_bytes_doc

typo in doc [here](https://doc.rust-lang.org/std/primitive.isize.html#method.from_ne_bytes) "returns" => "takes"

`@rustbot` label +T-rustdoc
2022-07-20 11:29:40 +05:30
bors
9a7b7d5e50 Auto merge of #98180 - notriddle:notriddle/rustdoc-fn, r=petrochenkov,GuillaumeGomez
Improve the function pointer docs

This is #97842 but for function pointers instead of tuples. The concept is basically the same.

* Reduce duplicate impls; show `fn (T₁, T₂, …, Tₙ)` and include a sentence saying that there exists up to twelve of them.
* Show `Copy` and `Clone`.
* Show auto traits like `Send` and `Sync`, and blanket impls like `Any`.

https://notriddle.com/notriddle-rustdoc-test/std/primitive.fn.html
2022-07-19 19:36:57 +00:00
Michael Howell
ddb5a2638a Use T for all the function primitive docs lists 2022-07-19 08:52:25 -07:00
Michael Howell
5271e32c46 Improve the function pointer docs
* Reduce duplicate impls; show only the `fn (T)` and include a sentence
  saying that there exists up to twelve of them.
* Show `Copy` and `Clone`.
* Show auto traits like `Send` and `Sync`, and blanket impls like `Any`.
2022-07-19 08:52:24 -07:00