Commit Graph

2945 Commits

Author SHA1 Message Date
Dylan DPC
0b71ca84b0
Rollup merge of #95505 - sunfishcode:sunfishcode/fix-openbsd, r=dtolnay
Fix library/std compilation on openbsd.

Fix a minor typo from #95241 which prevented compilation on x86_64-unknown-openbsd.
2022-03-31 13:09:55 +02:00
Dylan DPC
32c5a57a00
Rollup merge of #95130 - workingjubilee:stably-finished, r=m-ou-se
Stabilize thread::is_finished

Closes #90470.

r? `@m-ou-se`
2022-03-31 04:57:25 +02:00
Dan Gohman
c89f11e1db Fix library/std compilation on openbsd.
Fix a minor typo from #95241 which prevented compilation on x86_64-unknown-openbsd.
2022-03-30 18:06:21 -07:00
bors
3e7514670d Auto merge of #94963 - lcnr:inherent-impls-std, r=oli-obk,m-ou-se
allow arbitrary inherent impls for builtin types in core

Part of https://github.com/rust-lang/compiler-team/issues/487. Slightly adjusted after some talks with `@m-ou-se` about the requirements of `t-libs-api`.

This adds a crate attribute `#![rustc_coherence_is_core]` which allows arbitrary impls for builtin types in core.

For other library crates impls for builtin types should be avoided if possible. We do have to allow the existing stable impls however. To prevent us from accidentally adding more of these in the future, there is a second attribute `#[rustc_allow_incoherent_impl]` which has to be added to **all impl items**. This only supports impls for builtin types but can easily be extended to additional types in a future PR.

This implementation does not check for overlaps in these impls. Perfectly checking that requires us to check the coherence of these incoherent impls in every crate, as two distinct dependencies may add overlapping methods. It should be easy enough to detect if it goes wrong and the attribute is only intended for use inside of std.

The first two commits are mostly unrelated cleanups.
2022-03-30 12:28:50 +00:00
Mara Bos
25eb060779
Don't stabilize ScopedJoinHandle::is_finished yet. 2022-03-30 13:59:27 +02:00
bors
e50ff9b452 Auto merge of #95241 - Gankra:cleaned-provenance, r=workingjubilee
Strict Provenance MVP

This patch series examines the question: how bad would it be if we adopted
an extremely strict pointer provenance model that completely banished all
int<->ptr casts.

The key insight to making this approach even *vaguely* pallatable is the

ptr.with_addr(addr) -> ptr

function, which takes a pointer and an address and creates a new pointer
with that address and the provenance of the input pointer. In this way
the "chain of custody" is completely and dynamically restored, making the
model suitable even for dynamic checkers like CHERI and Miri.

This is not a formal model, but lots of the docs discussing the model
have been updated to try to the *concept* of this design in the hopes
that it can be iterated on.

See #95228
2022-03-30 10:09:10 +00:00
lcnr
afbecc0f68 remove now unnecessary lang items 2022-03-30 11:23:58 +02:00
lcnr
bef6f3e895 rework implementation for inherent impls for builtin types 2022-03-30 11:23:58 +02:00
Dylan DPC
abb02d40a4
Rollup merge of #95452 - yaahc:termination-version-correction, r=ehuss
fix since field version for termination stabilization

fixes incorrect version fields in stabilization of https://github.com/rust-lang/rust/pull/93840

r? `@ehuss`
2022-03-30 09:10:05 +02:00
Dylan DPC
e332f3b45e
Rollup merge of #95294 - sourcefrog:doc-copy, r=dtolnay
Document Linux kernel handoff in std::io::copy and std::fs::copy
2022-03-30 09:10:04 +02:00
Martin Pool
cfee2ed8cb Warn that platform-specific behavior may change 2022-03-29 19:49:15 -07:00
Aria Beingessner
e3a3afe050 fix unix typedef 2022-03-29 22:45:31 -04:00
Aria Beingessner
28576e9c51 mark FIXMES for all the places found that are probably offset_from 2022-03-29 20:18:28 -04:00
Aria Beingessner
7514d760b8 cleanup some of the less terrifying library code 2022-03-29 20:18:27 -04:00
Aria Beingessner
b608df8277 revert changes that cast functions to raw pointers, portability hazard 2022-03-29 20:18:27 -04:00
Alexis Beingessner
09395f626b Make some linux/unix APIs better conform to strict provenance.
This largely makes the stdlib conform to strict provenance on Ubuntu.
Some hairier things have been left alone for now.
2022-03-29 20:18:27 -04:00
Aria Beingessner
c7de289e1c Make the stdlib largely conform to strict provenance.
Some things like the unwinders and system APIs are not fully conformant,
this only covers a lot of low-hanging fruit.
2022-03-29 20:18:21 -04:00
Jane Lusby
09e7b0b951 fix since field version for termination stabilization 2022-03-29 17:10:49 -07:00
Dylan DPC
3208ed7b21
Rollup merge of #95256 - thomcc:fix-unwind-safe, r=m-ou-se
Ensure io::Error's bitpacked repr doesn't accidentally impl UnwindSafe

Sadly, I'm not sure how to easily test that we don't impl a trait, though (or can libstd use `where io::Error: !UnwindSafe` or something).

Fixes #95203
2022-03-29 22:46:33 +02:00
Dylan DPC
bba2a64d0c
Rollup merge of #93840 - yaahc:termination-stabilization-celebration-station, r=joshtriplett
Stabilize Termination and ExitCode

From https://github.com/rust-lang/rust/issues/43301

This PR stabilizes the Termination trait and associated ExitCode type. It also adjusts the ExitCode feature flag to replace the placeholder flag with a more permanent name, as well as splitting off the `to_i32` method behind its own permanently unstable feature flag.

This PR stabilizes the termination trait with the following signature:

```rust
pub trait Termination {
    fn report(self) -> ExitCode;
}
```

The existing impls of `Termination` are effectively already stable due to the prior stabilization of `?` in main.

This PR also stabilizes the following APIs on exit code

```rust
#[derive(Clone, Copy, Debug)]
pub struct ExitCode(_);

impl ExitCode {
    pub const SUCCESS: ExitCode;
    pub const FAILURE: ExitCode;
}

impl From<u8> for ExitCode { /* ... */ }
```

---

All of the previous blockers have been resolved. The main ones that were resolved recently are:

* The trait's name: We decided against changing this since none of the alternatives seemed particularly compelling. Instead we decided to end the bikeshedding and stick with the current name. ([link to the discussion](https://rust-lang.zulipchat.com/#narrow/stream/219381-t-libs/topic/Termination.2FExit.20Status.20Stabilization/near/269793887))
* Issues around platform specific representations: We resolved this issue by changing the return type of `report` from `i32` to the opaque type `ExitCode`. That way we can change the underlying representation without affecting the API, letting us offer full support for platform specific exit code APIs in the future.
* Custom exit codes: We resolved this by adding `From<u8> for ExitCode`. We choose to only support u8 initially because it is the least common denominator between the sets of exit codes supported by our current platforms. In the future we anticipate adding platform specific extension traits to ExitCode for constructors from larger or negative numbers, as needed.
2022-03-29 22:46:31 +02:00
Thom Chiovoloni
3ac93abfb2
Indicate the correct error code in the compile_fail block.
Co-authored-by: Mara Bos <m-ou.se@m-ou.se>
2022-03-29 11:45:49 -07:00
bors
e2301ca543 Auto merge of #95375 - MarcusCalhoun-Lopez:i686_apple_darwin, r=m-ou-se
Fix build on i686-apple-darwin systems

Replace `target_arch = "x86_64"` with `not(target_arch = "aarch64")` so that i686-apple-darwin systems dynamically choose implementation.
2022-03-29 10:08:03 +00:00
Marcus Calhoun-Lopez
8c18844324 Fix build on i686-apple-darwin systems
On 32-bit systems, fdopendir is called `_fdopendir$INODE64$UNIX2003`.
On 64-bit systems, fdopendir is called `_fdopendir$INODE64`.
2022-03-28 12:52:14 -07:00
Marcus Calhoun-Lopez
c2d5c64132 Fix build on i686-apple-darwin systems
Replace `target_arch = "x86_64"` with `not(target_arch = "aarch64")` so that i686-apple-darwin systems dynamically choose implementation.
2022-03-28 12:52:14 -07:00
Noa
97c58e8a87 Touch up ExitCode docs 2022-03-28 09:54:57 -07:00
David Tolnay
d55854d484
Link to std::io's platform-specific behavior disclaimer 2022-03-27 21:01:28 -07:00
est31
8c0e6a8f10 std::process docs: linkify references to output, spawn and status 2022-03-25 14:41:37 +01:00
Martin Pool
93e9f5e966 Document Linux kernel handoff in std::io::copy and std::fs::copy 2022-03-24 21:44:39 -07:00
Thom Chiovoloni
09d83e292d
Add a compile_fail doctest to check that io::Error: !UnwindSafe 2022-03-23 17:29:19 -07:00
Thom Chiovoloni
b898ad499f
Ensure io::Error's bitpacked repr doesn't accidentally impl UnwindSafe 2022-03-23 17:12:47 -07:00
bors
36748cf814 Auto merge of #95173 - m-ou-se:sys-locks-module, r=dtolnay
Move std::sys::{mutex, condvar, rwlock} to std::sys::locks.

This cleans up the the std::sys modules a bit by putting the locks in a single module called `locks` rather than spread over the three modules `mutex`, `condvar`, and `rwlock`. This makes it easier to organise lock implementations, which helps with https://github.com/rust-lang/rust/issues/93740.
2022-03-23 06:01:48 +00:00
Dylan DPC
67d6cc6ef3
Rollup merge of #91608 - workingjubilee:fold-neon-fp, r=nagisa,Amanieu
Fold aarch64 feature +fp into +neon

Arm's FEAT_FP and Feat_AdvSIMD describe the same thing on AArch64:
The Neon unit, which handles both floating point and SIMD instructions.
Moreover, a configuration for AArch64 must include both or neither.
Arm says "entirely proprietary" toolchains may omit floating point:
https://developer.arm.com/documentation/102374/0101/Data-processing---floating-point
In the Programmer's Guide for Armv8-A, Arm says AArch64 can have
both FP and Neon or neither in custom implementations:
https://developer.arm.com/documentation/den0024/a/AArch64-Floating-point-and-NEON

In "Bare metal boot code for Armv8-A", enabling Neon and FP
is just disabling the same trap flag:
https://developer.arm.com/documentation/dai0527/a

In an unlikely future where "Neon and FP" become unrelated,
we can add "[+-]fp" as its own feature flag.
Until then, we can simplify programming with Rust on AArch64 by
folding both into "[+-]neon", which is valid as it supersets both.

"[+-]neon" is retained for niche uses such as firmware, kernels,
"I just hate floats", and so on.

I am... pretty sure no one is relying on this.

An argument could be made that, as we are not an "entirely proprietary" toolchain, we should not support AArch64 without floats at all. I think that's a bit excessive. However, I want to recognize the intent: programming for AArch64 should be simplified where possible. For x86-64, programmers regularly set up illegal feature configurations because it's hard to understand them, see https://github.com/rust-lang/rust/issues/89586. And per the above notes, plus the discussion in https://github.com/rust-lang/rust/issues/86941, there should be no real use cases for leaving these features split: the two should in fact always go together.

- Fixes rust-lang/rust#95002.
- Fixes rust-lang/rust#95064.
- Fixes rust-lang/rust#95122.
2022-03-23 03:05:28 +01:00
Jubilee Young
b807d5970b Fold aarch64 feature +fp into +neon
Arm's FEAT_FP and Feat_AdvSIMD describe the same thing on AArch64:
The Neon unit, which handles both floating point and SIMD instructions.
Moreover, a configuration for AArch64 must include both or neither.
Arm says "entirely proprietary" toolchains may omit floating point:
https://developer.arm.com/documentation/102374/0101/Data-processing---floating-point
In the Programmer's Guide for Armv8-A, Arm says AArch64 can have
both FP and Neon or neither in custom implementations:
https://developer.arm.com/documentation/den0024/a/AArch64-Floating-point-and-NEON

In "Bare metal boot code for Armv8-A", enabling Neon and FP
is just disabling the same trap flag:
https://developer.arm.com/documentation/dai0527/a

In an unlikely future where "Neon and FP" become unrelated,
we can add "[+-]fp" as its own feature flag.
Until then, we can simplify programming with Rust on AArch64 by
folding both into "[+-]neon", which is valid as it supersets both.

"[+-]neon" is retained for niche uses such as firmware, kernels,
"I just hate floats", and so on.
2022-03-22 15:14:33 -07:00
Mara Bos
733153f2e5 Move std::sys::{mutex, condvar, rwlock} to std::sys::locks. 2022-03-22 18:19:47 +01:00
ZHANGWENTAI
71e34231e0 add some fix
Signed-off-by: ZHANGWENTAI <2092913428@qq.com>
2022-03-22 23:33:08 +08:00
ZHANGWENTAI
161b01a9ac fix the lint problem
Signed-off-by: ZHANGWENTAI <2092913428@qq.com>
2022-03-22 23:10:00 +08:00
ZHANGWENTAI
6e971a8bc2 update Termination trait docs 2022-03-22 22:37:17 +08:00
bors
b9c4067417 Auto merge of #95158 - sunfishcode:sunfishcode/windows-8, r=joshtriplett
Preserve the Windows `GetLastError` error in `HandleOrInvalid`.

In the `TryFrom<HandleOrInvalid> for OwnedHandle` and
`TryFrom<HandleOrNull> for OwnedHandle` implemenations, `forget` the
owned handle on the error path, to avoid calling `CloseHandle` on an
invalid handle. It's harmless, except that it may overwrite the
thread's `GetLastError` error.

r? `@joshtriplett`
2022-03-22 05:48:49 +00:00
Mara Bos
ac6996345d Move pthread locks to own module. 2022-03-21 15:51:25 +01:00
Dan Gohman
6c407d0592 Add a testcase. 2022-03-20 15:56:25 -07:00
Dan Gohman
95e1702284 Preserve the Windows GetLastError error in HandleOrInvalid.
In the `TryFrom<HandleOrInvalid> for OwnedHandle` and
`TryFrom<HandleOrNull> for OwnedHandle` implemenations, `forget` the
owned handle on the error path, to avoid calling `CloseHandle` on an
invalid handle. It's harmless, except that it may overwrite the
thread's `GetLastError` error.
2022-03-20 15:37:31 -07:00
Matthias Krüger
3c02b5192e
Rollup merge of #95114 - ChrisDenton:symlink-test, r=the8472
Skip a test if symlink creation is not possible

If someone running tests on Windows does not have Developer Mode enabled then creating symlinks will fail which in turn would cause this test to fail. This can be a stumbling block for contributors.
2022-03-20 20:42:43 +01:00
Matthias Krüger
acb7ed141b
Rollup merge of #94749 - RalfJung:remove-dir-all-miri, r=cuviper
remove_dir_all: use fallback implementation on Miri

Fixes https://github.com/rust-lang/miri/issues/1966

The new implementation requires `openat`, `unlinkat`, and `fdopendir`. These cannot easily be shimmed in Miri since libstd does not expose APIs corresponding to them. So for now it is probably easiest to just use the fallback code in Miri. Nobody should run Miri as root anyway...
2022-03-20 09:14:58 +01:00
Jubilee Young
5a25e228eb Stabilize thread::is_finished 2022-03-19 19:53:26 -07:00
Chris Denton
68c03cd386
Skip a test if symlink creation is not possible 2022-03-19 15:09:36 +00:00
Dylan DPC
d1ef570a2f
Rollup merge of #94650 - ChrisDenton:windows-absolute-fix, r=dtolnay
Relax tests for Windows dos device names

Windows 11 no longer turn paths ending with dos device names into device paths.

E.g. `C:\path\to\COM1.txt` used to get turned into `\\.\COM1`. Whereas now this path is left as is.

Note though that if the given path is an exact (case-insensitive) match for the string `COM1` then it'll still be converted to `\\.\COM1`.
2022-03-19 14:50:24 +01:00
Dylan DPC
3545003b29
Rollup merge of #93858 - krallin:process-process_group, r=dtolnay
Add a `process_group` method to UNIX `CommandExt`

- Tracking issue: #93857
- RFC: https://github.com/rust-lang/rfcs/pull/3228

Add a `process_group` method to `std::os::unix::process::CommandExt` that
allows setting the process group id (i.e. calling `setpgid`) in the child, thus
enabling users to set process groups while leveraging the `posix_spawn` fast
path.
2022-03-19 14:50:24 +01:00
Dylan DPC
30b4182fa7
Rollup merge of #94984 - ericseppanen:cstr_from_bytes, r=Mark-Simulacrum
add `CStr` method that accepts any slice containing a nul-terminated string

I haven't created an issue (tracking or otherwise) for this yet; apologies if my approach isn't correct. This is my first code contribution.

This change adds a member fn that converts a slice into a `CStr`; it is intended to be safer than `from_ptr` (which is unsafe and may read out of bounds), and more useful than `from_bytes_with_nul` (which requires that the caller already know where the nul byte is).

The reason I find this useful is for situations like this:
```rust
let mut buffer = [0u8; 32];
unsafe {
    some_c_function(buffer.as_mut_ptr(), buffer.len());
}
let result = CStr::from_bytes_with_nul(&buffer).unwrap();
```

This code above returns an error with `kind = InteriorNul`, because `from_bytes_with_nul` expects that the caller has passed in a slice with the NUL byte at the end of the slice. But if I just got back a nul-terminated string from some FFI function, I probably don't know where the NUL byte is.

I would wish for a `CStr` constructor with the following properties:
- Accept `&[u8]` as input
- Scan for the first NUL byte and return the `CStr` that spans the correct sub-slice (see [future note below](https://github.com/rust-lang/rust/pull/94984#issuecomment-1070754281)).
- Return an error if no NUL byte is found within the input slice

I asked on [Zulip](https://rust-lang.zulipchat.com/#narrow/stream/122651-general/topic/CStr.20from.20.26.5Bu8.5D.20without.20knowing.20the.20NUL.20location.3F) whether this sounded like a good idea, and got a couple of positive-sounding responses from ``@joshtriplett`` and ``@AzureMarker.``

This is my first draft, so feedback is welcome.

A few issues that definitely need feedback:

1. Naming. ``@joshtriplett`` called this `from_bytes_with_internal_nul` on Zulip, but after staring at all of the available methods, I believe that this function is probably what end users want (rather than the existing fn `from_bytes_with_nul`). Giving it a simpler name (**`from_bytes`**) implies that this should be their first choice.
2. Should I add a similar method on `CString` that accepts `Vec<u8>`? I'd assume the answer is probably yes, but I figured I'd try to get early feedback before making this change bigger.
3. What should the error type look like? I made a unit struct since `CStr::from_bytes` can only fail in one obvious way, but if I need to do this for `CString` as well then that one may want to return `FromVecWithNulError`. And maybe that should dictate the shape of the `CStr` error type also?

Also, cc ``@poliorcetics`` who wrote #73139 containing similar fns.
2022-03-19 02:02:02 +01:00
Dylan DPC
463e516b0c
Rollup merge of #93692 - mfrw:mfrw/document-keyword-in, r=dtolnay
keyword_docs: document use of `in` with `pub` keyword

Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>

Fixes: #93609
2022-03-19 02:02:02 +01:00
Dylan DPC
fe55eee9a5
Rollup merge of #93263 - sunfishcode:sunfishcode/detatched-console-handle, r=dtolnay
Consistently present absent stdio handles on Windows as NULL handles.

This addresses #90964 by making the std API consistent about presenting
absent stdio handles on Windows as NULL handles. Stdio handles may be
absent due to `#![windows_subsystem = "windows"]`, due to the console
being detached, or due to a child process having been launched from a
parent where stdio handles are absent.

Specifically, this fixes the case of child processes of parents with absent
stdio, which previously ended up with `stdin().as_raw_handle()` returning
`INVALID_HANDLE_VALUE`, which was surprising, and which overlapped with an
unrelated valid handle value. With this patch, `stdin().as_raw_handle()`
now returns null in these situation, which is consistent with what it
does in the parent process.

And, document this in the "Windows Portability Considerations" sections of
the relevant documentation.
2022-03-19 02:02:01 +01:00