Commit Graph

1862 Commits

Author SHA1 Message Date
Deadbeef
5a6273e263 Do not implement Unpin as const 2022-09-16 11:48:42 +08:00
est31
173eb6f407 Only enable the let_else feature on bootstrap
On later stages, the feature is already stable.

Result of running:

rg -l "feature.let_else" compiler/ src/librustdoc/ library/ | xargs sed -s -i "s#\\[feature.let_else#\\[cfg_attr\\(bootstrap, feature\\(let_else\\)#"
2022-09-15 21:06:45 +02:00
raldone01
59fe291cec Cleanup closures. 2022-09-14 20:11:45 +02:00
y86-dev
9a78faba71 Made from_waker, waker, from_raw const 2022-09-14 14:53:16 +02:00
Ben Kimock
54684c438f Alternate approach; just modify Drain 2022-09-10 17:52:34 -04:00
Ben Kimock
25f4cb59d3 Remove &[T] from vec_deque::Drain 2022-09-10 17:52:34 -04:00
Giacomo Stevanato
dad049cb5c Update test 2022-09-10 13:13:54 +02:00
Giacomo Stevanato
f52082f543 Update documentation 2022-09-10 13:13:54 +02:00
Giacomo Stevanato
f81b07e947 Adapt inplace collection leak test to check for no leaks 2022-09-10 11:34:23 +02:00
Giacomo Stevanato
fa61678a7d Fix leaking in inplace collection when destructor panics 2022-09-10 11:34:22 +02:00
bors
289279de11 Auto merge of #93455 - asquared31415:vec-zero-opts, r=thomcc
Implement internal `IsZero` for Wrapping and Saturating for `Vec` optimizations

This implements the `IsZero` trait for the `Wrapping` and `Saturating` types so that users of these types can get the improved performance from the specialization of creating a `Vec` from a single element repeated when it has a zero bit pattern (example `vec![0_i32; 500]`, or after this PR `vec![Wrapping(0_i32); 500]`)

CC #60978
2022-09-04 20:33:50 +00:00
asquared31415
80e035c9e4 implement IsZero for Saturating and Wrapping 2022-09-02 19:55:01 -04:00
Chris Denton
3fee843ebb
Fix internal doc link
The doc link from `DedupSortedIter` to `BTreeMap::bulk_build_from_sorted_iter` was broken when building internal documentation,
2022-09-02 13:32:16 +01:00
bors
b32223fec1 Auto merge of #100707 - dzvon:fix-typo, r=davidtwco
Fix a bunch of typo

This PR will fix some typos detected by [typos].

I only picked the ones I was sure were spelling errors to fix, mostly in
the comments.

[typos]: https://github.com/crate-ci/typos
2022-09-01 05:39:58 +00:00
Ralf Jung
fe29ac9a44 fix into_iter on ZST 2022-08-31 14:21:35 +02:00
Dezhi Wu
b1430fb7ca Fix a bunch of typo
This PR will fix some typos detected by [typos].

I only picked the ones I was sure were spelling errors to fix, mostly in
the comments.

[typos]: https://github.com/crate-ci/typos
2022-08-31 18:24:55 +08:00
Dylan DPC
c731157395
Rollup merge of #95376 - WaffleLapkin:drain_keep_rest, r=dtolnay
Add `vec::Drain{,Filter}::keep_rest`

This PR adds `keep_rest` methods to `vec::Drain` and `vec::DrainFilter` under `drain_keep_rest` feature gate:
```rust
// mod alloc::vec

impl<T, A: Allocator> Drain<'_, T, A> {
    pub fn keep_rest(self);
}

impl<T, F, A: Allocator> DrainFilter<'_, T, F, A>
where
    F: FnMut(&mut T) -> bool,
{
    pub fn keep_rest(self);
}
```

Both these methods cancel draining of elements that were not yet yielded from the iterators. While this needs more testing & documentation, I want at least start the discussion. This may be a potential way out of the "should `DrainFilter` exhaust itself on drop?" argument.
2022-08-30 11:26:47 +05:30
Dylan DPC
395ce34a95
Rollup merge of #100819 - WaffleLapkin:use_ptr_byte_methods, r=scottmcm
Make use of `[wrapping_]byte_{add,sub}`

These new methods trivially replace old `.cast().wrapping_offset().cast()` & similar code.
Note that [`arith_offset`](https://doc.rust-lang.org/std/intrinsics/fn.arith_offset.html) and `wrapping_offset` are the same thing.

r? ``@scottmcm``

_split off from #100746_
2022-08-29 16:49:43 +05:30
Maybe Waffle
7a433e4d00 fill-in tracking issue for feature(drain_keep_rest) 2022-08-28 17:02:37 +04:00
Maybe Waffle
8c4e0d42b2 add examples to vec::Drain{,Filter}::keep_rest docs 2022-08-28 16:58:06 +04:00
Matthias Krüger
65820098b9
Rollup merge of #99570 - XrXr:box-from-slice-docs, r=thomcc
Box::from(slice): Clarify that contents are copied

A colleague mentioned that they interpreted the old text
as saying that only the pointer and the length are copied.
Add a clause so it is more clear that the pointed to contents
are also copied.
2022-08-28 09:35:13 +02:00
Miguel Ojeda
614c2e404a alloc: add unstable cfg features no_rc and no_sync
In Rust for Linux we are using these to make `alloc` a bit
more modular.

A `run-make-fulldeps` test is added for each of them, so that
enabling each of them independently is kept in a compilable state.

Signed-off-by: Miguel Ojeda <ojeda@kernel.org>
2022-08-26 16:44:32 +02:00
Guillaume Gomez
e3148dc7c4
Rollup merge of #95005 - ssomers:btree_static_assert, r=thomcc
BTree: evaluate static type-related check at compile time

`assert`s like the ones replaced here would only go off when you run the right test cases, if the code were ever incorrectly changed such that rhey would trigger. But [inspired on a nice forum question](https://users.rust-lang.org/t/compile-time-const-generic-parameter-check/69202), they can be checked at compile time.
2022-08-26 14:08:43 +02:00
Matthias Krüger
e802df9e8b
Rollup merge of #100855 - IsaacCloos:master, r=joshtriplett
Extra documentation for new formatting feature

Documentation of this feature was added in #90473 and released in Rust 1.58. However, high traffic macros did not receive new examples. Namely `println!()` and `format!()`.

The doc comments included in Rust are super important to the community- especially newcomers. I have met several other newbies like myself who are unaware of this recent (well about 7 months old now) update to the language allowing for convenient intra-string identifiers.

Bringing small examples of this feature to the doc comments of `println!()` and `format!()` would be helpful to everyone learning the language.

[Blog Post Announcing Feature](https://blog.rust-lang.org/2022/01/13/Rust-1.58.0.html)
[Feature PR](https://github.com/rust-lang/rust/pull/90473) - includes several instances of documentation of the feature- minus the macros in question for this PR

*This is my first time contributing to a project this large. Feedback would mean the world to me 😄*

---

*Recreated; I violated the [No-Merge Policy](https://rustc-dev-guide.rust-lang.org/git.html#no-merge-policy)*
2022-08-24 18:20:10 +02:00
bors
060e47f74a Auto merge of #99917 - yaahc:error-in-core-move, r=thomcc
Move Error trait into core

This PR moves the error trait from the standard library into a new unstable `error` module within the core library. The goal of this PR is to help unify error reporting across the std and no_std ecosystems, as well as open the door to integrating the error trait into the panic reporting system when reporting panics whose source is an errors (such as via `expect`).

This PR is a rewrite of https://github.com/rust-lang/rust/pull/90328 using new compiler features that have been added to support error in core.
2022-08-23 19:48:55 +00:00
Maybe Waffle
53565b23ac Make use of [wrapping_]byte_{add,sub}
...replacing `.cast().wrapping_offset().cast()` & similar code.
2022-08-23 19:32:37 +04:00
Jane Losare-Lusby
bf7611d55e Move error trait into core 2022-08-22 13:28:25 -07:00
Dylan DPC
4ed8fa4759
Rollup merge of #100872 - JanBeh:PR_vec_default_alloc_doc, r=fee1-dead
Add guarantee that Vec::default() does not alloc

Currently `Vec::new()` is guaranteed to not allocate until elements are pushed onto the `Vec`, but such a guarantee is missing for `Vec`'s implementation of `Default::default`.

This adds such a guarantee for `Vec::default()` to the API reference.

See also [this discussion on URLO](https://users.rust-lang.org/t/guarantee-that-vec-default-does-not-allocate/79903).
2022-08-22 20:34:16 +05:30
Dylan DPC
58d23737a6
Rollup merge of #100820 - WaffleLapkin:use_ptr_is_aligned_methods, r=scottmcm
Use pointer `is_aligned*` methods

This PR replaces some manual alignment checks with calls to `pointer::{is_aligned, is_aligned_to}` and removes a useless pointer cast.

r? `@scottmcm`

_split off from #100746_
2022-08-22 20:34:15 +05:30
Dylan DPC
382ba73062
Rollup merge of #100331 - lo48576:try-reserve-preserve-on-failure, r=thomcc
Guarantee `try_reserve` preserves the contents on error

Update doc comments to make the guarantee explicit. However, some
implementations does not have the statement though.

* `HashMap`, `HashSet`: require guarantees on hashbrown side.
* `PathBuf`: simply redirecting to `OsString`.

Fixes #99606.
2022-08-22 20:34:12 +05:30
Jan Behrens
0227b71865 Add guarantee that Vec::default() does not alloc
Currently `Vec::new()` is guaranteed to not allocate until elements are
pushed onto the `Vec`, but such a guarantee is missing for `Vec`'s
implementation of `Default::default`. This adds such a guarantee for
`Vec::default()` to the API reference.
2022-08-22 12:36:44 +02:00
Dylan DPC
33b5ce6433
Rollup merge of #99386 - AngelicosPhosphoros:add_retain_test_maybeuninit, r=JohnTitor
Add tests that check `Vec::retain` predicate execution order.

This behaviour is documented for `Vec::retain` which means that there is code that rely on that but there weren't tests about that.
2022-08-22 11:45:41 +05:30
Dylan DPC
a4950ef7eb
Rollup merge of #93162 - camsteffen:std-prim-docs, r=Mark-Simulacrum
Std module docs improvements

My primary goal is to create a cleaner separation between primitive types and primitive type helper modules (fixes #92777). I also changed a few header lines in other top-level std modules (seen at https://doc.rust-lang.org/std/) for consistency.

Some conventions used/established:

 * "The \`Box\<T>` type for heap allocation." - if a module mainly provides a single type, name it and summarize its purpose in the module header
 * "Utilities for the _ primitive type." - this wording is used for the header of helper modules
 * Documentation for primitive types themselves are removed from helper modules
 * provided-by-core functionality of primitive types is documented in the primitive type instead of the helper module (such as the "Iteration" section in the slice docs)

I wonder if some content in `std::ptr` should be in `pointer` but I did not address this.
2022-08-22 11:45:40 +05:30
Isaac Cloos
acca4b8f86 Extra documentation for new formatting feature
High traffic macros should detail this helpful addition.
2022-08-21 15:28:27 -04:00
Matthias Krüger
a45f69f27d
Rollup merge of #100822 - WaffleLapkin:no_offset_question_mark, r=scottmcm
Replace most uses of `pointer::offset` with `add` and `sub`

As PR title says, it replaces `pointer::offset` in compiler and standard library with `pointer::add` and `pointer::sub`. This generally makes code cleaner, easier to grasp and removes (or, well, hides) integer casts.

This is generally trivially correct, `.offset(-constant)` is just `.sub(constant)`, `.offset(usized as isize)` is just `.add(usized)`, etc. However in some cases we need to be careful with signs of things.

r? ````@scottmcm````

_split off from #100746_
2022-08-21 16:54:07 +02:00
Matthias Krüger
fd403f5d17
Rollup merge of #100821 - WaffleLapkin:ptr_add_docs, r=scottmcm
Make some docs nicer wrt pointer offsets

This PR replaces `pointer::offset` with `pointer::add` and similarly `.cast().wrapping_add().cast()` with `.wrapping_byte_add()` **in docs**.

r? ``````@scottmcm``````

_split off from #100746_
2022-08-21 16:54:06 +02:00
Maybe Waffle
efef211876 Make use of pointer::is_aligned[_to] 2022-08-21 15:46:03 +04:00
Maybe Waffle
3ba393465f Make some docs nicer wrt pointer offsets 2022-08-21 02:22:20 +04:00
Maybe Waffle
e4720e1cf2 Replace most uses of pointer::offset with add and sub 2022-08-21 02:21:41 +04:00
Cameron Steffen
17ddcb434b Improve primitive/std docs separation and headers 2022-08-20 16:50:29 -05:00
Maybe Waffle
ed084ba292 Remove useless pointer cast 2022-08-21 01:32:40 +04:00
bors
878aef79dc Auto merge of #100810 - matthiaskrgr:rollup-xep778s, r=matthiaskrgr
Rollup of 9 pull requests

Successful merges:

 - #97963 (net listen backlog set to negative on Linux.)
 - #99935 (Reenable disabled early syntax gates as future-incompatibility lints)
 - #100129 (add miri-test-libstd support to libstd)
 - #100500 (Ban references to `Self` in trait object substs for projection predicates too.)
 - #100636 (Revert "Revert "Allow dynamic linking for iOS/tvOS targets."")
 - #100718 ([rustdoc] Fix item info display)
 - #100769 (Suggest adding a reference to a trait assoc item)
 - #100777 (elaborate how revisions work with FileCheck stuff in src/test/codegen)
 - #100796 (Refactor: remove unnecessary string searchings)

Failed merges:

r? `@ghost`
`@rustbot` modify labels: rollup
2022-08-20 20:08:26 +00:00
Matthias Krüger
d49906519b
Rollup merge of #99544 - dylni:expose-utf8lossy, r=Mark-Simulacrum
Expose `Utf8Lossy` as `Utf8Chunks`

This PR changes the feature for `Utf8Lossy` from `str_internals` to `utf8_lossy` and improves the API. This is done to eventually expose the API as stable.

Proposal: rust-lang/libs-team#54
Tracking Issue: #99543
2022-08-20 19:32:07 +02:00
dylni
e8ee0b7b2b Expose Utf8Lossy as Utf8Chunks 2022-08-20 12:49:20 -04:00
Ralf Jung
fbcdf2a383 clarify lib.rs attribute structure 2022-08-18 18:07:39 -04:00
Ralf Jung
27b0444333 add some Miri-only tests 2022-08-18 18:07:39 -04:00
Ralf Jung
ac66baad1a add miri-test-libstd support to libstd 2022-08-18 18:07:39 -04:00
The 8472
bb74f97445 address review comments, add tracking issue 2022-08-13 12:58:17 +02:00
The8472
46396e847d add Vec::push_within_capacity - fallible, does not allocate 2022-08-13 10:57:22 +02:00
Mark Rousskov
154a09dd91 Adjust cfgs 2022-08-12 16:28:15 -04:00
YOSHIOKA Takuma
2bb7e1e6ed
Guarantee try_reserve preserves the contents on error
Update doc comments to make the guarantee explicit. However, some
implementations does not have the statement though.

* `HashMap`, `HashSet`: require guarantees on hashbrown side.
* `PathBuf`: simply redirecting to `OsString`.

Fixes #99606.
2022-08-10 01:51:38 +09:00
bors
b573e10d21 Auto merge of #98553 - the8472:next_chunk_opt, r=Mark-Simulacrum
Optimized vec::IntoIter::next_chunk impl

```
x86_64v1, default
test vec::bench_next_chunk                               ... bench:         696 ns/iter (+/- 22)
x86_64v1, pr
test vec::bench_next_chunk                               ... bench:         309 ns/iter (+/- 4)

znver2, default
test vec::bench_next_chunk                               ... bench:      17,272 ns/iter (+/- 117)
znver2, pr
test vec::bench_next_chunk                               ... bench:         211 ns/iter (+/- 3)
```

On znver2 the default impl seems to be slow due to different inlining decisions. It goes through `core::array::iter_next_chunk`
which has a deep call tree.
2022-07-27 01:12:30 +00:00
The 8472
4ba7cac359 add test for vec::IntoIter::next_chunk() impl
an adaption of the default impl's doctest
2022-07-26 21:43:25 +02:00
bors
4d6d601c8a Auto merge of #99574 - durin42:allocator-patch-redux, r=nikic
codegen: use new {re,de,}allocator annotations in llvm

This obviates the patch that teaches LLVM internals about
_rust_{re,de}alloc functions by putting annotations directly in the IR
for the optimizer.

The sole test change is required to anchor FileCheck to the body of the
`box_uninitialized` method, so it doesn't see the `allocalign` on
`__rust_alloc` and get mad about the string `alloca` showing up. Since I
was there anyway, I added some checks on the attributes to prove the
right attributes got set.

r? `@nikic`
2022-07-26 19:35:57 +00:00
The 8472
2f9f2e507e Optimized vec::IntoIter::next_chunk impl
```
test vec::bench_next_chunk                               ... bench:         696 ns/iter (+/- 22)
x86_64v1, pr
test vec::bench_next_chunk                               ... bench:         309 ns/iter (+/- 4)

znver2, default
test vec::bench_next_chunk                               ... bench:      17,272 ns/iter (+/- 117)
znver2, pr
test vec::bench_next_chunk                               ... bench:         211 ns/iter (+/- 3)
```

The znver2 default impl seems to be slow due to inlining decisions. It goes through `core::array::iter_next_chunk`
which has a deeper call tree.
2022-07-26 20:31:43 +02:00
Augie Fackler
130a1df71e codegen: use new {re,de,}allocator annotations in llvm
This obviates the patch that teaches LLVM internals about
_rust_{re,de}alloc functions by putting annotations directly in the IR
for the optimizer.

The sole test change is required to anchor FileCheck to the body of the
`box_uninitialized` method, so it doesn't see the `allocalign` on
`__rust_alloc` and get mad about the string `alloca` showing up. Since I
was there anyway, I added some checks on the attributes to prove the
right attributes got set.

While we're here, we also emit allocator attributes on
__rust_alloc_zeroed. This should allow LLVM to perform more
optimizations for zeroed blocks, and probably fixes #90032. [This
comment](https://github.com/rust-lang/rust/issues/24194#issuecomment-308791157)
mentions "weird UB-like behaviour with bitvec iterators in
rustc_data_structures" so we may need to back this change out if things
go wrong.

The new test cases require LLVM 15, so we copy them into LLVM
14-supporting versions, which we can delete when we drop LLVM 14.
2022-07-26 09:43:28 -04:00
Yuki Okushi
b8aab9781a
Rollup merge of #98710 - mojave2:string, r=JohnTitor
correct the output of a `capacity` method example

The output of this example in std::alloc is different from which shown in the comment. I have tested it on both Linux and Windows.
2022-07-26 07:14:45 +09:00
AngelicosPhosphoros
86d445eda8 Support vec zero-alloc optimization for tuples and byte arrays
* Implement IsZero trait for tuples up to 8 IsZero elements;
* Implement IsZero for u8/i8, leading to implementation of it for arrays of them too;
* Add more codegen tests for this optimization.
* Lower size of array for IsZero trait because it fails to inline checks
2022-07-24 15:56:39 -04:00
Frank Steffahn
c03d10c326 Remove redundant lifetime bound from impl Borrow for Cow
The lifetime bound `B::Owned: 'a` is redundant and doesn't make a difference,
because `Cow<'a, B>` comes with an implicit `B: 'a`, and associated types
will outlive lifetimes outlived by the `Self` type (and all the trait's
generic parameters, of which there are none in this case), so the implicit `B: 'a`
implies `B::Owned: 'a` anyway.

The explicit lifetime bound here does however end up in documentation,
and that's confusing in my opinion, so let's remove it ^^
2022-07-22 01:35:39 +02:00
Alan Wu
321419ec42
Box::from(slice): Clarify that contents are copied
A colleague mentioned that they interpreted the old text
as saying that only the pointer and the length are copied.
Add a clause so it is more clear that the pointed to contents
are also copied.
2022-07-21 13:15:29 -04:00
Matthias Krüger
43783b80ee
Rollup merge of #99413 - steffahn:btree_dropck, r=m-ou-se
Add `PhantomData` marker for dropck to `BTreeMap`

closes #99408
2022-07-21 18:42:02 +02:00
Dylan DPC
e423a6f5f0
Rollup merge of #99198 - RalfJung:alloc-null-ptr, r=JohnTitor
add missing null ptr check in alloc example

`alloc` can return null on OOM, if I understood correctly. So we should never just deref a pointer we get from `alloc`.
2022-07-18 21:14:45 +05:30
Frank Steffahn
110fdb642a Add PhantomData marker for dropck to BTreeMap
closes #99408
2022-07-18 13:03:54 +02:00
AngelicosPhosphoros
85a9c74158 Add tests that check Vec::retain predicate execution order. 2022-07-17 23:34:42 +03:00
Matthias Krüger
ddc32d1633
Rollup merge of #99317 - yanchith:borrow-vec-ta-as-slice-t, r=Mark-Simulacrum
Borrow Vec<T, A> as [T]

Hello all,

When `Vec` was parametrized with `A`, the `Borrow` impls were omitted and currently `Vec<T, A>` can't be borrowed as `[T]`. This PR fixes that.

This was probably missed, because the `Borrow` impls are in a different file - `src/alloc/slice.rs`.

We briefly discussed this here: https://github.com/rust-lang/wg-allocators/issues/96 and I was told to go ahead and make a PR :)

I tested this by building the toolchain and building my code that needed the `Borrow` impl against it, but let me know if I should add any tests to this PR.
2022-07-16 22:30:54 +02:00
yanchith
aeb949753e Borrow Vec<T, A> as [T] 2022-07-16 11:58:26 +02:00
Yuki Okushi
083a253e53
Rollup merge of #99277 - joshtriplett:stabilize-core-cstr-alloc-cstring, r=Mark-Simulacrum
Stabilize `core::ffi::CStr`, `alloc::ffi::CString`, and friends

Stabilize the `core_c_str` and `alloc_c_string` feature gates.

Change `std::ffi` to re-export these types rather than creating type
aliases, since they now have matching stability.
2022-07-16 17:53:04 +09:00
Yuki Okushi
96474a718b
Rollup merge of #99270 - rhysd:issue-99269, r=Mark-Simulacrum
Add `#[must_use]` to `Box::from_raw`

Fixes #99269
2022-07-16 17:53:03 +09:00
Josh Triplett
d6b7480c2a Stabilize core::ffi::CStr, alloc::ffi::CString, and friends
Stabilize the `core_c_str` and `alloc_c_string` feature gates.

Change `std::ffi` to re-export these types rather than creating type
aliases, since they now have matching stability.
2022-07-15 03:10:35 -07:00
rhysd
fa3156ec42 add #[must_use] to Box::from_raw 2022-07-15 17:05:50 +09:00
Dylan DPC
99f3132cd7
Rollup merge of #99113 - WaffleLapkin:arc_simplify, r=Mark-Simulacrum
Simplify [a]rc code a little

Nothing interesting, just make [a]rc code a little nicer by using `byte_sub` and `let`-`else`.
2022-07-15 10:39:41 +05:30
Ralf Jung
080a53a953 add missing null ptr check in alloc example 2022-07-14 11:37:22 -04:00
Duarte Nunes
a85ee3ed91 add code examples 2022-07-14 11:47:06 -03:00
Dylan DPC
103b8602b7
Rollup merge of #98315 - joshtriplett:stabilize-core-ffi-c, r=Mark-Simulacrum
Stabilize `core::ffi:c_*` and rexport in `std::ffi`

This only stabilizes the base types, not the non-zero variants, since
those have their own separate tracking issue and have not gone through
FCP to stabilize.
2022-07-14 14:14:20 +05:30
Josh Triplett
d431338b25 Stabilize core::ffi:c_* and rexport in std::ffi
This only stabilizes the base types, not the non-zero variants, since
those have their own separate tracking issue and have not gone through
FCP to stabilize.
2022-07-13 19:28:20 -07:00
Duarte Nunes
8d35ab3806 rustdoc 2022-07-13 22:04:15 -03:00
Duarte Nunes
050115c0d4 typo 2022-07-13 21:49:31 -03:00
Duarte Nunes
c9ec7aa0d7 changes to wording 2022-07-13 21:48:18 -03:00
Duarte Nunes
9cd66be235 docs: be less harsh in wording for Vec::from_raw_parts
In particular, be clear that it is sound to specify memory not
originating from a previous `Vec` allocation. That is already suggested
in other parts of the documentation about zero-alloc conversions to Box<[T]>.

Incorporate a constraint from `slice::from_raw_parts` that was missing
but needs to be fulfilled, since a `Vec` can be converted into a slice.
2022-07-13 14:29:35 -03:00
Maybe Waffle
69f8eb17c6 Use byte_sub in [a]rc impl 2022-07-10 15:16:51 +04:00
bors
4ec97d991b Auto merge of #95295 - CAD97:layout-isize, r=scottmcm
Enforce that layout size fits in isize in Layout

As it turns out, enforcing this _in APIs that already enforce `usize` overflow_ is fairly trivial. `Layout::from_size_align_unchecked` continues to "allow" sizes which (when rounded up) would overflow `isize`, but these are now declared as library UB for `Layout`, meaning that consumers of `Layout` no longer have to check this before making an allocation.

(Note that this is "immediate library UB;" IOW it is valid for a future release to make this immediate "language UB," and there is an extant patch to do so, to allow Miri to catch this misuse.)

See also #95252, [Zulip discussion](https://rust-lang.zulipchat.com/#narrow/stream/219381-t-libs/topic/Layout.20Isn't.20Enforcing.20The.20isize.3A.3AMAX.20Rule).
Fixes https://github.com/rust-lang/rust/issues/95334

Some relevant quotes:

`@eddyb,` https://github.com/rust-lang/rust/pull/95252#issuecomment-1078513769

> [B]ecause of the non-trivial presence of both of these among code published on e.g. crates.io:
>
>   1. **`Layout` "producers" / `GlobalAlloc` "users"**: smart pointers (including `alloc::rc` copies with small tweaks), collections, etc.
>   2. **`Layout` "consumers" / `GlobalAlloc` "providers"**: perhaps fewer of these, but anything built on top of OS APIs like `mmap` will expose `> isize::MAX` allocations (on 32-bit hosts) if they lack extra checks
>
> IMO the only responsible option is to enforce the `isize::MAX` limit in `Layout`, which:
>
>   * makes `Layout` _sound_ in terms of only ever allowing allocations where `(alloc_base_ptr: *mut u8).offset(size)` is never UB
>   * frees both "producers" and "consumers" of `Layout` from manually reimplementing the checks
>     * manual checks can be risky, e.g. if the final size passed to the allocator isn't the one being checked
>     * this applies retroactively, fixing the overall soundness of existing code with zero transition period or _any_ changes required from users (as long as going through `Layout` is mandatory, making a "choke point")
>
>
> Feel free to quote this comment onto any relevant issue, I might not be able to keep track of developments.

`@Gankra,` https://github.com/rust-lang/rust/pull/95252#issuecomment-1078556371

> As someone who spent way too much time optimizing libcollections checks for this stuff and tried to splatter docs about it everywhere on the belief that it was a reasonable thing for people to manually take care of: I concede the point, it is not reasonable. I am wholy spiritually defeated by the fact that _liballoc_ of all places is getting this stuff wrong. This isn't throwing shade at the folks who implemented these Rc features, but rather a statement of how impractical it is to expect anyone out in the wider ecosystem to enforce them if _some of the most audited rust code in the library that defines the very notion of allocating memory_ can't even reliably do it.
>
> We need the nuclear option of Layout enforcing this rule. Code that breaks this rule is _deeply_ broken and any "regressions" from changing Layout's contract is a _correctness_ fix. Anyone who disagrees and is sufficiently motivated can go around our backs but the standard library should 100% refuse to enable them.

cc also `@RalfJung` `@rust-lang/wg-allocators.` Even though this technically supersedes #95252, those potential failure points should almost certainly still get nicer panics than just "unwrap failed" (which they would get by this PR).

It might additionally be worth recommending to users of the `Layout` API that they should ideally use `.and_then`/`?` to complete the entire layout calculation, and then `panic!` from a single location at the end of `Layout` manipulation, to reduce the overhead of the checks and optimizations preserving the exact location of each `panic` which are conceptually just one failure: allocation too big.

Probably deserves a T-lang and/or T-libs-api FCP (this technically solidifies the [objects must be no larger than `isize::MAX`](https://rust-lang.github.io/unsafe-code-guidelines/layout/scalars.html#isize-and-usize) rule further, and the UCG document says this hasn't been RFCd) and a crater run. Ideally, no code exists that will start failing with this addition; if it does, it was _likely_ (but not certainly) causing UB.

Changes the raw_vec allocation path, thus deserves a perf run as well.

I suggest hiding whitespace-only changes in the diff view.
2022-07-10 08:54:32 +00:00
est31
bdf1d22515 Intra-doc-link-ify reference to Clone::clone_from 2022-07-08 22:47:07 +02:00
bors
f99f9e48ed Auto merge of #98755 - nnethercote:faster-vec-insert, r=cuviper
Optimize `Vec::insert` for the case where `index == len`.

By skipping the call to `copy` with a zero length. This makes it closer
to `push`.

I did this recently for `SmallVec`
(https://github.com/servo/rust-smallvec/pull/282) and it was a big perf win in
one case. Although I don't have a specific use case in mind, it seems
worth doing it for `Vec` as well.

Things to note:
- In the `index < len` case, the number of conditions checked is
  unchanged.
- In the `index == len` case, the number of conditions checked increases
  by one, but the more expensive zero-length copy is avoided.
- In the `index > len` case the code now reserves space for the extra
  element before panicking. This seems like an unimportant change.

r? `@cuviper`
2022-07-03 09:36:37 +00:00
bors
ada8c80bed Auto merge of #98673 - pietroalbini:pa-bootstrap-update, r=Mark-Simulacrum
Bump bootstrap compiler

r? `@Mark-Simulacrum`
2022-07-03 06:55:50 +00:00
Dylan DPC
9dd3288557
Rollup merge of #98585 - cuviper:covariant-thinbox, r=thomcc
Make `ThinBox<T>` covariant in `T`

Just like `Box<T>`, we want `ThinBox<T>` to be covariant in `T`, but the
projection in `WithHeader<<T as Pointee>::Metadata>` was making it
invariant. This is now hidden as `WithOpaqueHeader`, which we type-cast
whenever the real `WithHeader<H>` type is needed.

Fixes the problem noted in <https://github.com/rust-lang/rust/issues/92791#issuecomment-1104636249>.
2022-07-01 20:19:17 +05:30
Pietro Albini
6b2d3d5f3c
update cfg(bootstrap)s 2022-07-01 15:48:23 +02:00
Nicholas Nethercote
679c5ee244 Optimize Vec::insert for the case where index == len.
By skipping the call to `copy` with a zero length. This makes it closer
to `push`.

I did this recently for `SmallVec`
(https://github.com/servo/rust-smallvec/pull/282) and it was a big perf win in
one case. Although I don't have a specific use case in mind, it seems
worth doing it for `Vec` as well.

Things to note:
- In the `index < len` case, the number of conditions checked is
  unchanged.
- In the `index == len` case, the number of conditions checked increases
  by one, but the more expensive zero-length copy is avoided.
- In the `index > len` case the code now reserves space for the extra
  element before panicking. This seems like an unimportant change.
2022-07-01 06:46:30 +10:00
mojave2
6c3ca7e418 correct the output of a capacity method example 2022-06-30 21:10:28 +08:00
Miguel Ojeda
83addf2540 alloc: fix no_global_oom_handling warnings
Rust 1.62.0 introduced a couple new `unused_imports` warnings
in `no_global_oom_handling` builds, making a total of 5 warnings:

```txt
warning: unused import: `Unsize`
 --> library/alloc/src/boxed/thin.rs:6:33
  |
6 | use core::marker::{PhantomData, Unsize};
  |                                 ^^^^^^
  |
  = note: `#[warn(unused_imports)]` on by default

warning: unused import: `from_fn`
  --> library/alloc/src/string.rs:51:18
   |
51 | use core::iter::{from_fn, FusedIterator};
   |                  ^^^^^^^

warning: unused import: `core::ops::Deref`
  --> library/alloc/src/vec/into_iter.rs:12:5
   |
12 | use core::ops::Deref;
   |     ^^^^^^^^^^^^^^^^

warning: associated function `shrink` is never used
   --> library/alloc/src/raw_vec.rs:424:8
    |
424 |     fn shrink(&mut self, cap: usize) -> Result<(), TryReserveError> {
    |        ^^^^^^
    |
    = note: `#[warn(dead_code)]` on by default

warning: associated function `forget_remaining_elements` is never used
   --> library/alloc/src/vec/into_iter.rs:126:19
    |
126 |     pub(crate) fn forget_remaining_elements(&mut self) {
    |                   ^^^^^^^^^^^^^^^^^^^^^^^^^
```

This patch cleans them so that projects compiling `alloc` without
infallible allocations do not see the warnings. It also enables
the use of `-Dwarnings`.

The couple `dead_code` ones may be reverted when some fallible
allocation support starts using them.

Signed-off-by: Miguel Ojeda <ojeda@kernel.org>
2022-06-29 04:44:23 +02:00
Dylan DPC
e5b82de04c
Rollup merge of #98595 - cuviper:send-sync-thinbox, r=m-ou-se
Implement `Send` and `Sync` for `ThinBox<T>`

Just like `Box<T>`, `ThinBox<T>` owns its data on the heap, so it should
implement `Send` and `Sync` when `T` does.

This extends tracking issue #92791.
2022-06-28 15:30:07 +05:30
Josh Stone
6400736142 Implement Send and Sync for ThinBox<T>
Just like `Box<T>`, `ThinBox<T>` owns its data on the heap, so it should
implement `Send` and `Sync` when `T` does.
2022-06-27 15:49:59 -07:00
Josh Stone
e67e165585 Make ThinBox<T> covariant in T
Just like `Box<T>`, we want `ThinBox<T>` to be covariant in `T`, but the
projection in `WithHeader<<T as Pointee>::Metadata>` was making it
invariant. This is now hidden as `WithOpaqueHeader`, which we type-cast
whenever the real `WithHeader<H>` type is needed.
2022-06-27 10:05:55 -07:00
Ralf Jung
9b497abb9a liballoc tests: avoid int2ptr cast 2022-06-27 10:50:56 -04:00
Yuki Okushi
6580d7e784
Rollup merge of #98039 - tnballo:master, r=thomcc
Fix `panic` message for `BTreeSet`'s `range` API and document `panic` cases

Currently, the `panic` cases for [`BTreeSet`'s `range` API](https://doc.rust-lang.org/std/collections/struct.BTreeSet.html#method.range) are undocumented and produce a slightly wrong `panic` message (says `BTreeMap` instead of `BTreeSet`).

Panic case 1 code:

```rust
use std::collections::BTreeSet;
use std::ops::Bound::Excluded;

fn main() {
    let mut set = BTreeSet::new();
    set.insert(3);
    set.insert(5);
    set.insert(8);

    for &elem in set.range((Excluded(&3), Excluded(&3))) {
        println!("{elem}");
    }
}
```

Panic case 1 message:

```
thread 'main' panicked at 'range start and end are equal and excluded in BTreeMap', /rustc/fe5b13d681f25ee6474be29d748c65adcd91f69e/library/alloc/src/collections/btree/search.rs:105:17
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
```

Panic case 2 code:

```rust
use std::collections::BTreeSet;
use std::ops::Bound::Included;

fn main() {
    let mut set = BTreeSet::new();
    set.insert(3);
    set.insert(5);
    set.insert(8);

    for &elem in set.range((Included(&8), Included(&3))) {
        println!("{elem}");
    }
}
```

Panic case 2:

```
thread 'main' panicked at 'range start is greater than range end in BTreeMap', /rustc/fe5b13d681f25ee6474be29d748c65adcd91f69e/library/alloc/src/collections/btree/search.rs:110:17
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
```

This PR fixes the output messages to say `BTreeSet`, adds the relevant unit tests, and updates the documentation for the API.
2022-06-24 16:43:44 +09:00
tnballo
774e814b95
Fix BTreeSet's range API panic message, document 2022-06-23 19:12:24 -04:00
Michael Goulet
e749ba2061
Rollup merge of #98364 - RalfJung:arc-clone, r=Mark-Simulacrum
clarify Arc::clone overflow check comment

I had to read this twice to realize that this is explaining that the code is technically unsound, so move that into a dedicated paragraph and make the wording a bit more explicit.
2022-06-23 14:39:13 -07:00
Michael Goulet
262382ff37
Rollup merge of #96173 - jmaargh:jmaargh/with-capacity-doc-fix, r=Dylan-DPC
Fix documentation for  `with_capacity` and `reserve` families of methods

Fixes #95614

Documentation for the following methods
 - `with_capacity`
 - `with_capacity_in`
 - `with_capacity_and_hasher`
 - `reserve`
 - `reserve_exact`
 - `try_reserve`
 - `try_reserve_exact`

was inconsistent and often not entirely correct where they existed on the following types
- `Vec`
- `VecDeque`
- `String`
- `OsString`
- `PathBuf`
- `BinaryHeap`
- `HashSet`
- `HashMap`
- `BufWriter`
- `LineWriter`

since the allocator is allowed to allocate more than the requested capacity in all such cases, and will frequently "allocate" much more in the case of zero-sized types (I also checked `BufReader`, but there the docs appear to be accurate as it appears to actually allocate the exact capacity).

Some effort was made to make the documentation more consistent between types as well.
2022-06-23 14:39:05 -07:00
Ralf Jung
46b2454bad clarify Arc::clone overflow check comment 2022-06-21 21:14:03 -07:00
Ralf Jung
1ca8b69e1c remove use of &Alloc in btree tests 2022-06-21 16:38:12 -07:00
Dylan DPC
7372bf88ee
Rollup merge of #96609 - ibraheemdev:arc-downcast-unchecked, r=m-ou-se
Add `{Arc, Rc}::downcast_unchecked`

Part of #90850.
2022-06-20 14:56:35 +02:00