Commit Graph

64 Commits

Author SHA1 Message Date
Jack Wrenn
5b1a2b8712 TransmuteFrom: Gracefully handle unnormalized types and normalization errors
Fixes #130413
2024-10-01 20:52:17 +00:00
Jubilee Young
325af25c94 TL note: current means target 2024-09-20 10:02:14 -07:00
Matthias Krüger
9ed667f8ed
Rollup merge of #130371 - saethlin:transmutability-enum-ice, r=compiler-errors
Correctly account for niche-optimized tags in rustc_transmute

This is a bit hacky, but it fixes the ICE and makes it possible to run the safe transmute check on every `mem::transmute` check we instantiate. I want to write a lint that needs to do that, but this stands well on its own.

cc `@jswrenn` here's the fix I alluded to yesterday :)

Fixes #123693
2024-09-15 11:55:47 +02:00
Ben Kimock
2ac554b73a Correctly account for niche-optimized tags 2024-09-14 17:52:03 -04:00
Ben Kimock
c547f51de1 Add a test 2024-09-14 17:30:07 -04:00
Noah Lev
e0bd01167e Re-enable ConstArgKind::Path lowering by default
...and remove the `const_arg_path` feature gate as a result. It was only
a stopgap measure to fix the regression that the new lowering introduced
(which should now be fixed by this PR).
2024-09-12 13:56:01 -04:00
Michael Goulet
e866f8a97d Revert 'Stabilize -Znext-solver=coherence' 2024-09-11 17:57:04 -04:00
lcnr
d93e047c9f rebase and update fixed crashes 2024-09-05 07:57:17 +00:00
Jack Wrenn
1ad218f3af safe transmute: Rename BikeshedIntrinsicFrom to TransmuteFrom
As our implementation of MCP411 nears completion and we begin to
solicit testing, it's no longer reasonable to expect testers to
type or remember `BikeshedIntrinsicFrom`. The name degrades the
ease-of-reading of documentation, and the overall experience of
using compiler safe transmute.

Tentatively, we'll instead adopt `TransmuteFrom`.

This name seems to be the one most likely to be stabilized, after
discussion on Zulip [1]. We may want to revisit the ordering of
`Src` and `Dst` before stabilization, at which point we'd likely
consider `TransmuteInto` or `Transmute`.

[1] https://rust-lang.zulipchat.com/#narrow/stream/216762-project-safe-transmute/topic/What.20should.20.60BikeshedIntrinsicFrom.60.20be.20named.3F
2024-08-27 14:05:54 +00:00
Matthias Krüger
c0bedb9e5e
Rollup merge of #129246 - BoxyUwU:feature_gate_const_arg_path, r=cjgillot
Retroactively feature gate `ConstArgKind::Path`

This puts the lowering introduced by #125915 under a feature gate until we fix the regressions introduced by it. Alternative to whole sale reverting the PR since it didn't seem like a very clean revert and I think this is generally a step in the right direction and don't want to get stuck landing and reverting the PR over and over :)

cc #129137 ``@camelid,`` tests taken from there. beta is branching soon so I think it makes sense to not try and rush that fix through since it wont have much time to bake and if it has issues we can't simply revert it on beta.

Fixes #128016
2024-08-24 22:14:12 +02:00
Jack Wrenn
e2328ebd7f safe transmute: gracefully bubble-up layout errors
Changes `.unwrap()`s to `?` to avoid ICEs. Adds ui tests.

Fixes #129327
2024-08-21 18:06:02 +00:00
Boxy
b8eedfa3d2 Retroactively feature gate ConstArgKind::Path 2024-08-19 01:14:22 +01:00
Jack Wrenn
17995d5cc2 safe transmute: forbid reference lifetime extension
Modifies `BikeshedIntrinsicFrom` to forbid lifetime extensions on
references. This static check can be opted out of with the
`Assume::lifetimes` flag.

Fixes #129097
2024-08-18 18:31:06 +00:00
Esteban Küber
921de9d8ea Revert suggestion verbosity change 2024-07-22 22:51:53 +00:00
Esteban Küber
b30fdec5fb On generic and lifetime removal suggestion, do not leave behind stray , 2024-07-22 22:04:49 +00:00
Esteban Küber
5c2b36a21c Change suggestion message wording 2024-07-22 22:04:49 +00:00
Esteban Küber
c807ac0340 Use verbose suggestion for "wrong # of generics" 2024-07-22 22:04:49 +00:00
Noah Lev
37ed7a4438 Add ConstArgKind::Path and make ConstArg its own HIR node
This is a very large commit since a lot needs to be changed in order to
make the tests pass. The salient changes are:

- `ConstArgKind` gets a new `Path` variant, and all const params are now
  represented using it. Non-param paths still use `ConstArgKind::Anon`
  to prevent this change from getting too large, but they will soon use
  the `Path` variant too.

- `ConstArg` gets a distinct `hir_id` field and its own variant in
  `hir::Node`. This affected many parts of the compiler that expected
  the parent of an `AnonConst` to be the containing context (e.g., an
  array repeat expression). They have been changed to check the
  "grandparent" where necessary.

- Some `ast::AnonConst`s now have their `DefId`s created in
  rustc_ast_lowering rather than `DefCollector`. This is because in some
  cases they will end up becoming a `ConstArgKind::Path` instead, which
  has no `DefId`. We have to solve this in a hacky way where we guess
  whether the `AnonConst` could end up as a path const since we can't
  know for sure until after name resolution (`N` could refer to a free
  const or a nullary struct). If it has no chance as being a const
  param, then we create a `DefId` in `DefCollector` -- otherwise we
  decide during ast_lowering. This will have to be updated once all path
  consts use `ConstArgKind::Path`.

- We explicitly use `ConstArgHasType` for array lengths, rather than
  implicitly relying on anon const type feeding -- this is due to the
  addition of `ConstArgKind::Path`.

- Some tests have their outputs changed, but the changes are for the
  most part minor (including removing duplicate or almost-duplicate
  errors). One test now ICEs, but it is for an incomplete, unstable
  feature and is now tracked at #127009.
2024-07-16 19:27:28 -07:00
Matthias Krüger
e7be3562b7
Rollup merge of #126620 - oli-obk:taint_errors, r=fee1-dead
Actually taint InferCtxt when a fulfillment error is emitted

And avoid checking the global error counter

fixes #122044
fixes #123255
fixes #123276
fixes #125799
2024-06-20 07:52:43 +02:00
Oli Scherer
e4c9a8cf9b Const generic parameters aren't bounds, even if we end up erroring because of the bound that binds the parameter's type 2024-06-19 14:58:29 +00:00
Jack Wrenn
df1d6168f4 safe transmute: support non-ZST, variantful, uninhabited enums
Previously, `Tree::from_enum`'s implementation branched into three disjoint
cases:

 1. enums that uninhabited
 2. enums for which all but one variant is uninhabited
 3. enums with multiple inhabited variants

This branching (incorrectly) did not differentiate between variantful and
variantless uninhabited enums. In both cases, we assumed (and asserted) that
uninhabited enums are zero-sized types. This assumption is false for enums like:

    enum Uninhabited { A(!, u128) }

...which, currently, has the same size as `u128`. This faulty assumption
manifested as the ICE reported in #126460.

In this PR, we revise the first case of `Tree::from_enum` to consider only the
narrow category of "enums that are uninhabited ZSTs". These enums, whose layouts
are described with `Variants::Single { index }`, are special in their layouts
otherwise resemble the `!` type and cannot be descended into like typical enums.
This first case captures uninhabited enums like:

    enum Uninhabited { A(!, !), B(!) }

The second case is revised to consider the broader category of "enums that defer
their layout to one of their variants"; i.e., enums whose layouts are described
with `Variants::Single { index }` and that do have a variant at `index`. This
second case captures uninhabited enums that are not ZSTs, like:

    enum Uninhabited { A(!, u128) }

...which represent their variants with `Variants::Single`.

Finally, the third case is revised to cover the broader category of "enums with
multiple variants", which captures uninhabited, non-ZST enums like:

    enum Uninhabited { A(u8, !), B(!, u32) }

...which represent their variants with `Variants::Multiple`.

This PR also adds a comment requested by RalfJung in his review of #126358 to
`compiler/rustc_const_eval/src/interpret/discriminant.rs`.

Fixes #126460
2024-06-14 21:11:08 +00:00
Jubilee
d33ec8ed8c
Rollup merge of #126358 - jswrenn:fix-125811, r=compiler-errors
safe transmute: support `Single` enums

Previously, the implementation of `Tree::from_enum` incorrectly treated enums with `Variants::Single` and `Variants::Multiple` identically. This is incorrect for `Variants::Single` enums, which delegate their layout to that of a variant with a particular index (or no variant at all if the enum is empty).

This flaw manifested first as an ICE. `Tree::from_enum` attempted to compute the tag of variants other than the one at `Variants::Single`'s `index`, and fell afoul of a sanity-checking assertion in `compiler/rustc_const_eval/src/interpret/discriminant.rs`. This assertion is non-load-bearing, and can be removed; the routine its in is well-behaved even without it.

With the assertion removed, the proximate issue becomes apparent: calling `Tree::from_variant` on a variant that does not exist is ill-defined. A sanity check the given variant has `FieldShapes::Arbitrary` fails, and the analysis is (correctly) aborted with `Err::NotYetSupported`.

This commit corrects this chain of failures by ensuring that `Tree::from_variant` is not called on variants that are, as far as layout is concerned, nonexistent. Specifically, the implementation of `Tree::from_enum` is now partitioned into three cases:

  1. enums that are uninhabited
  2. enums for which all but one variant is uninhabited
  3. enums with multiple inhabited variants

`Tree::from_variant` is now only invoked in the third case. In the first case, `Tree::uninhabited()` is produced. In the second case, the layout is delegated to `Variants::Single`'s index.

Fixes #125811
2024-06-12 20:03:22 -07:00
Jack Wrenn
fb662f2126 safe transmute: support Variants::Single enums
Previously, the implementation of `Tree::from_enum` incorrectly
treated enums with `Variants::Single` and `Variants::Multiple`
identically. This is incorrect for `Variants::Single` enums,
which delegate their layout to that of a variant with a particular
index (or no variant at all if the enum is empty).

This flaw manifested first as an ICE. `Tree::from_enum` attempted
to compute the tag of variants other than the one at
`Variants::Single`'s `index`, and fell afoul of a sanity-checking
assertion in `compiler/rustc_const_eval/src/interpret/discriminant.rs`.
This assertion is non-load-bearing, and can be removed; the routine
its in is well-behaved even without it.

With the assertion removed, the proximate issue becomes apparent:
calling `Tree::from_variant` on a variant that does not exist is
ill-defined. A sanity check the given variant has
`FieldShapes::Arbitrary` fails, and the analysis is (correctly)
aborted with `Err::NotYetSupported`.

This commit corrects this chain of failures by ensuring that
`Tree::from_variant` is not called on variants that are, as far as
layout is concerned, nonexistent. Specifically, the implementation
of `Tree::from_enum` is now partitioned into three cases:

  1. enums that are uninhabited
  2. enums for which all but one variant is uninhabited
  3. enums with multiple inhabited variants

`Tree::from_variant` is now only invoked in the third case. In the
first case, `Tree::uninhabited()` is produced. In the second case,
the layout is delegated to `Variants::Single`'s index.

Fixes #125811
2024-06-13 01:38:51 +00:00
Michael Goulet
c453c82de4 Harmonize use of leaf and root obligation in trait error reporting 2024-06-12 20:57:23 -04:00
Oli Scherer
adb2ac0165 Mark all extraneous generic args as errors 2024-06-03 13:21:17 +00:00
Zalathar
14d56e8338 Fix test problems discovered by the revision check
Most of these changes either add revision names that were apparently missing,
or explicitly mark a revision name as currently unused.
2024-05-09 14:47:09 +10:00
Jack Wrenn
3aa14e3b2e Compute transmutability from rustc_target::abi::Layout
In its first step of computing transmutability, `rustc_transmutability`
constructs a byte-level representation of type layout (`Tree`). Previously, this
representation was computed for ADTs by inspecting the ADT definition and
performing our own layout computations. This process was error-prone, verbose,
and limited our ability to analyze many types (particularly default-repr types).

In this PR, we instead construct `Tree`s from `rustc_target::abi::Layout`s. This
helps ensure that layout optimizations are reflected our analyses, and increases
the kinds of types we can now analyze, including:
- default repr ADTs
- transparent unions
- `UnsafeCell`-containing types

Overall, this PR expands the expressvity of `rustc_transmutability` to be much
closer to the transmutability analysis performed by miri. Future PRs will work
to close the remaining gaps (e.g., support for `Box`, raw pointers, `NonZero*`,
coroutines, etc.).
2024-04-08 15:36:52 +00:00
Jack Wrenn
107807d393 Safe Transmute: lowercase diagnostics 2024-03-15 17:55:49 +00:00
Jack Wrenn
dc35339514 Safe Transmute: Use 'not yet supported', not 'unspecified' in errors
We can (and will) support analyzing the transmutability of types
whose layouts aren't completely specified by its repr. This change
ensures that the error messages remain sensible after this support
lands.
2024-03-15 17:42:29 +00:00
Jack Wrenn
216df4a8e6 safe transmute: require that src referent is smaller than dst
The source referent absolutely must be smaller than the destination
referent of a ref-to-ref transmute; the excess bytes referenced
cannot arise from thin air, even if those bytes are uninitialized.
2024-03-13 15:53:48 +00:00
Michael Goulet
f614eaea2c Remove some unnecessary allow(incomplete_features) 2024-03-11 19:42:04 +00:00
Michael Goulet
383051092f Ignore tests w/ current/next revisions from compare-mode=next-solver 2024-03-10 21:18:41 -04:00
Jack Wrenn
23ab1bda92 safe transmute: revise safety analysis
Migrate to a simplified safety analysis that does not use visibility.

Closes https://github.com/rust-lang/project-safe-transmute/issues/15
2024-02-27 16:22:32 +00:00
许杰友 Jieyou Xu (Joe)
ec2cc761bc
[AUTO-GENERATED] Migrate ui tests from // to //@ directives 2024-02-16 20:02:50 +00:00
Oli Scherer
5f6390f947 Continue compilation after check_mod_type_wf errors 2024-02-14 11:00:30 +00:00
Esteban Küber
a9841936fe Deduplicate more sized errors on call exprs
Change the implicit `Sized` `Obligation` `Span` for call expressions to
include the whole expression. This aids the existing deduplication
machinery to reduce the number of errors caused by a single unsized
expression.
2024-01-24 02:53:15 +00:00
George-lewis
d56cdd48cb Bless tests
Update tests
2024-01-13 12:46:58 -05:00
Matthias Krüger
4571ef9152
Rollup merge of #119772 - oli-obk:whackamole, r=compiler-errors
Fix an ICE that occurs after an error has already been reported

fixes #117491

cc `@jswrenn`
2024-01-10 06:28:45 +01:00
Oli Scherer
0978f6e010 Avoid silencing relevant follow-up errors 2024-01-09 21:08:16 +00:00
Oli Scherer
4f0869ea89 Fix an ICE that occurs after an error has already been reported 2024-01-09 16:09:30 +00:00
lcnr
11d16c4082 update use of feature flags 2023-12-14 15:22:37 +01:00
Nilstrieb
41e8d152dc Show number in error message even for one error
Co-authored-by: Adrian <adrian.iosdev@gmail.com>
2023-11-24 19:15:52 +01:00
Bryanskiy
e26614e6a7 Replace old private-in-public diagnostic with type privacy lints 2023-08-02 13:40:28 +03:00
bors
c44324a4fe Auto merge of #113677 - bryangarza:unevaluated-const-ice_issue-110892, r=davidtwco
Safe Transmute: Fix ICE (due to UnevaluatedConst)

This patch updates the code that looks at the `Assume` type when evaluating if transmutation is possible. An ICE was being triggered in the case that the `Assume` parameter contained an unevaluated const (in this test case, due to a function with missing parameter names).

Fixes #110892
2023-07-18 09:07:32 +00:00
Bryan Garza
ef50e204f3 Safe Transmute: Fix ICE (due to UnevaluatedConst)
This patch updates the code that looks at the `Assume` type when evaluating if
transmutation is possible. An ICE was being triggered in the case that the
`Assume` parameter contained an unevaluated const (in this test case, due to a
function with missing parameter names).

Fixes #110892
2023-07-17 09:43:35 -07:00
Bryan Garza
6b214bbc11 Enable co-induction support for Safe Transmute
This patch adds the `#[rustc_coinductive]` annotation to
`BikeshedIntrinsicFrom`, so that it's possible to compute transmutability for
recursive types.
2023-06-29 15:11:35 -07:00
Bryan Garza
f4cf8f65a5 Safe Transmute: Refactor error handling and Answer type
- Create `Answer` type that is not just a type alias of `Result`
- Remove a usage of `map_layouts` to make the code easier to read
- Don't hide errors related to Unknown Layout when computing transmutability
2023-06-12 16:56:21 -07:00
Bryan Garza
64a54df86f Safe Transmute: Disable coinduction support
This patch just removes the `#[rustc_coinductive]` annotation from `BikeshedIntrinsicFrom` and flips the related tests to `check-fail`. Once an FCP for setting the annotation on the trait is approved, it could be enabled again.
2023-06-07 08:21:00 -07:00
Bryan Garza
d2164d5c9a Safe Transmute: Update definition of Condition type
- Change `Condition` to not contain `Answer`s but instead just contain other
  `Condition`s directly.
- Also improve error reporting for `DstHasStricterAlignment`
2023-05-24 17:49:56 -07:00
Bryan Garza
6266358237 Safe Transmute: Check mutability before creating dst -> src obligation
- Only create dst -> src obligation if Dst is mutable
- Add some long comments to explain parts of the transmutability code that were
  unclear to me when reading
- Update/add tests
2023-05-24 15:00:06 -07:00