Commit Graph

7998 Commits

Author SHA1 Message Date
bors
395a09c3da Auto merge of #97553 - nbdd0121:lib, r=Mark-Simulacrum
Add `#[inline]` to `Vec`'s `Deref/DerefMut`

This should help #97552 (although I haven't verified).
2022-06-01 04:52:11 +00:00
bors
02916c4c75 Auto merge of #97435 - Patryk27:bump-compiler-builtins, r=Dylan-DPC
library/std: Bump compiler_builtins

Some neat changes include faster float conversions & fixes for AVR 🙂

(note that's it's my first time upgrading `compiler_builtins`, so I'm not 100% sure if bumping `library/std/Cargo.toml` is enough; certainly seems to be so, though.)
2022-06-01 01:49:04 +00:00
Matthias Krüger
31fccd1a44
Rollup merge of #97596 - WaffleLapkin:fixup_feature_name, r=compiler-errors
Fixup feature name to be more consistent with others

`slice_from_mut_ptr_range_const` -> `const_slice_from_mut_ptr_range`, we usually have `const` in the front.

I've made a typo in  #97419
2022-05-31 23:11:37 +02:00
Matthias Krüger
0d1e5465f3
Rollup merge of #97578 - ojeda:checkpatch, r=JohnTitor
alloc: remove repeated word in comment

Linux's `checkpatch.pl` reports:

```txt
#42544: FILE: rust/alloc/vec/mod.rs:2692:
WARNING: Possible repeated word: 'to'
+            // - Elements are :Copy so it's OK to to copy them, without doing
```

Signed-off-by: Miguel Ojeda <ojeda@kernel.org>
2022-05-31 23:11:35 +02:00
Matthias Krüger
4f4a819fa9
Rollup merge of #97316 - CAD97:bound-misbehavior, r=dtolnay
Put a bound on collection misbehavior

As currently written, when a logic error occurs in a collection's trait parameters, this allows *completely arbitrary* misbehavior, so long as it does not cause undefined behavior in std. However, because the extent of misbehavior is not specified, it is allowed for *any* code in std to start misbehaving in arbitrary ways which are not formally UB; consider the theoretical example of a global which gets set on an observed logic error. Because the misbehavior is only bound by not resulting in UB from safe APIs and the crate-level encapsulation boundary of all of std, this makes writing user unsafe code that utilizes std theoretically impossible, as it now relies on undocumented QOI (quality of implementation) that unrelated parts of std cannot be caused to misbehave by a misuse of std::collections APIs.

In practice, this is a nonconcern, because std has reasonable QOI and an implementation that takes advantage of this freedom is essentially a malicious implementation and only compliant by the most langauage-lawyer reading of the documentation.

To close this hole, we just add a small clause to the existing logic error paragraph that ensures that any misbehavior is limited to the collection which observed the logic error, making it more plausible to prove the soundness of user unsafe code.

This is not meant to be formal; a formal refinement would likely need to mention that values derived from the collection can also misbehave after a logic error is observed, as well as define what it means to "observe" a logic error in the first place. This fix errs on the side of informality in order to close the hole without complicating a normal reading which can assume a reasonable nonmalicious QOI.

See also [discussion on IRLO][1].

[1]: https://internals.rust-lang.org/t/using-std-collections-and-unsafe-anything-can-happen/16640

r? rust-lang/libs-api ```@rustbot``` label +T-libs-api -T-libs

This technically adds a new guarantee to the documentation, though I argue as written it's one already implicitly provided.
2022-05-31 23:11:34 +02:00
Maybe Waffle
2aef6c5436 Fixup feature name to be more consistent with others
`slice_from_mut_ptr_range_const` -> `const_slice_from_mut_ptr_range`,
we usually have `const` in the front.
2022-05-31 23:12:28 +04:00
bors
0a43923a86 Auto merge of #97419 - WaffleLapkin:const_from_ptr_range, r=oli-obk
Make `from{,_mut}_ptr_range` const

This PR makes the following APIs `const`:
```rust
// core::slice

pub const unsafe fn from_ptr_range<'a, T>(range: Range<*const T>) -> &'a [T];
pub const unsafe fn from_mut_ptr_range<'a, T>(range: Range<*mut T>) -> &'a mut [T];
```

Tracking issue: #89792.
Feature for `from_ptr_range` as a `const fn`: `slice_from_ptr_range_const`.
Feature for `from_mut_ptr_range` as a `const fn`: `slice_from_mut_ptr_range_const`.

r? `@oli-obk`
2022-05-31 14:55:33 +00:00
bors
16a0d03698 Auto merge of #97521 - SkiFire13:clarify-vec-as-ptr, r=Dylan-DPC
Clarify the guarantees of Vec::as_ptr and Vec::as_mut_ptr when there's no allocation

Currently the documentation says they return a pointer to the vector's buffer, which has the implied precondition that the vector allocated some memory. However `Vec`'s documentation also specifies that it won't always allocate, so it's unclear whether the pointer returned is valid in that case. Of course you won't be able to read/write actual bytes to/from it since the capacity is 0, but there's an exception: zero sized read/writes. They are still valid as long as the pointer is not null and the memory it points to wasn't deallocated, but `Vec::as_ptr` and `Vec::as_mut_ptr` don't specify that's not the case. This PR thus specifies they are actually valid for zero sized reads since `Vec` is implemented to hold a dangling pointer in those cases, which is neither null nor was deallocated.
2022-05-31 12:14:51 +00:00
Miguel Ojeda
5dae6c1b96 alloc: remove repeated word in comment
Linux's `checkpatch.pl` reports:

```txt
#42544: FILE: rust/alloc/vec/mod.rs:2692:
WARNING: Possible repeated word: 'to'
+            // - Elements are :Copy so it's OK to to copy them, without doing
```

Signed-off-by: Miguel Ojeda <ojeda@kernel.org>
2022-05-31 12:33:31 +02:00
bors
dcbd5f5134 Auto merge of #97526 - Nilstrieb:unicode-is-printable-fastpath, r=joshtriplett
Add unicode fast path to `is_printable`

Before, it would enter the full expensive check even for normal ascii characters. Now, it skips the check for the ascii characters in `32..127`. This range was checked manually from the current behavior.

I ran the `tracing` test suite in miri, and it was really slow. I looked at a profile, and miri spent most of the time in `core::char::methods::escape_debug_ext`, where half of that was dominated by `core::unicode::printable::is_printable`. So I optimized it here.

The tracing profile:
![The tracing profile](https://user-images.githubusercontent.com/48135649/170883650-23876e7b-3fd1-4e8b-9001-47672e06d914.svg)
2022-05-31 09:34:00 +00:00
Nilstrieb
3358a41acb Add unicode fast path to is_printable
Before, it would enter the full expensive check even for normal ascii
characters. Now, it skips the check for the ascii characters in
`32..127`. This range was checked manually from the current behavior.
2022-05-31 10:51:35 +02:00
bors
d35d972e69 Auto merge of #97574 - Dylan-DPC:rollup-jq850l6, r=Dylan-DPC
Rollup of 6 pull requests

Successful merges:

 - #97089 (Improve settings theme display)
 - #97229 (Document the current aliasing rules for `Box<T>`.)
 - #97371 (Suggest adding a semicolon to a closure without block)
 - #97455 (Stabilize `toowned_clone_into`)
 - #97565 (Add doc alias `memset` to `write_bytes`)
 - #97569 (Remove `memset` alias from `fill_with`.)

Failed merges:

r? `@ghost`
`@rustbot` modify labels: rollup
2022-05-31 06:53:02 +00:00
Dylan DPC
efd2519e10
Rollup merge of #97569 - thomcc:fill_with_isnt_memset, r=Amanieu
Remove `memset` alias from `fill_with`.

In https://rust-lang.zulipchat.com/#narrow/stream/219381-t-libs/topic/Unsafe.20and.20Safe.20versions.20of.20APIs.20both.20getting.20the.20same.20alias/near/284413029 `@Amanieu` pointed out that we had this, which is not really right.

In our guidelines we say that we will "not add an alias for a function that's only somewhat similar or related", which applies here. Memset doesn't take a closure, not even conceptually.
2022-05-31 07:57:37 +02:00
Dylan DPC
5885e6d453
Rollup merge of #97565 - lukas-code:patch-1, r=thomcc
Add doc alias `memset` to `write_bytes`

I were looking for `memset` in rust, but the docs only pointed me to `slice::fill`.

With only the old aliases, one might write code like this, which is incorrect if the memory is uninitialized.
``` Rust
core::slice::from_raw_parts(ptr, len).fill(0)
```
2022-05-31 07:57:36 +02:00
Dylan DPC
bf248c82e8
Rollup merge of #97455 - JohnTitor:stabilize-toowned-clone-into, r=dtolnay
Stabilize `toowned_clone_into`

Closes #41263
FCP has been done: https://github.com/rust-lang/rust/issues/41263#issuecomment-1100760750
2022-05-31 07:57:35 +02:00
Dylan DPC
9c72f16b9f
Rollup merge of #97229 - Nilstrieb:doc-box-noalias, r=dtolnay
Document the current aliasing rules for `Box<T>`.

Currently, `Box<T>` gets `noalias`, meaning it has the same rules as `&mut T`. This is sparsely documented, even though it can have quite a big impact on unsafe code using box. Therefore, these rules are documented here, with a big warning that they are not normative and subject to change, since we have not yet committed to an aliasing model and the state of `Box<T>` is especially uncertain.

If you have any suggestions and improvements, make sure to leave them here. This is mostly intended to inform people about what is currently going on (to prevent misunderstandings such as [Jon Gjengset's Box aliasing](https://www.youtube.com/watch?v=EY7Wi9fV5bk)).

This is supposed to _only document current UB_ and not add any new guarantees or rules.
2022-05-31 07:57:33 +02:00
bors
989b806f61 Auto merge of #96881 - est31:join_osstr, r=dtolnay
Implement [OsStr]::join

Implements join for `OsStr` and `OsString` slices:

```Rust
    let strings = [OsStr::new("hello"), OsStr::new("dear"), OsStr::new("world")];
    assert_eq!("hello dear world", strings.join(OsStr::new(" ")));
````

This saves one from converting to strings and back, or from implementing it manually.

This PR has been re-filed after #96744 was first accidentally merged and then reverted.

The change is instantly stable and thus:

r? rust-lang/libs-api `@rustbot` label +T-libs-api -T-libs

cc `@thomcc` `@m-ou-se` `@faptc`
2022-05-31 04:28:29 +00:00
David Tolnay
e6b1003c95
BTreeSet->BTreeMap (fix copy/paste mistake in documentation)
Co-authored-by: lcnr <rust@lcnr.de>
2022-05-30 17:56:35 -07:00
David Tolnay
ffd7f5873e
Fix typo uniqeness -> uniqueness 2022-05-30 16:49:28 -07:00
Thom Chiovoloni
de3ac3c3f8
Remove memset alias from fill_with. 2022-05-30 16:26:00 -07:00
Michael Goulet
3c0b9d50ae
Rollup merge of #89685 - DeveloperC286:iter_fields_to_private, r=oli-obk
refactor: VecDeques Iter fields to private

Made the fields of VecDeque's Iter private by creating a Iter::new(...) function to create a new instance of Iter and migrating usage to use Iter::new(...).
2022-05-30 15:57:27 -07:00
Lukas
e565bb0326 Update mut_ptr.rs 2022-05-31 00:41:39 +02:00
Lukas
7a9c13985e
Update intrinsics.rs 2022-05-30 22:38:29 +00:00
bors
4a8d2e3856 Auto merge of #97480 - conradludgate:faster-format-literals, r=joshtriplett
improve format impl for literals

The basic idea of this change can be seen here https://godbolt.org/z/MT37cWoe1.

Updates the format impl to have a fast path for string literals and the default path for regular format args.

This change will allow `format!("string literal")` to be used interchangably with `"string literal".to_owned()`.

This would be relevant in the case of `f!"string literal"` being legal (https://github.com/rust-lang/rfcs/pull/3267) in which case it would be the easiest way to create owned strings from literals, while also being just as efficient as any other impl
2022-05-30 17:39:58 +00:00
Gary Guo
0a7a0ff4d9 Add #[inline] to Vec's Deref/DerefMut 2022-05-30 15:11:53 +01:00
Dylan DPC
a352ad500d
Rollup merge of #97545 - thomcc:sip-comment-safety, r=Dylan-DPC
Reword safety comments in core/hash/sip.rs

In https://rust-lang.zulipchat.com/#narrow/stream/136281-t-lang.2Fwg-unsafe-code-guidelines/topic/Is.20there.20any.20way.20to.20soundly.20do.20a.20masked.20out-of-bounds.20read.3F/near/284329248 it came up that this is using an atypical (and somewhat vague) phrasing of the safety requirement, so this slightly rewords it.
2022-05-30 14:33:53 +02:00
Dylan DPC
8fd9e24b9a
Rollup merge of #97499 - est31:master, r=Dylan-DPC
Remove "sys isn't exported yet" phrase

The oldest occurence is from 9e224c2bf1,
which is from the pre-1.0 days. In the years since then, std::sys still
hasn't been exported, and the last attempt was met with strong criticism:
https://github.com/rust-lang/rust/pull/97151

Thus, removing the "yet" part makes a lot of sense.
2022-05-30 14:33:49 +02:00
Dylan DPC
0ed320bdb9
Rollup merge of #97494 - est31:remove_box_alloc_tests, r=Dylan-DPC
Use Box::new() instead of box syntax in library tests

The tests inside `library/*` have no reason to use `box` syntax as they have 0 performance relevance. Therefore, we can safely remove them (instead of having to use alternatives like the one in #97293).
2022-05-30 14:33:48 +02:00
Maybe Waffle
10ee6f8e06 Rename slice_from_ptr_range_const -> const_slice_from_ptr_range
This is in line with other `const fn` features.
2022-05-30 15:44:56 +04:00
Maybe Waffle
ff9efd8a55 Add reexport of slice::from{,_mut}_ptr_range to alloc & std
At first I was confused why `std::slice::from_ptr_range` didn't work :D
2022-05-30 15:44:56 +04:00
Maybe Waffle
19caa8c89b Make from{,_mut}_ptr_range const
- `from_ptr_range` uses `#![feature(slice_from_ptr_range_const)]`
- `from_mut_ptr_range` uses `#![feature(slice_from_mut_ptr_range_const)]`
2022-05-30 15:44:55 +04:00
est31
6d63d3b888 Remove "sys isn't exported yet" phrase
The oldest occurence is from 9e224c2bf1,
which is from the pre-1.0 days. In the years since then, std::sys still
hasn't been exported, and the last attempt was met with strong criticism:
https://github.com/rust-lang/rust/pull/97151

Thus, removing the "yet" part makes a lot of sense.
2022-05-30 12:07:43 +02:00
bors
5c780b98d1 Auto merge of #96964 - oli-obk:const_trait_mvp, r=compiler-errors
Replace `#[default_method_body_is_const]` with `#[const_trait]`

pulled out of #96077

related issues:  #67792 and #92158

cc `@fee1-dead`

This is groundwork to only allowing `impl const Trait` for traits that are marked with `#[const_trait]`. This is necessary to prevent adding a new default method from becoming a breaking change (as it could be a non-const fn).
2022-05-30 09:19:03 +00:00
Deadbeef
257f06587c Remove #[default..] and add #[const_trait] 2022-05-30 08:52:24 +00:00
Thom Chiovoloni
eeacb4403c
Reword safety comments in core/hash/sip.rs 2022-05-30 01:06:08 -07:00
bors
28b891916d Auto merge of #97514 - WaffleLapkin:panick, r=Dylan-DPC
Fix typo (panick -> panic)

Fix typo (panick -> panic) in `std::error` module docs.
2022-05-29 19:42:39 +00:00
Conrad Ludgate
5dd0fe301a remove useless cold 2022-05-29 20:40:56 +01:00
Conrad Ludgate
3f404bfa86 improve format impl for literals 2022-05-29 20:40:56 +01:00
bors
bef2b7cd1c Auto merge of #97214 - Mark-Simulacrum:stage0-bump, r=pietroalbini
Finish bumping stage0

It looks like the last time had left some remaining cfg's -- which made me think
that the stage0 bump was actually successful. This brings us to a released 1.62
beta though.

This now brings us to cfg-clean, with the exception of check-cfg-features in bootstrap;
I'd prefer to leave that for a separate PR at this time since it's likely to be more tricky.

cc https://github.com/rust-lang/rust/pull/97147#issuecomment-1132845061

r? `@pietroalbini`
2022-05-29 16:28:21 +00:00
Giacomo Stevanato
8ef2dd70e6 Clarify the guarantees of Vec::as_ptr and Vec::as_mut_ptr when there's no allocation 2022-05-29 17:43:35 +02:00
Maybe Waffle
f344d569b4 Fix typo (panick -> panic) 2022-05-29 13:14:59 +04:00
est31
cdb8e64bc7 Use Box::new() instead of box syntax in core tests 2022-05-29 01:44:11 +02:00
est31
d75c60f9a3 Use Box::new() instead of box syntax in std tests 2022-05-29 01:44:11 +02:00
Guillaume Gomez
774d7ced10
Rollup merge of #97482 - RalfJung:ptr-invalid, r=thomcc
ptr::invalid is not equivalent to a int2ptr cast

I just realized I forgot to update these docs when adding `from_exposed_addr`.
Right now the docs say `invalid` and `from_exposed_addr` are both equivalent to a cast, and that is clearly not what we want.

Cc ``@Gankra``
2022-05-29 01:12:33 +02:00
est31
7230a15c32 Use Box::new() instead of box syntax in alloc tests 2022-05-29 00:41:14 +02:00
bors
1fede1753c Auto merge of #97207 - RalfJung:backtrace, r=Mark-Simulacrum
update libbacktrace

It seems like previously we were on a tag of the backtrace repo; not sure if there is a policy that it should always be a tag?

Cc https://github.com/rust-lang/backtrace-rs/pull/462 `@alexcrichton` `@DrMeepster`
2022-05-28 19:30:58 +00:00
bors
116201eefe Auto merge of #97461 - eddyb:proc-macro-less-payload, r=bjorn3
proc_macro: don't pass a client-side function pointer through the server.

Before this PR, `proc_macro::bridge::Client<F>` contained both:
* the C ABI entry-point `run`, that the server can call to start the client
* some "payload" `f: F` passed to that entry-point
  * in practice, this was always a (client-side Rust ABI) `fn` pointer to the actual function the proc macro author wrote, i.e. `#[proc_macro] fn foo(input: TokenStream) -> TokenStream`

In other words, the client was passing one of its (Rust) `fn` pointers to the server, which was passing it back to the client, for the client to call (see later below for why that was ever needed).

I was inspired by `@nnethercote's` attempt to remove the `get_handle_counters` field from `Client` (see https://github.com/rust-lang/rust/pull/97004#issuecomment-1139273301), which combined with removing the `f` ("payload") field, could theoretically allow for a `#[repr(transparent)]` `Client` that mostly just newtypes the C ABI entry-point `fn` pointer <sub>(and in the context of e.g. wasm isolation, that's *all* you want, since you can reason about it from outside the wasm VM, as just a 32-bit "function table index", that you can pass to the wasm VM to call that function)</sub>.

<hr/>

So this PR removes that "payload". But it's not a simple refactor: the reason the field existed in the first place is because monomorphizing over a function type doesn't let you call the function without having a value of that type, because function types don't implement anything like `Default`, i.e.:
```rust
extern "C" fn ffi_wrapper<A, R, F: Fn(A) -> R>(arg: A) -> R {
    let f: F = ???; // no way to get a value of `F`
    f(arg)
}
```
That could be solved with something like this, if it was allowed:
```rust
extern "C" fn ffi_wrapper<
    A, R,
    F: Fn(A) -> R,
    const f: F // not allowed because the type is a generic param
>(arg: A) -> R {
    f(arg)
}
```

Instead, this PR contains a workaround in `proc_macro::bridge::selfless_reify` (see its module-level comment for more details) that can provide something similar to the `ffi_wrapper` example above, but limited to `F` being `Copy` and ZST (and requiring an `F` value to prove the caller actually can create values of `F` and it's not uninhabited or some other unsound situation).

<hr/>

Hopefully this time we don't have a performance regression, and this has a chance to land.

cc `@mystor` `@bjorn3`
2022-05-28 16:49:52 +00:00
Ralf Jung
852777eff1 note to future self 2022-05-28 18:15:04 +02:00
Ralf Jung
ad33519455 ptr::invalid is not equivalent to a int2ptr cast 2022-05-28 12:39:36 +02:00
Dylan DPC
529fcb579b
Rollup merge of #97448 - Xiretza:os-str-unix-doc, r=joshtriplett
docs: Don't imply that OsStr on Unix is always UTF-8

The methods in `OsStrExt` consume and return `&[u8]` and don't perform any UTF-8 checks.
2022-05-28 08:45:53 +02:00