mirror of
https://github.com/rust-lang/rust.git
synced 2024-11-22 06:44:35 +00:00
20b1dadf92
stabilize Strict Provenance and Exposed Provenance APIs Given that [RFC 3559](https://rust-lang.github.io/rfcs/3559-rust-has-provenance.html) has been accepted, t-lang has approved the concept of provenance to exist in the language. So I think it's time that we stabilize the strict provenance and exposed provenance APIs, and discuss provenance explicitly in the docs: ```rust // core::ptr pub const fn without_provenance<T>(addr: usize) -> *const T; pub const fn dangling<T>() -> *const T; pub const fn without_provenance_mut<T>(addr: usize) -> *mut T; pub const fn dangling_mut<T>() -> *mut T; pub fn with_exposed_provenance<T>(addr: usize) -> *const T; pub fn with_exposed_provenance_mut<T>(addr: usize) -> *mut T; impl<T: ?Sized> *const T { pub fn addr(self) -> usize; pub fn expose_provenance(self) -> usize; pub fn with_addr(self, addr: usize) -> Self; pub fn map_addr(self, f: impl FnOnce(usize) -> usize) -> Self; } impl<T: ?Sized> *mut T { pub fn addr(self) -> usize; pub fn expose_provenance(self) -> usize; pub fn with_addr(self, addr: usize) -> Self; pub fn map_addr(self, f: impl FnOnce(usize) -> usize) -> Self; } impl<T: ?Sized> NonNull<T> { pub fn addr(self) -> NonZero<usize>; pub fn with_addr(self, addr: NonZero<usize>) -> Self; pub fn map_addr(self, f: impl FnOnce(NonZero<usize>) -> NonZero<usize>) -> Self; } ``` I also did a pass over the docs to adjust them, because this is no longer an "experiment". The `ptr` docs now discuss the concept of provenance in general, and then they go into the two families of APIs for dealing with provenance: Strict Provenance and Exposed Provenance. I removed the discussion of how pointers also have an associated "address space" -- that is not actually tracked in the pointer value, it is tracked in the type, so IMO it just distracts from the core point of provenance. I also adjusted the docs for `with_exposed_provenance` to make it clear that we cannot guarantee much about this function, it's all best-effort. There are two unstable lints associated with the strict_provenance feature gate; I moved them to a new [strict_provenance_lints](https://github.com/rust-lang/rust/issues/130351) feature since I didn't want this PR to have an even bigger FCP. ;) `@rust-lang/opsem` Would be great to get some feedback on the docs here. :) Nominating for `@rust-lang/libs-api.` Part of https://github.com/rust-lang/rust/issues/95228. [FCP comment](https://github.com/rust-lang/rust/pull/130350#issuecomment-2395114536) |
||
|---|---|---|
| .. | ||
| rustc | ||
| rustc_abi | ||
| rustc_arena | ||
| rustc_ast | ||
| rustc_ast_ir | ||
| rustc_ast_lowering | ||
| rustc_ast_passes | ||
| rustc_ast_pretty | ||
| rustc_attr | ||
| rustc_baked_icu_data | ||
| rustc_borrowck | ||
| rustc_builtin_macros | ||
| rustc_codegen_cranelift | ||
| rustc_codegen_gcc | ||
| rustc_codegen_llvm | ||
| rustc_codegen_ssa | ||
| rustc_const_eval | ||
| rustc_data_structures | ||
| rustc_driver | ||
| rustc_driver_impl | ||
| rustc_error_codes | ||
| rustc_error_messages | ||
| rustc_errors | ||
| rustc_expand | ||
| rustc_feature | ||
| rustc_fluent_macro | ||
| rustc_fs_util | ||
| rustc_graphviz | ||
| rustc_hir | ||
| rustc_hir_analysis | ||
| rustc_hir_pretty | ||
| rustc_hir_typeck | ||
| rustc_incremental | ||
| rustc_index | ||
| rustc_index_macros | ||
| rustc_infer | ||
| rustc_interface | ||
| rustc_lexer | ||
| rustc_lint | ||
| rustc_lint_defs | ||
| rustc_llvm | ||
| rustc_log | ||
| rustc_macros | ||
| rustc_metadata | ||
| rustc_middle | ||
| rustc_mir_build | ||
| rustc_mir_dataflow | ||
| rustc_mir_transform | ||
| rustc_monomorphize | ||
| rustc_next_trait_solver | ||
| rustc_parse | ||
| rustc_parse_format | ||
| rustc_passes | ||
| rustc_pattern_analysis | ||
| rustc_privacy | ||
| rustc_query_impl | ||
| rustc_query_system | ||
| rustc_resolve | ||
| rustc_sanitizers | ||
| rustc_serialize | ||
| rustc_session | ||
| rustc_smir | ||
| rustc_span | ||
| rustc_symbol_mangling | ||
| rustc_target | ||
| rustc_trait_selection | ||
| rustc_traits | ||
| rustc_transmute | ||
| rustc_ty_utils | ||
| rustc_type_ir | ||
| rustc_type_ir_macros | ||
| stable_mir | ||