| Age | Commit message (Collapse) | Author | Lines |
|
|
|
r=workingjubilee
core::ptr: deduplicate docs for as_ref, addr, and as_uninit_ref
also add INFO.md file explaining the purpose of the ptr/docs dir, and give some pointers (heh) to future maintainers.
follow up to rust-lang/rust#142101
part of rust-lang/rust#139190
r? `@workingjubilee`
|
|
also add INFO.md file explaining the purpouse of the ptr/docs dir.
|
|
|
|
AudaciousAxiom:docs/missing-closing-code-block-fences, r=tgross35
docs(std): add missing closing code block fences in doc comments
This PR adds a few closing code block fences which I believe are missing in some doc comments. It seems that rustdoc just autocloses code blocks at the end of doc comments and thus these were easily overlooked: I do not think these code blocks are special in any way.
I found these when working on a Clippy lint that checks the last sentence of doc comments for terminal punctuation, and these were failing cases when testing against the std. Therefore I am not entirely sure these are all such cases, but still have high hopes that they are (or at least a well-defined subset of them).
|
|
Constify conversion traits (part 1)
This is the first part of rust-lang/rust#144289 being split into smaller pieces. It adds/moves constness of several traits under the `const_convert` feature:
* `From`
* `Into`
* `TryFrom`
* `TryInto`
* `FromStr`
* `AsRef`
* `AsMut`
* `Borrow`
* `BorrowMut`
* `Deref`
* `DerefMut`
There are a few methods that are intrinsically tied to these traits which I've included in the feature. Particularly, those which are wrappers over `AsRef`:
* `ByteStr::new` (unstable under `bstr` feature)
* `OsStr::new`
* `Path::new`
Those which directly use `Into`:
* `Result::into_ok`
* `Result::into_err`
And those which use `Deref` and `DerefMut`:
* `Pin::as_ref`
* `Pin::as_mut`
* `Pin::as_deref_mut`
* `Option::as_deref`
* `Option::as_deref_mut`
* `Result::as_deref`
* `Result::as_deref_mut`
(note: the `Option` and `Result` methods were suggested by ``@npmccallum`` initially as rust-lang/rust#146101)
The parts which are missing from this PR are:
* Anything that involves heap-allocated types
* Making any method const than the ones listed above
* Anything that could rely on the above, *or* could rely on system-specific code for `OsStr` or `Path` (note: this mostly makes these methods useless since `str` doesn't implement `AsRef<OsStr>` yet, but it's better to track the method for now and add impls later, IMHO)
r? ``@tgross35`` (who mostly already reviewed this)
|
|
|
|
|
|
The current documentation is not clear whether adding `a` to a pointer overaligns (align up) or underaligns (align down).
It should say this explicitly.
|
|
Mention that casting to *const () is a way to roundtrip with from_raw_parts
See discussion on rust-lang/rust#81513
|
|
|
|
const-eval: full support for pointer fragments
This fixes https://github.com/rust-lang/const-eval/issues/72 and makes `swap_nonoverlapping` fully work in const-eval by enhancing per-byte provenance tracking with tracking of *which* of the bytes of the pointer this one is. Later, if we see all the same bytes in the exact same order, we can treat it like a whole pointer again without ever risking a leak of the data bytes (that encode the offset into the allocation). This lifts the limitation that was discussed quite a bit in https://github.com/rust-lang/rust/pull/137280.
For a concrete piece of code that used to fail and now works properly consider this example doing a byte-for-byte memcpy in const without using intrinsics:
```rust
use std::{mem::{self, MaybeUninit}, ptr};
type Byte = MaybeUninit<u8>;
const unsafe fn memcpy(dst: *mut Byte, src: *const Byte, n: usize) {
let mut i = 0;
while i < n {
*dst.add(i) = *src.add(i);
i += 1;
}
}
const _MEMCPY: () = unsafe {
let ptr = &42;
let mut ptr2 = ptr::null::<i32>();
// Copy from ptr to ptr2.
memcpy(&mut ptr2 as *mut _ as *mut _, &ptr as *const _ as *const _, mem::size_of::<&i32>());
assert!(*ptr2 == 42);
};
```
What makes this code tricky is that pointers are "opaque blobs" in const-eval, we cannot just let people look at the individual bytes since *we don't know what those bytes look like* -- that depends on the absolute address the pointed-to object will be placed at. The code above "breaks apart" a pointer into individual bytes, and then puts them back together in the same order elsewhere. This PR implements the logic to properly track how those individual bytes relate to the original pointer, and to recognize when they are in the right order again.
We still reject constants where the final value contains a not-fully-put-together pointer: I have no idea how one could construct an LLVM global where one byte is defined as "the 3rd byte of a pointer to that other global over there" -- and even if LLVM supports this somehow, we can leave implementing that to a future PR. It seems unlikely to me anyone would even want this, but who knows.^^
This also changes the behavior of Miri, by tracking the order of bytes with provenance and only considering a pointer to have valid provenance if all bytes are in the original order again. This is related to https://github.com/rust-lang/unsafe-code-guidelines/issues/558. It means one cannot implement XOR linked lists with strict provenance any more, which is however only of theoretical interest. Practically I am curious if anyone will show up with any code that Miri now complains about - that would be interesting data. Cc `@rust-lang/opsem`
|
|
|
|
Implement `ptr_cast_array`
ACP: https://github.com/rust-lang/libs-team/issues/602
Tracking Issue: https://github.com/rust-lang/rust/issues/144514
|
|
Add `cast_init` and `cast_uninit` methods for pointers
ACP: rust-lang/libs-team#627
Tracking issue: rust-lang/rust#145036
This includes an incredibly low-effort search to find uses that could be switched to using these methods. I only searched for `cast::<\w>` and `cast::<MaybeUninit` because there would otherwise be way too much to look through, and I also didn't modify anything inside submodules/subtrees.
|
|
|
|
Signed-off-by: Sacha Ayoun <sachaayoun@gmail.com>
|
|
|
|
Since it's cfg'd instead of type-aliased
|
|
|
|
|
|
|
|
Remove the ptr_unique lang item
Miri no longer uses it since https://github.com/rust-lang/miri/pull/4307.
|
|
Constify Try, From, TryFrom and relevant traits
|
|
|
|
address clippy formatting nits
- int_log10.rs: change top level doc comments to outer
- collect.rs: remove empty line after doc comment
- clippy fix: markdown indentation for indented items after line break: a markdown list item continued over multiples lines, but those following lines which are part of the same item are not indented
- clippy fix: bound in one place: when there is a bound in angle brackets and another bound on the same variable in a where clause
|
|
Miri no longer uses it.
|
|
According to
https://discourse.llvm.org/t/rfc-volatile-access-to-non-dereferenceable-memory-may-be-well-defined/86303/4,
LLVM allows volatile operations on null and handles it correctly. This
should be allowed in Rust as well, because I/O memory may be hard-coded
to address 0 in some cases, like the AVR chip ATtiny1626.
A test case that ensured a failure when passing null to volatile was
removed, since it's now valid.
Due to the addition of `maybe_is_aligned` to `ub_checks`,
`maybe_is_aligned_and_not_null` was refactored to use it.
docs: revise restrictions on volatile operations
A distinction between usage on Rust memory vs. non-Rust memory was
introduced. Documentation was reworded to explain what that means, and
make explicit that:
- No trapping can occur from volatile operations;
- On Rust memory, all safety rules must be respected;
- On Rust memory, the primary difference from regular access is that
volatile always involves a memory dereference;
- On Rust memory, the only data affected by an operation is the one
pointed to in the argument(s) of the function;
- On Rust memory, provenance follows the same rules as non-volatile
access;
- On non-Rust memory, any address known to not contain Rust memory is
valid (including 0 and usize::MAX);
- On non-Rust memory, no Rust memory may be affected (it is implicit
that any other non-Rust memory may be affected, though, even if not
referenced by the pointer). This should be relevant when, for example,
reading register A causes a flag to change in register B, or writing
to A causes B to change in some way. Everything affected mustn't be
inside an allocation.
- On non-Rust memory, provenance is irrelevant and a pointer with none
can be used in a valid way.
fix: don't lint null as UB for volatile
Also remove a now-unneeded `allow` line.
fix: additional wording nits
|
|
|
|
r=oli-obk
Change "allocated object" to "allocation".
These seem like they were missed in <https://github.com/rust-lang/rust/pull/141224>
|
|
These seem like they were missed in <https://github.com/rust-lang/rust/pull/141224>
|
|
|
|
|
|
Full list of `impl const Default` types:
- ()
- bool
- char
- Cell
- std::ascii::Char
- usize
- u8
- u16
- u32
- u64
- u128
- i8
- i16
- i32
- i64
- i128
- f16
- f32
- f64
- f128
- std::marker::PhantomData<T>
- Option<T>
- std::iter::Empty<T>
- std::ptr::Alignment
- &[T]
- &mut [T]
- &str
- &mut str
- String
- Vec<T>
|
|
|
|
|
|
|
|
|
|
Rollup of 13 pull requests
Successful merges:
- rust-lang/rust#138538 (Make performance description of String::{insert,insert_str,remove} more precise)
- rust-lang/rust#141946 (std: refactor explanation of `NonNull`)
- rust-lang/rust#142216 (Miscellaneous RefCell cleanups)
- rust-lang/rust#142542 (Manually invalidate caches in SimplifyCfg.)
- rust-lang/rust#142563 (Refine run-make test ignores due to unpredictable `i686-pc-windows-gnu` unwind mechanism)
- rust-lang/rust#142570 (Reject union default field values)
- rust-lang/rust#142584 (Handle same-crate macro for borrowck semicolon suggestion)
- rust-lang/rust#142585 (Update books)
- rust-lang/rust#142586 (Fold unnecessary `visit_struct_field_def` in AstValidator)
- rust-lang/rust#142587 (Make sure to propagate result from `visit_expr_fields`)
- rust-lang/rust#142595 (Revert overeager warning for misuse of `--print native-static-libs`)
- rust-lang/rust#142598 (Set elf e_flags on ppc64 targets according to abi)
- rust-lang/rust#142601 (Add a comment to `FORMAT_VERSION`.)
r? `@ghost`
`@rustbot` modify labels: rollup
|
|
std: refactor explanation of `NonNull`
Fixes rust-lang/rust#141933
I cut out the excessive explanation and used an example to explain how to maintain invariance, but I think what is quoted in the *rust reference* in the document needs to be added with a more layman's explanation and example.
(I'm not sure if I deleted too much)
r? `@workingjubilee`
|
|
As core uses an extern type (`ptr::VTable`), the default `?Sized` to
`MetaSized` migration isn't sufficient, and some code that previously
accepted `VTable` needs relaxed to continue to accept extern types.
Similarly, the compiler uses many extern types in `rustc_codegen_llvm`
and in the `rustc_middle::ty::List` implementation (`OpaqueListContents`)
some bounds must be relaxed to continue to accept these types.
Unfortunately, due to the current inability to relax `Deref::Target`,
some of the bounds in the standard library are forced to be stricter than
they ideally would be.
|
|
r=workingjubilee
core::ptr: deduplicate more method docs
used `rg -Fxf library/core/src/ptr/{const,mut}_ptr.rs` to find duplicated doc comments, and `diff -u` after copying them to files to ensure they are actually identical.
`sed 's| */// *||'` was then used to translate the doc comments to plain markdown.
part of https://github.com/rust-lang/rust/issues/139190
|
|
|
|
|
|
Streamlined the explanation of covariance for `NonNull<T>`,
focusing on practical usage and reducing scary explanation.
Added a concise example for cases where invariance is required,
showing how to use `PhantomData<Cell<T>>
Signed-off-by: xizheyin <xizheyin@smail.nju.edu.cn>
|
|
|
|
r=workingjubilee
core: begin deduplicating pointer docs
this also cleans up two inconsistancies:
1. both doctests on the ::add methods were actually calling the const version.
2. on of the ::offset methods was missing a line of clarification.
part of https://github.com/rust-lang/rust/issues/139190
|
|
Add some track_caller info to precondition panics
Currently, when you encounter a precondition check, you'll always get the caller location of the implementation of the precondition checks. But with this PR, you'll be told the location of the invalid call. Which is useful.
I thought of this while looking at https://github.com/rust-lang/rust/pull/129642#issuecomment-2311703898.
The changes to `tests/ui/const*` happen because the const-eval interpreter skips `#[track_caller]` frames in its backtraces.
The perf implications of this are:
* Increased debug binary sizes. The caller_location implementation requires that the additional data we want to display here be stored in const allocations, which are deduplicated but not across crates. There is no impact on optimized build sizes. The panic path and the caller location data get optimized out.
* The compile time hit to opt-incr-patched bitmaps happens because the patch changes the line number of some function calls with precondition checks, causing us to go from 0 dirty CGUs to 1 dirty CGU.
* The other compile time hits are marginal but real, and due to doing a handful of new queries. Adding more useful data isn't completely free.
|
|
this also cleans up two inconsistancies:
1. both doctests on the ::add methods were
actually calling the const version.
2. on of the ::offset methods was missing
a line of clarification.
part of https://github.com/rust-lang/rust/issues/139190
|
|
|