| Age | Commit message (Collapse) | Author | Lines |
|---|
|
|
|
|
|
|
|
Add methods to go from a nul-terminated Vec<u8> to a CString
Fixes #73100.
Doc tests have been written and the documentation on the error type
updated too.
I used `#[stable(feature = "cstring_from_vec_with_nul", since = "1.46.0")]` but I don't know if the version is correct.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
unchecked.
Doc tests have been written and the documentation on the error type
updated too.
|
|
|
|
|
|
These forward `Borrowed`/`Owned` values to existing `Box::from` impls.
- `From<Cow<'_, [T]>> for Box<[T]>`
- `From<Cow<'_, str>> for Box<str>`
- `From<Cow<'_, CStr>> for Box<CStr>`
- `From<Cow<'_, OsStr>> for Box<OsStr>`
- `From<Cow<'_, Path>> for Box<Path>`
|
|
It can try to keep its allocation by converting the inner `Box` to
`Vec`, using `clone_into` on the bytes, then convert back to `Box`.
|
|
danielhenrymantilla:feature/cstring_from_vec_of_nonzerou8, r=KodrAus
Added From<Vec<NonZeroU8>> for CString
Added a `From<Vec<NonZeroU8>>` `impl` for `CString`
# Rationale
- `CString::from_vec_unchecked` is a subtle function, that makes `unsafe` code harder to audit when the generated `Vec`'s creation is non-trivial. This `impl` allows to write safer `unsafe` code thanks to the very explicit semantics of the `Vec<NonZeroU8>` type.
- One such situation is when trying to `.read()` a `CString`, see issue #59229.
- this lead to a PR: #59314, that was closed for being too specific / narrow (it only targetted being able to `.read()` a `CString`, when this pattern could have been generalized).
- the issue suggested another route, based on `From<Vec<NonZeroU8>>`, which is indeed a less general and more concise code pattern.
- quoting @shnatsel:
- > For me the main thing about making this safe is simplifying auditing - people have spent like an hour looking at just this one unsafe block in libflate because it's not clear what exactly is unchecked, so you have to look it up when auditing anyway. This has distracted us from much more serious memory safety issues the library had.
Having this trivial impl in stdlib would turn this into safe code with compiler more or less guaranteeing that it's fine, and save anyone auditing the code a whole lot of time.
|
|
Updated tracking issue number
Added safeguards for transmute_vec potentially being factored out elsewhere
Clarified comment about avoiding mem::forget
Removed unneeded unstable guard
Added back a stability annotation for CI
Minor documentation improvements
Thanks to @Centril's code review
Co-Authored-By: Mazdak Farrokhzad <twingoow@gmail.com>
Improved layout checks, type annotations and removed unaccurate comment
Removed unnecessary check on array layout
Adapt the stability annotation to the new 1.41 milestone
Co-Authored-By: Mazdak Farrokhzad <twingoow@gmail.com>
Simplify the implementation.
Use `Vec::into_raw_parts` instead of a manual implementation of
`Vec::transmute`.
If `Vec::into_raw_parts` uses `NonNull` instead, then the code here
will need to be adjusted to take it into account (issue #65816)
Reduce the whitespace of safety comments
|
|
These notes are about a distinction that is not going to be observable
in the API. Whether or not the UTF-8 check knows the string length ahead
of time, these methods require linear time.
|
|
`description` has been documented as soft-deprecated since 1.27.0 (17
months ago). There is no longer any reason to call it or implement it.
This commit:
- adds #[rustc_deprecated(since = "1.41.0")] to Error::description;
- moves description (and cause, which is also deprecated) below the
source and backtrace methods in the Error trait;
- reduces documentation of description and cause to take up much less
vertical real estate in rustdocs, while preserving the example that
shows how to render errors without needing to call description;
- removes the description function of all *currently unstable* Error
impls in the standard library;
- marks #[allow(deprecated)] the description function of all *stable*
Error impls in the standard library;
- replaces miscellaneous uses of description in example code and the
compiler.
|
|
|
|
|
|
|
|
functions with a `const` modifier
|
|
|
|
IntoStringError only implemented Error::cause, which is
deprecated. This implemements Error::source instead.
Error::cause will still work as before, thanks to the default
implementation.
|
|
A few cosmetic improvements to code & comments in liballoc and libcore
Factored out from hacking on rustc for work on the REPL.
r? @Centril
|
|
Co-Authored-By: Mazdak Farrokhzad <twingoow@gmail.com>
|
|
|
|
|
|
Changed all instances of `c_str` into `cstr` in the documentation examples. This is also consistent with the module source code.
|
|
Add #[repr(transparent)] for several types
In some functions, types mentioned in this PR are transmuted into their inner value.
Example for `PathBuf`: https://github.com/rust-lang/rust/blob/master/src/libstd/path.rs#L1132.
This PR adds `#[repr(transparent)]` to those types, so their correct behavior doesn't depend on compiler details. (As far as I understand, currently that line, converting `PathBuf` to `Vec<u8>`, is UB).
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Use more impl header lifetime elision
Inspired by seeing explicit lifetimes on these two:
- https://doc.rust-lang.org/nightly/std/slice/struct.Iter.html#impl-FusedIterator
- https://doc.rust-lang.org/nightly/std/primitive.u32.html#impl-Not
And a follow-up to https://github.com/rust-lang/rust/pull/54687, that started using IHLE in libcore.
Most of the changes in here fall into two big categories:
- Removing lifetimes from common traits that can essentially never user a lifetime from an input (particularly `Drop`, `Debug`, and `Clone`)
- Forwarding impls that are only possible because the lifetime doesn't matter (like `impl<R: Read + ?Sized> Read for &mut R`)
I omitted things that seemed like they could be more controversial, like the handful of iterators that have a `Item: 'static` despite the iterator having a lifetime or the `PartialEq` implementations [where the flipped one cannot elide the lifetime](https://internals.rust-lang.org/t/impl-type-parameter-aliases/9403/2?u=scottmcm).
I also removed two lifetimes that turned out to be completely unused; see https://github.com/rust-lang/rust/issues/41960#issuecomment-464557423
|
|
There are two big categories of changes in here
- Removing lifetimes from common traits that can essentially never user a lifetime from an input (particularly `Drop` & `Debug`)
- Forwarding impls that are only possible because the lifetime doesn't matter (like `impl<R: Read + ?Sized> Read for &mut R`)
I omitted things that seemed like they could be more controversial, like the handful of iterators that have a `Item: 'static` despite the iterator having a lifetime or the `PartialEq` implementations where the flipped one cannot elide the lifetime.
|
|
|
|
|
|
|
|
|
|
Minor standard library constification
This PR makes some bits of the standard library into `const fn`s.
I've tried to be as aggressive as I possibly could in the constification.
The list is rather small due to how restrictive `const fn` is at the moment.
r? @oli-obk cc @rust-lang/libs
Stable public APIs affected:
+ [x] `Cell::as_ptr`
+ [x] `UnsafeCell::get`
+ [x] `char::is_ascii`
+ [x] `iter::empty`
+ [x] `ManuallyDrop::{new, into_inner}`
+ [x] `RangeInclusive::{start, end}`
+ [x] `NonNull::as_ptr`
+ [x] `{[T], str}::as_ptr`
+ [x] `Duration::{as_secs, subsec_millis, subsec_micros, subsec_nanos}`
+ [x] `CStr::as_ptr`
+ [x] `Ipv4Addr::is_unspecified`
+ [x] `Ipv6Addr::new`
+ [x] `Ipv6Addr::octets`
Unstable public APIs affected:
+ [x] `Duration::{as_millis, as_micros, as_nanos, as_float_secs}`
+ [x] `Wrapping::{count_ones, count_zeros, trailing_zeros, rotate_left, rotate_right, swap_bytes, reverse_bits, from_be, from_le, to_be, to_le, leading_zeros, is_positive, is_negative, leading_zeros}`
+ [x] `core::convert::identity`
--------------------------
## Removed from list in first pass:
Stable public APIs affected:
+ [ ] `BTree{Map, Set}::{len, is_empty}`
+ [ ] `VecDeque::is_empty`
+ [ ] `String::{is_empty, len}`
+ [ ] `FromUtf8Error::utf8_error`
+ [ ] `Vec<T>::{is_empty, len}`
+ [ ] `Layout::size`
+ [ ] `DecodeUtf16Error::unpaired_surrogate`
+ [ ] `core::fmt::{fill, width, precision, sign_plus, sign_minus, alternate, sign_aware_zero_pad}`
+ [ ] `panic::Location::{file, line, column}`
+ [ ] `{ChunksExact, RChunksExact}::remainder`
+ [ ] `Utf8Error::valid_up_to`
+ [ ] `VacantEntry::key`
+ [ ] `NulError::nul_position`
+ [ ] `IntoStringError::utf8_error`
+ [ ] `IntoInnerError::error`
+ [ ] `io::Chain::get_ref`
+ [ ] `io::Take::{limit, get_ref}`
+ [ ] `SocketAddrV6::{flowinfo, scope_id}`
+ [ ] `PrefixComponent::{kind, as_os_str}`
+ [ ] `Path::{ancestors, display}`
+ [ ] `WaitTimeoutResult::timed_out`
+ [ ] `Receiver::{iter, try_iter}`
+ [ ] `thread::JoinHandle::thread`
+ [ ] `SystemTimeError::duration`
Unstable public APIs affected:
+ [ ] `core::fmt::Arguments::new_v1`
+ [ ] `core::fmt::Arguments::new_v1_formatted`
+ [ ] `Pin::{get_ref, into_ref}`
+ [ ] `Utf8Lossy::chunks`
+ [ ] `LocalWaker::as_waker`
+ [ ] `panic::PanicInfo::{internal_constructor, message, location}`
+ [ ] `panic::Location::{internal_constructor }`
## Removed from list in 2nd pass:
Stable public APIs affected:
+ [ ] `LinkedList::{new, iter, is_empty, len}`
+ [ ] `mem::forget`
+ [ ] `Cursor::{new, get_ref, position}`
+ [ ] `io::{empty, repeat, sink}`
+ [ ] `PoisonError::new`
+ [ ] `thread::Builder::new`
+ [ ] `process::Stdio::{piped, inherit, null}`
Unstable public APIs affected:
+ [ ] `io::Initializer::{zeroing, should_initialize}`
|
|
|
|
|
|
|
|
|
|
closes #54678
|
