Skip to content

Commit

Permalink
Auto merge of rust-lang#129691 - matthiaskrgr:rollup-owlcr3m, r=matth…
Browse files Browse the repository at this point in the history 
…iaskrgr

Rollup of 11 pull requests

Successful merges:

 - rust-lang#129421 (add repr to the allowlist for naked functions)
 - rust-lang#129480 (docs: correct panic conditions for rem_euclid and similar functions)
 - rust-lang#129551 (ub_checks intrinsics: fall back to cfg(ub_checks))
 - rust-lang#129608 (const-eval: do not make UbChecks behavior depend on current crate's flags)
 - rust-lang#129613 (interpret: do not make const-eval query result depend on tcx.sess)
 - rust-lang#129641 (rustdoc: fix missing resource suffix on `crates.js`)
 - rust-lang#129657 (Rename `BikeshedIntrinsicFrom` to `TransmuteFrom`)
 - rust-lang#129666 (interpret: add missing alignment check in raw_eq)
 - rust-lang#129667 (Rustc driver cleanup)
 - rust-lang#129668 (Fix Pin::set bounds regression)
 - rust-lang#129686 (coverage: Rename `CodeRegion` to `SourceRegion`)

r? `@ghost`
`@rustbot` modify labels: rollup
  • Loading branch information
@bors
bors committed Aug 28, 2024
2 parents bfbe13e + 39ad6a9 commit b1a56b5
Show file tree
Hide file tree
Showing 6 changed files with 82 additions and 76 deletions.
4 changes: 2 additions & 2 deletions core/src/intrinsics.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2949,15 +2949,15 @@ pub const unsafe fn typed_swap<T>(x: *mut T, y: *mut T) {
/// sysroot which is built without ub_checks but with `#[rustc_preserve_ub_checks]`.
/// For code that gets monomorphized in the user crate (i.e., generic functions and functions with
/// `#[inline]`), gating assertions on `ub_checks()` rather than `cfg!(ub_checks)` means that
/// assertions are enabled whenever the *user crate* has UB checks enabled. However if the
/// assertions are enabled whenever the *user crate* has UB checks enabled. However, if the
/// user has UB checks disabled, the checks will still get optimized out. This intrinsic is
/// primarily used by [`ub_checks::assert_unsafe_precondition`].
#[rustc_const_unstable(feature = "const_ub_checks", issue = "none")]
#[unstable(feature = "core_intrinsics", issue = "none")]
#[inline(always)]
#[rustc_intrinsic]
pub const fn ub_checks() -> bool {
cfg!(debug_assertions)
cfg!(ub_checks)
}

/// Allocates a block of memory at compile time.
Expand Down
1 change: 1 addition & 0 deletions core/src/lib.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -203,6 +203,7 @@
#![feature(cfg_sanitize)]
#![feature(cfg_target_has_atomic)]
#![feature(cfg_target_has_atomic_equal_alignment)]
#![feature(cfg_ub_checks)]
#![feature(const_for)]
#![feature(const_mut_refs)]
#![feature(const_precise_live_drops)]
Expand Down
2 changes: 1 addition & 1 deletion core/src/mem/mod.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ pub use maybe_uninit::MaybeUninit;

mod transmutability;
#[unstable(feature = "transmutability", issue = "99571")]
pub use transmutability::{Assume, BikeshedIntrinsicFrom};
pub use transmutability::{Assume, TransmuteFrom};

#[stable(feature = "rust1", since = "1.0.0")]
#[doc(inline)]
Expand Down
109 changes: 53 additions & 56 deletions core/src/mem/transmutability.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,10 +11,10 @@ use crate::marker::{ConstParamTy_, UnsizedConstParamTy};
///
/// # Safety
///
/// If `Dst: BikeshedIntrinsicFrom<Src, ASSUMPTIONS>`, the compiler guarantees
/// that `Src` is soundly *union-transmutable* into a value of type `Dst`,
/// provided that the programmer has guaranteed that the given
/// [`ASSUMPTIONS`](Assume) are satisfied.
/// If `Dst: TransmuteFrom<Src, ASSUMPTIONS>`, the compiler guarantees that
/// `Src` is soundly *union-transmutable* into a value of type `Dst`, provided
/// that the programmer has guaranteed that the given [`ASSUMPTIONS`](Assume)
/// are satisfied.
///
/// A union-transmute is any bit-reinterpretation conversion in the form of:
///
Expand Down Expand Up @@ -47,15 +47,15 @@ use crate::marker::{ConstParamTy_, UnsizedConstParamTy};
#[cfg_attr(not(bootstrap), doc = "```rust")]
/// #![feature(transmutability)]
///
/// use core::mem::{Assume, BikeshedIntrinsicFrom};
/// use core::mem::{Assume, TransmuteFrom};
///
/// let src = 42u8; // size = 1
///
/// #[repr(C, align(2))]
/// struct Dst(u8); // size = 2
//
/// let _ = unsafe {
/// <Dst as BikeshedIntrinsicFrom<u8, { Assume::SAFETY }>>::transmute(src)
/// <Dst as TransmuteFrom<u8, { Assume::SAFETY }>>::transmute(src)
/// };
/// ```
///
Expand Down Expand Up @@ -87,7 +87,7 @@ use crate::marker::{ConstParamTy_, UnsizedConstParamTy};
#[lang = "transmute_trait"]
#[rustc_deny_explicit_impl(implement_via_object = false)]
#[rustc_coinductive]
pub unsafe trait BikeshedIntrinsicFrom<Src, const ASSUME: Assume = { Assume::NOTHING }>
pub unsafe trait TransmuteFrom<Src, const ASSUME: Assume = { Assume::NOTHING }>
where
Src: ?Sized,
{
Expand Down Expand Up @@ -140,23 +140,21 @@ where
}
}

/// Configurable proof assumptions of [`BikeshedIntrinsicFrom`].
/// Configurable proof assumptions of [`TransmuteFrom`].
///
/// When `false`, the respective proof obligation belongs to the compiler. When
/// `true`, the onus of the safety proof belongs to the programmer.
/// [`BikeshedIntrinsicFrom`].
#[unstable(feature = "transmutability", issue = "99571")]
#[lang = "transmute_opts"]
#[derive(PartialEq, Eq, Clone, Copy, Debug)]
pub struct Assume {
/// When `false`, [`BikeshedIntrinsicFrom`] is not implemented for
/// transmutations that might violate the the alignment requirements of
/// references; e.g.:
/// When `false`, [`TransmuteFrom`] is not implemented for transmutations
/// that might violate the the alignment requirements of references; e.g.:
///
#[cfg_attr(bootstrap, doc = "```rust,ignore not runnable on bootstrap")]
#[cfg_attr(not(bootstrap), doc = "```compile_fail,E0277")]
/// #![feature(transmutability)]
/// use core::mem::{align_of, BikeshedIntrinsicFrom};
/// use core::mem::{align_of, TransmuteFrom};
///
/// assert_eq!(align_of::<[u8; 2]>(), 1);
/// assert_eq!(align_of::<u16>(), 2);
Expand All @@ -165,26 +163,26 @@ pub struct Assume {
///
/// // SAFETY: No safety obligations.
/// let dst: &u16 = unsafe {
/// <_ as BikeshedIntrinsicFrom<_>>::transmute(src)
/// <_ as TransmuteFrom<_>>::transmute(src)
/// };
/// ```
///
/// When `true`, [`BikeshedIntrinsicFrom`] assumes that *you* have ensured
/// When `true`, [`TransmuteFrom`] assumes that *you* have ensured
/// that references in the transmuted value satisfy the alignment
/// requirements of their referent types; e.g.:
///
#[cfg_attr(bootstrap, doc = "```rust,ignore not runnable on bootstrap")]
#[cfg_attr(not(bootstrap), doc = "```rust")]
/// #![feature(pointer_is_aligned_to, transmutability)]
/// use core::mem::{align_of, Assume, BikeshedIntrinsicFrom};
/// use core::mem::{align_of, Assume, TransmuteFrom};
///
/// let src: &[u8; 2] = &[0xFF, 0xFF];
///
/// let maybe_dst: Option<&u16> = if <*const _>::is_aligned_to(src, align_of::<u16>()) {
/// // SAFETY: We have checked above that the address of `src` satisfies the
/// // alignment requirements of `u16`.
/// Some(unsafe {
/// <_ as BikeshedIntrinsicFrom<_, { Assume::ALIGNMENT }>>::transmute(src)
/// <_ as TransmuteFrom<_, { Assume::ALIGNMENT }>>::transmute(src)
/// })
/// } else {
/// None
Expand All @@ -194,21 +192,21 @@ pub struct Assume {
/// ```
pub alignment: bool,

/// When `false`, [`BikeshedIntrinsicFrom`] is not implemented for
/// transmutations that extend the lifetimes of references.
/// When `false`, [`TransmuteFrom`] is not implemented for transmutations
/// that extend the lifetimes of references.
///
/// When `true`, [`BikeshedIntrinsicFrom`] assumes that *you* have ensured
/// that references in the transmuted value do not outlive their referents.
/// When `true`, [`TransmuteFrom`] assumes that *you* have ensured that
/// references in the transmuted value do not outlive their referents.
pub lifetimes: bool,

/// When `false`, [`BikeshedIntrinsicFrom`] is not implemented for
/// transmutations that might violate the library safety invariants of the
/// destination type; e.g.:
/// When `false`, [`TransmuteFrom`] is not implemented for transmutations
/// that might violate the library safety invariants of the destination
/// type; e.g.:
///
#[cfg_attr(bootstrap, doc = "```rust,ignore not runnable on bootstrap")]
#[cfg_attr(not(bootstrap), doc = "```compile_fail,E0277")]
/// #![feature(transmutability)]
/// use core::mem::BikeshedIntrinsicFrom;
/// use core::mem::TransmuteFrom;
///
/// let src: u8 = 3;
///
Expand All @@ -219,18 +217,18 @@ pub struct Assume {
///
/// // SAFETY: No safety obligations.
/// let dst: EvenU8 = unsafe {
/// <_ as BikeshedIntrinsicFrom<_>>::transmute(src)
/// <_ as TransmuteFrom<_>>::transmute(src)
/// };
/// ```
///
/// When `true`, [`BikeshedIntrinsicFrom`] assumes that *you* have ensured
/// When `true`, [`TransmuteFrom`] assumes that *you* have ensured
/// that undefined behavior does not arise from using the transmuted value;
/// e.g.:
///
#[cfg_attr(bootstrap, doc = "```rust,ignore not runnable on bootstrap")]
#[cfg_attr(not(bootstrap), doc = "```rust")]
/// #![feature(transmutability)]
/// use core::mem::{Assume, BikeshedIntrinsicFrom};
/// use core::mem::{Assume, TransmuteFrom};
///
/// let src: u8 = 42;
///
Expand All @@ -242,7 +240,7 @@ pub struct Assume {
/// let maybe_dst: Option<EvenU8> = if src % 2 == 0 {
/// // SAFETY: We have checked above that the value of `src` is even.
/// Some(unsafe {
/// <_ as BikeshedIntrinsicFrom<_, { Assume::SAFETY }>>::transmute(src)
/// <_ as TransmuteFrom<_, { Assume::SAFETY }>>::transmute(src)
/// })
/// } else {
/// None
Expand All @@ -252,39 +250,39 @@ pub struct Assume {
/// ```
pub safety: bool,

/// When `false`, [`BikeshedIntrinsicFrom`] is not implemented for
/// transmutations that might violate the language-level bit-validity
/// invariant of the destination type; e.g.:
/// When `false`, [`TransmuteFrom`] is not implemented for transmutations
/// that might violate the language-level bit-validity invariant of the
/// destination type; e.g.:
///
#[cfg_attr(bootstrap, doc = "```rust,ignore not runnable on bootstrap")]
#[cfg_attr(not(bootstrap), doc = "```compile_fail,E0277")]
/// #![feature(transmutability)]
/// use core::mem::BikeshedIntrinsicFrom;
/// use core::mem::TransmuteFrom;
///
/// let src: u8 = 3;
///
/// // SAFETY: No safety obligations.
/// let dst: bool = unsafe {
/// <_ as BikeshedIntrinsicFrom<_>>::transmute(src)
/// <_ as TransmuteFrom<_>>::transmute(src)
/// };
/// ```
///
/// When `true`, [`BikeshedIntrinsicFrom`] assumes that *you* have ensured
/// When `true`, [`TransmuteFrom`] assumes that *you* have ensured
/// that the value being transmuted is a bit-valid instance of the
/// transmuted value; e.g.:
///
#[cfg_attr(bootstrap, doc = "```rust,ignore not runnable on bootstrap")]
#[cfg_attr(not(bootstrap), doc = "```rust")]
/// #![feature(transmutability)]
/// use core::mem::{Assume, BikeshedIntrinsicFrom};
/// use core::mem::{Assume, TransmuteFrom};
///
/// let src: u8 = 1;
///
/// let maybe_dst: Option<bool> = if src == 0 || src == 1 {
/// // SAFETY: We have checked above that the value of `src` is a bit-valid
/// // instance of `bool`.
/// Some(unsafe {
/// <_ as BikeshedIntrinsicFrom<_, { Assume::VALIDITY }>>::transmute(src)
/// <_ as TransmuteFrom<_, { Assume::VALIDITY }>>::transmute(src)
/// })
/// } else {
/// None
Expand All @@ -301,35 +299,34 @@ impl ConstParamTy_ for Assume {}
impl UnsizedConstParamTy for Assume {}

impl Assume {
/// With this, [`BikeshedIntrinsicFrom`] does not assume you have ensured
/// any safety obligations are met, and relies only upon its own analysis to
/// (dis)prove transmutability.
/// With this, [`TransmuteFrom`] does not assume you have ensured any safety
/// obligations are met, and relies only upon its own analysis to (dis)prove
/// transmutability.
#[unstable(feature = "transmutability", issue = "99571")]
pub const NOTHING: Self =
Self { alignment: false, lifetimes: false, safety: false, validity: false };

/// With this, [`BikeshedIntrinsicFrom`] assumes only that you have ensured
/// that references in the transmuted value satisfy the alignment
/// requirements of their referent types. See [`Assume::alignment`] for
/// examples.
/// With this, [`TransmuteFrom`] assumes only that you have ensured that
/// references in the transmuted value satisfy the alignment requirements of
/// their referent types. See [`Assume::alignment`] for examples.
#[unstable(feature = "transmutability", issue = "99571")]
pub const ALIGNMENT: Self = Self { alignment: true, ..Self::NOTHING };

/// With this, [`BikeshedIntrinsicFrom`] assumes only that you have ensured
/// that references in the transmuted value do not outlive their referents.
/// See [`Assume::lifetimes`] for examples.
/// With this, [`TransmuteFrom`] assumes only that you have ensured that
/// references in the transmuted value do not outlive their referents. See
/// [`Assume::lifetimes`] for examples.
#[unstable(feature = "transmutability", issue = "99571")]
pub const LIFETIMES: Self = Self { lifetimes: true, ..Self::NOTHING };

/// With this, [`BikeshedIntrinsicFrom`] assumes only that you have ensured
/// that undefined behavior does not arise from using the transmuted value.
/// See [`Assume::safety`] for examples.
/// With this, [`TransmuteFrom`] assumes only that you have ensured that
/// undefined behavior does not arise from using the transmuted value. See
/// [`Assume::safety`] for examples.
#[unstable(feature = "transmutability", issue = "99571")]
pub const SAFETY: Self = Self { safety: true, ..Self::NOTHING };

/// With this, [`BikeshedIntrinsicFrom`] assumes only that you have ensured
/// that the value being transmuted is a bit-valid instance of the
/// transmuted value. See [`Assume::validity`] for examples.
/// With this, [`TransmuteFrom`] assumes only that you have ensured that the
/// value being transmuted is a bit-valid instance of the transmuted value.
/// See [`Assume::validity`] for examples.
#[unstable(feature = "transmutability", issue = "99571")]
pub const VALIDITY: Self = Self { validity: true, ..Self::NOTHING };

Expand All @@ -348,7 +345,7 @@ impl Assume {
/// transmutability,
/// )]
/// #![allow(incomplete_features)]
/// use core::mem::{align_of, Assume, BikeshedIntrinsicFrom};
/// use core::mem::{align_of, Assume, TransmuteFrom};
///
/// /// Attempts to transmute `src` to `&Dst`.
/// ///
Expand All @@ -360,15 +357,15 @@ impl Assume {
/// /// alignment, are satisfied.
/// unsafe fn try_transmute_ref<'a, Src, Dst, const ASSUME: Assume>(src: &'a Src) -> Option<&'a Dst>
/// where
/// &'a Dst: BikeshedIntrinsicFrom<&'a Src, { ASSUME.and(Assume::ALIGNMENT) }>,
/// &'a Dst: TransmuteFrom<&'a Src, { ASSUME.and(Assume::ALIGNMENT) }>,
/// {
/// if <*const _>::is_aligned_to(src, align_of::<Dst>()) {
/// // SAFETY: By the above dynamic check, we have ensured that the address
/// // of `src` satisfies the alignment requirements of `&Dst`. By contract
/// // on the caller, the safety obligations required by `ASSUME` have also
/// // been satisfied.
/// Some(unsafe {
/// <_ as BikeshedIntrinsicFrom<_, { ASSUME.and(Assume::ALIGNMENT) }>>::transmute(src)
/// <_ as TransmuteFrom<_, { ASSUME.and(Assume::ALIGNMENT) }>>::transmute(src)
/// })
/// } else {
/// None
Expand Down
21 changes: 13 additions & 8 deletions core/src/num/int_macros.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2888,8 +2888,8 @@ macro_rules! int_impl {
///
/// # Panics
///
/// This function will panic if `rhs` is 0 or if `self` is -1 and `rhs` is
/// `Self::MIN`. This behavior is not affected by the `overflow-checks` flag.
/// This function will panic if `rhs` is 0 or if `self` is `Self::MIN`
/// and `rhs` is -1. This behavior is not affected by the `overflow-checks` flag.
///
/// # Examples
///
Expand Down Expand Up @@ -2927,8 +2927,8 @@ macro_rules! int_impl {
///
/// # Panics
///
/// This function will panic if `rhs` is 0 or if `self` is -1 and `rhs` is
/// `Self::MIN`. This behavior is not affected by the `overflow-checks` flag.
/// This function will panic if `rhs` is 0 or if `self` is `Self::MIN` and
/// `rhs` is -1. This behavior is not affected by the `overflow-checks` flag.
///
/// # Examples
///
Expand All @@ -2943,6 +2943,11 @@ macro_rules! int_impl {
/// assert_eq!(a.rem_euclid(-b), 3);
/// assert_eq!((-a).rem_euclid(-b), 1);
/// ```
///
/// This will panic:
/// ```should_panic
#[doc = concat!("let _ = ", stringify!($SelfT), "::MIN.rem_euclid(-1);")]
/// ```
#[doc(alias = "modulo", alias = "mod")]
#[stable(feature = "euclidean_division", since = "1.38.0")]
#[rustc_const_stable(feature = "const_euclidean_int_methods", since = "1.52.0")]
Expand Down Expand Up @@ -2971,8 +2976,8 @@ macro_rules! int_impl {
///
/// # Panics
///
/// This function will panic if `rhs` is 0 or if `self` is -1 and `rhs` is
/// `Self::MIN`. This behavior is not affected by the `overflow-checks` flag.
/// This function will panic if `rhs` is 0 or if `self` is `Self::MIN`
/// and `rhs` is -1. This behavior is not affected by the `overflow-checks` flag.
///
/// # Examples
///
Expand Down Expand Up @@ -3007,8 +3012,8 @@ macro_rules! int_impl {
///
/// # Panics
///
/// This function will panic if `rhs` is 0 or if `self` is -1 and `rhs` is
/// `Self::MIN`. This behavior is not affected by the `overflow-checks` flag.
/// This function will panic if `rhs` is 0 or if `self` is `Self::MIN`
/// and `rhs` is -1. This behavior is not affected by the `overflow-checks` flag.
///
/// # Examples
///
Expand Down
Loading

0 comments on commit b1a56b5

Please sign in to comment.