Commit graph

979 commits

Author SHA1 Message Date
bors
37d56daac6 Auto merge of #128771 - carbotaniuman:stabilize_unsafe_attr, r=nnethercote
Stabilize `unsafe_attributes`

# Stabilization report

## Summary

This is a tracking issue for the RFC 3325: unsafe attributes

We are stabilizing `#![feature(unsafe_attributes)]`,  which makes certain attributes considered 'unsafe', meaning that they must be surrounded by an `unsafe(...)`, as in `#[unsafe(no_mangle)]`.

RFC: rust-lang/rfcs#3325
Tracking issue: #123757

## What is stabilized

### Summary of stabilization

Certain attributes will now be designated as unsafe attributes, namely, `no_mangle`, `export_name`, and `link_section` (stable only), and these attributes will need to be called by surrounding them in `unsafe(...)` syntax. On editions prior to 2024, this is simply an edition lint, but it will become a hard error in 2024. This also works in `cfg_attr`, but `unsafe` is not allowed for any other attributes, including proc-macros ones.

```rust
#[unsafe(no_mangle)]
fn a() {}

#[cfg_attr(any(), unsafe(export_name = "c"))]
fn b() {}
```

For a table showing the attributes that were considered to be included in the list to require unsafe, and subsequent reasoning about why each such attribute was or was not included, see [this comment here](https://github.com/rust-lang/rust/pull/124214#issuecomment-2124753464)

## Tests

The relevant tests are in `tests/ui/rust-2024/unsafe-attributes` and `tests/ui/attributes/unsafe`.
2024-08-17 22:48:42 +00:00
Nicholas Nethercote
0544d3a952 Add warn(unreachable_pub) to rustc_builtin_macros. 2024-08-16 08:46:57 +10:00
Nicholas Nethercote
7923b20dd9 Use impl PartialEq<TokenKind> for Token more.
This lets us compare a `Token` with a `TokenKind`. It's used a lot, but
can be used even more, avoiding the need for some `.kind` uses.
2024-08-14 16:37:09 +10:00
Matthias Krüger
32e0fe129d
Rollup merge of #128762 - fmease:use-more-slice-pats, r=compiler-errors
Use more slice patterns inside the compiler

Nothing super noteworthy. Just replacing the common 'fragile' pattern of "length check followed by indexing or unwrap" with slice patterns for legibility and 'robustness'.

r? ghost
2024-08-11 07:51:51 +02:00
Urgau
eedb32dd12 Make Span optional in BufferedEarlyLint 2024-08-07 14:08:34 +02:00
León Orell Valerian Liehr
c4c518d2d4
Use more slice patterns inside the compiler 2024-08-07 13:37:52 +02:00
carbotaniuman
de9b5c3ea2 Stabilize unsafe_attributes 2024-08-07 03:12:13 -05:00
Matthias Krüger
d10f2b32f0
Rollup merge of #127907 - RalfJung:byte_slice_in_packed_struct_with_derive, r=nnethercote
built-in derive: remove BYTE_SLICE_IN_PACKED_STRUCT_WITH_DERIVE hack and lint

Fixes https://github.com/rust-lang/rust/issues/107457 by turning the lint into a hard error. The lint has been shown in future breakage reports since Rust 1.69 (released in April 2023).

Let's see (via crater) if enough time has passed since https://github.com/rust-lang/rust/pull/104429, and https://github.com/unicode-org/icu4x/pull/2834 has propagated far enough to let us make this a hard error.

Cc ``@nnethercote`` ``@Manishearth``
2024-08-05 05:40:19 +02:00
Matthias Krüger
b6b8330b9d
Rollup merge of #128305 - folkertdev:asm-parser-unsupported-operand, r=Amanieu
improve error message when `global_asm!` uses `asm!` operands

follow-up to https://github.com/rust-lang/rust/pull/128207

what was

```
error: expected expression, found keyword `in`
 --> src/lib.rs:1:31
  |
1 | core::arch::global_asm!("{}", in(reg));
  |                               ^^ expected expression
```

becomes

```
error: the `in` operand cannot be used with `global_asm!`
  --> $DIR/parse-error.rs:150:19
   |
LL | global_asm!("{}", in(reg));
   |                   ^^ the `in` operand is not meaningful for global-scoped inline assembly, remove it
```

the span of the error is just the keyword, which means that we can't create a machine-applicable suggestion here. The alternative would be to attempt to parse the full operand, but then if there are syntax errors in the operand those would  be presented to the user, even though the parser already knows that the output won't be valid. Also that would require more complexity in the parser.

So I think this is a nice improvement at very low cost.
2024-08-04 11:32:33 +02:00
Matthias Krüger
9b69042d5b
Rollup merge of #128557 - nyurik:dup-init, r=compiler-errors
chore: use shorthand initializer

Tiny readability improvement - don't use redundant initializer vars
2024-08-03 11:17:45 +02:00
Matthias Krüger
dee57ce043
Rollup merge of #128483 - nnethercote:still-more-cfg-cleanups, r=petrochenkov
Still more `cfg` cleanups

Found while looking closely at `cfg`/`cfg_attr` processing code.

r? `````````@petrochenkov`````````
2024-08-03 11:17:44 +02:00
Yuri Astrakhan
84e261e5cb chore: use shorthand initializer 2024-08-02 13:22:28 -04:00
bors
c0e32983f5 Auto merge of #127543 - carbotaniuman:more_unsafe_attr_verification, r=estebank,traviscross
More unsafe attr verification

This code denies unsafe on attributes such as `#[test]` and `#[ignore]`, while also changing the `MetaItem` parsing so `unsafe` in args like `#[allow(unsafe(dead_code))]` is not accidentally allowed.

Tracking:

- https://github.com/rust-lang/rust/issues/123757
2024-08-01 10:40:45 +00:00
Nicholas Nethercote
d1f05fd184 Distinguish the two kinds of token range.
When collecting tokens there are two kinds of range:
- a range relative to the parser's full token stream (which we get when
  we are parsing);
- a range relative to a single AST node's token stream (which we use
  within `LazyAttrTokenStreamImpl` when replacing tokens).

These are currently both represented with `Range<u32>` and it's easy to
mix them up -- until now I hadn't properly understood the difference.

This commit introduces `ParserRange` and `NodeRange` to distinguish
them. This also requires splitting `ReplaceRange` in two, giving the new
types `ParserReplacement` and `NodeReplacement`. (These latter two names
reduce the overloading of the word "range".)

The commit also rewrites some comments to be clearer.

The end result is a little more verbose, but much clearer.
2024-08-01 19:30:40 +10:00
Ding Xiang Fei
14a0963f96
reject pointee without ?Sized 2024-08-01 02:00:05 +08:00
Matthias Krüger
563f938ab3
Rollup merge of #127681 - dingxiangfei2009:smart-ptr-bounds, r=compiler-errors
derive(SmartPointer): rewrite bounds in where and generic bounds

Fix #127647

Due to the `Unsize` bounds, we need to commute the bounds on the pointee type to the new self type.

cc ```@Darksonn```
2024-07-31 15:36:29 +02:00
carbotaniuman
49db8a5a99 Add toggle for parse_meta_item unsafe parsing
This makes it possible for the `unsafe(...)` syntax to only be
valid at the top level, and the `NestedMetaItem`s will automatically
reject `unsafe(...)`.
2024-07-30 18:28:43 -05:00
Matthias Krüger
6f0b237c72
Rollup merge of #128376 - compiler-errors:finish-ur-vegetables, r=jieyouxu
Mark `Parser::eat`/`check` methods as `#[must_use]`

These methods return a `bool`, but we probably should either use these values or explicitly throw them away (e.g. when we just want to unconditionally eat a token if it exists).

I changed a few places from `eat` to `expect`, but otherwise I tried to leave a comment explaining why the `eat` was okay.

This also adds a test for the `pattern_type!` macro, which used to silently accept a missing `is` token.
2024-07-30 22:51:38 +02:00
Ding Xiang Fei
e7f89a7eea
derive(SmartPointer): rewrite bounds in where and generic bounds 2024-07-30 21:14:10 +02:00
bors
f8060d282d Auto merge of #128083 - Mark-Simulacrum:bump-bootstrap, r=albertlarsan68
Bump bootstrap compiler to new beta

https://forge.rust-lang.org/release/process.html#master-bootstrap-update-t-2-day-tuesday
2024-07-30 17:49:08 +00:00
carbotaniuman
d8bc8761a5 Deny unsafe on more builtin attributes 2024-07-29 21:00:09 -05:00
Michael Goulet
e4076e34f8 Mark Parser::eat/check methods as must_use 2024-07-29 21:29:08 -04:00
Nicholas Nethercote
84ac80f192 Reformat use declarations.
The previous commit updated `rustfmt.toml` appropriately. This commit is
the outcome of running `x fmt --all` with the new formatting options.
2024-07-29 08:26:52 +10:00
Mark Rousskov
5eca36d27a step cfg(bootstrap) 2024-07-28 14:46:29 -04:00
Folkert
571f7b6589
improve error message when global asm uses inline asm operands 2024-07-28 15:11:32 +02:00
Matthias Krüger
a13f40dae6
Rollup merge of #127853 - folkertdev:naked-function-error-messages, r=bjorn3
`#[naked]`: report incompatible attributes

tracking issue: https://github.com/rust-lang/rust/issues/90957

this is a re-implementation of https://github.com/rust-lang/rust/pull/93809 by ``@bstrie`` which was closed 2 years ago due to inactivity.

This PR takes some of the final comments into account, specifically providing a little more context in error messages, and using an allow list to determine which attributes are compatible with `#[naked]`.

Notable attributes that are incompatible with `#[naked]` are:

  * `#[inline]`
  * `#[track_caller]`
  * ~~`#[target_feature]`~~ (this is now allowed, see PR discussion)
  * `#[test]`, `#[ignore]`, `#[should_panic]`

These attributes just directly conflict with what `#[naked]` should do.

Naked functions are still important for systems programming, embedded, and operating systems, so I'd like to move them forward.
2024-07-28 08:57:16 +02:00
Trevor Gross
9164dbd48c
Rollup merge of #128207 - folkertdev:asm-parser-generalize, r=Amanieu
improve error message when `global_asm!` uses `asm!` options

specifically, what was

    error: expected one of `)`, `att_syntax`, or `raw`, found `preserves_flags`
      --> $DIR/bad-options.rs:45:25
       |
    LL | global_asm!("", options(preserves_flags));
       |                         ^^^^^^^^^^^^^^^ expected one of `)`, `att_syntax`, or `raw`

is now

    error: the `preserves_flags` option cannot be used with `global_asm!`
      --> $DIR/bad-options.rs:45:25
       |
    LL | global_asm!("", options(preserves_flags));
       |                         ^^^^^^^^^^^^^^^ the `preserves_flags` option is not meaningful for global-scoped inline assembly

mirroring the phrasing of the [reference](https://doc.rust-lang.org/reference/inline-assembly.html#options).

This is also a bit of a refactor for a future `naked_asm!` macro (for use in `#[naked]` functions). Currently this sort of error can come up when switching from inline to global asm, or when a user just isn't that experienced with assembly. With  `naked_asm!` added to the mix hitting this error is more likely.
2024-07-27 13:32:56 -04:00
Ralf Jung
bda31d14f4 built-in derive: remove BYTE_SLICE_IN_PACKED_STRUCT_WITH_DERIVE hack and lint 2024-07-27 18:18:41 +02:00
Folkert
c6a166bac2
switch to an allowlist approach
- merge error codes
- use attribute name that is incompatible in error message
- add test for conditional incompatible attribute
- add `linkage` to the allowlist
2024-07-27 12:55:39 +02:00
Folkert
73fde17017
refactor the if if 2024-07-26 00:08:22 +02:00
Folkert
d3858f7465
improve error message when global_asm! uses asm! options 2024-07-25 22:33:52 +02:00
GnomedDev
db8cdc5d37
Use Cow<'static, str> for InlineAsmTemplatePiece::String 2024-07-24 21:11:55 +01:00
Oli Scherer
e9f32d0ca6 Avoid passing state that will not be visited 2024-07-22 14:34:45 +00:00
Oli Scherer
8d290058c9 Always pass the visitor as the first argument to walk* functions 2024-07-22 14:01:24 +00:00
Oli Scherer
754bdef793 Sync mut_visit function names with immut visit ones (s/noop_visit/walk/) 2024-07-22 14:01:24 +00:00
Oli Scherer
6f85f20520 Add Ident to FnKind::Fn, just like with the immutable visitor 2024-07-22 14:01:23 +00:00
Oli Scherer
545553ca4f Pass id and span to visit_fn, just like for the immutable visitor 2024-07-22 14:01:23 +00:00
Oli Scherer
1b9ac0011f Make function items in mut visitors all go through the same visit_fn function, just like with immutable visitors 2024-07-22 14:01:23 +00:00
Oli Scherer
5241d8bb19 Merge impl and trait item mut visitor methods to mirror immut visitor 2024-07-22 14:01:23 +00:00
bors
9629b90b3f Auto merge of #127722 - BoxyUwU:new_adt_const_params_limitations, r=compiler-errors
Forbid borrows and unsized types from being used as the type of a const generic under `adt_const_params`

Fixes #112219
Fixes #112124
Fixes #112125

### Motivation

Currently the `adt_const_params` feature allows writing `Foo<const N: [u8]>` this is entirely useless as it is not possible to write an expression which evaluates to a type that is not `Sized`. In order to actually use unsized types in const generics they are typically written as `const N: &[u8]` which *is* possible to provide a value of.

Unfortunately allowing the types of const parameters to contain references is non trivial (#120961) as it introduces a number of difficult questions about how equality of references in the type system should behave. References in the types of const generics is largely only useful for using unsized types in const generics.

This PR introduces a new feature gate `unsized_const_parameters` and moves support for `const N: [u8]` and `const N: &...` from `adt_const_params` into it. The goal here hopefully is to experiment with allowing `const N: [u8]` to work without references and then eventually completely forbid references in const generics.

Splitting this out into a new feature gate means that stabilization of `adt_const_params` does not have to resolve #120961 which is the only remaining "big" blocker for the feature. Remaining issues after this are a few ICEs and naming bikeshed for `ConstParamTy`.

### Implementation

The implementation is slightly subtle here as we would like to ensure that a stabilization of `adt_const_params` is forwards compatible with any outcome of `unsized_const_parameters`. This is inherently tricky as we do not support unstable trait implementations and we determine whether a type is valid as the type of a const parameter via a trait bound.

There are a few constraints here:
- We would like to *allow for the possibility* of adding a `Sized` supertrait to `ConstParamTy` in the event that we wind up opting to not support unsized types and instead requiring people to write the 'sized version', e.g. `const N: [u8; M]` instead of `const N: [u8]`.
- Crates should be able to enable `unsized_const_parameters` and write trait implementations of `ConstParamTy` for `!Sized` types without downstream crates that only enable `adt_const_params` being able to observe this (required for std to be able to `impl<T> ConstParamTy for [T]`

Ultimately the way this is accomplished is via having two traits (sad), `ConstParamTy` and `UnsizedConstParamTy`. Depending on whether `unsized_const_parameters` is enabled or not we change which trait is used to check whether a type is allowed to be a const parameter.

Long term (when stabilizing `UnsizedConstParamTy`) it should be possible to completely merge these traits (and derive macros), only having a single `trait ConstParamTy` and `macro ConstParamTy`.

Under `adt_const_params` it is now illegal to directly refer to `ConstParamTy` it is only used as an internal impl detail by `derive(ConstParamTy)` and checking const parameters are well formed. This is necessary in order to ensure forwards compatibility with all possible future directions for `feature(unsized_const_parameters)`.

Generally the intuition here should be that `ConstParamTy` is the stable trait that everything uses, and `UnsizedConstParamTy` is that plus unstable implementations (well, I suppose `ConstParamTy` isn't stable yet :P).
2024-07-21 05:36:21 +00:00
Nicholas Nethercote
9d908a2877 Use ForceCollect in parse_attr_item.
Instead of a `bool`. Because `ForceCollect` is used in this way
everywhere else.
2024-07-19 08:24:54 +10:00
Boxy
d0c11bf6e3 Split part of adt_const_params into unsized_const_params 2024-07-17 11:01:29 +01:00
Folkert
4d082b77af
add error message when #[naked] is used with #[test] 2024-07-17 00:04:00 +02:00
Matthias Krüger
510020ad4c
Rollup merge of #127308 - nnethercote:Attribute-cleanups, r=petrochenkov
Attribute cleanups

More refactoring done while trying to fix the final remaining test failure for #124141.

r? `@petrochenkov`
2024-07-07 14:22:01 +02:00
Nicholas Nethercote
3a5c4b6e4e Rename some attribute types for consistency.
- `AttributesData` -> `AttrsTarget`
- `AttrTokenTree::Attributes` -> `AttrTokenTree::AttrsTarget`
- `FlatToken::AttrTarget` -> `FlatToken::AttrsTarget`
2024-07-07 16:14:30 +10:00
Oli Scherer
7dca61b68b Use ControlFlow results for visitors that are only looking for a single value 2024-07-05 15:00:40 +00:00
Matthias Krüger
d27136fb29
Rollup merge of #127283 - dingxiangfei2009:check-repr-transparent, r=davidtwco
Reject SmartPointer constructions not serving the purpose

Tracking issue: #123430

With this PR we will reject a row of malformed `SmartPointer` implementor candidates.

cc `@Darksonn` `@davidtwco` for context.
2024-07-04 18:16:23 +02:00
Matthias Krüger
b16a711191
Rollup merge of #126405 - He1pa:translate_builtin_macro_diag, r=davidtwco
Migrate some rustc_builtin_macros to SessionDiagnostic

<!--
If this PR is related to an unstable feature or an otherwise tracked effort,
please link to the relevant tracking issue here. If you don't know of a related
tracking issue or there are none, feel free to ignore this.

This PR will get automatically assigned to a reviewer. In case you would like
a specific user to review your work, you can assign it to them by using

    r​? <reviewer name>
-->

Part of https://github.com/rust-lang/rust/issues/100717.
pick up abandoned pr: #101935
`@rustbot` label +A-translation
2024-07-04 18:16:22 +02:00
Ding Xiang Fei
0b4edb2487
reject SmartPointer constructions not serving the purpose 2024-07-04 16:41:23 +08:00
Nicholas Nethercote
1680b791d5 Simplify CfgEval.
It can contain an owned value instead of a reference.
2024-07-02 10:46:43 +10:00