mathieu/os-rust
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
os-rust/tests/ui/consts/copy-intrinsic.rs
Ralf Jung a0215d8e46 Re-do recursive const stability checks 
Fundamentally, we have *three* disjoint categories of functions:
1. const-stable functions
2. private/unstable functions that are meant to be callable from const-stable functions
3. functions that can make use of unstable const features

This PR implements the following system:
- `#[rustc_const_stable]` puts functions in the first category. It may only be applied to `#[stable]` functions.
- `#[rustc_const_unstable]` by default puts functions in the third category. The new attribute `#[rustc_const_stable_indirect]` can be added to such a function to move it into the second category.
- `const fn` without a const stability marker are in the second category if they are still unstable. They automatically inherit the feature gate for regular calls, it can now also be used for const-calls.

Also, several holes in recursive const stability checking are being closed.
There's still one potential hole that is hard to avoid, which is when MIR
building automatically inserts calls to a particular function in stable
functions -- which happens in the panic machinery. Those need to *not* be
`rustc_const_unstable` (or manually get a `rustc_const_stable_indirect`) to be
sure they follow recursive const stability. But that's a fairly rare and special
case so IMO it's fine.

The net effect of this is that a `#[unstable]` or unmarked function can be
constified simply by marking it as `const fn`, and it will then be
const-callable from stable `const fn` and subject to recursive const stability
requirements. If it is publicly reachable (which implies it cannot be unmarked),
it will be const-unstable under the same feature gate. Only if the function ever
becomes `#[stable]` does it need a `#[rustc_const_unstable]` or
`#[rustc_const_stable]` marker to decide if this should also imply
const-stability.

Adding `#[rustc_const_unstable]` is only needed for (a) functions that need to
use unstable const lang features (including intrinsics), or (b) `#[stable]`
functions that are not yet intended to be const-stable. Adding
`#[rustc_const_stable]` is only needed for functions that are actually meant to
be directly callable from stable const code. `#[rustc_const_stable_indirect]` is
used to mark intrinsics as const-callable and for `#[rustc_const_unstable]`
functions that are actually called from other, exposed-on-stable `const fn`. No
other attributes are required.
2024-10-25 20:31:40 +02:00

57 lines
2.1 KiB
Rust
Raw Blame History

#![stable(feature = "dummy", since = "1.0.0")]
// ignore-tidy-linelength
#![feature(intrinsics, staged_api)]
use std::mem;
extern "rust-intrinsic" {
#[stable(feature = "dummy", since = "1.0.0")]
#[rustc_const_stable(feature = "const_intrinsic_copy", since = "1.63.0")]
fn copy_nonoverlapping<T>(src: *const T, dst: *mut T, count: usize);
#[stable(feature = "dummy", since = "1.0.0")]
#[rustc_const_stable(feature = "const_intrinsic_copy", since = "1.63.0")]
fn copy<T>(src: *const T, dst: *mut T, count: usize);
}
const COPY_ZERO: () = unsafe {
// Since we are not copying anything, this should be allowed.
let src = ();
let mut dst = ();
copy_nonoverlapping(&src as *const _ as *const u8, &mut dst as *mut _ as *mut u8, 0);
};
const COPY_OOB_1: () = unsafe {
let mut x = 0i32;
let dangle = (&mut x as *mut i32).wrapping_add(10);
// Zero-sized copy is fine.
copy_nonoverlapping(0x100 as *const i32, dangle, 0);
// Non-zero-sized copy is not.
copy_nonoverlapping(0x100 as *const i32, dangle, 1); //~ ERROR evaluation of constant value failed [E0080]
//~| got 0x100[noalloc] which is a dangling pointer
};
const COPY_OOB_2: () = unsafe {
let x = 0i32;
let dangle = (&x as *const i32).wrapping_add(10);
// Zero-sized copy is fine.
copy_nonoverlapping(dangle, 0x100 as *mut i32, 0);
// Non-zero-sized copy is not.
copy_nonoverlapping(dangle, 0x100 as *mut i32, 1); //~ ERROR evaluation of constant value failed [E0080]
//~| +0x28 which is at or beyond the end of the allocation
};
const COPY_SIZE_OVERFLOW: () = unsafe {
let x = 0;
let mut y = 0;
copy(&x, &mut y, 1usize << (mem::size_of::<usize>() * 8 - 1)); //~ ERROR evaluation of constant value failed [E0080]
//~| overflow computing total size of `copy`
};
const COPY_NONOVERLAPPING_SIZE_OVERFLOW: () = unsafe {
let x = 0;
let mut y = 0;
copy_nonoverlapping(&x, &mut y, 1usize << (mem::size_of::<usize>() * 8 - 1)); //~ evaluation of constant value failed [E0080]
//~| overflow computing total size of `copy_nonoverlapping`
};
fn main() {
}
Reference in a new issue View git blame Copy permalink