bjoernager/rust
bjoernager/rust
1
Fork 0
Code Activity

Rollup merge of #135236 - scottmcm:more-mcp807-library-updates, r=ChrisDenton

Browse source 
Update a bunch of library types for MCP807

This greatly reduces the number of places that actually use the `rustc_layout_scalar_valid_range_*` attributes down to just 3:
```
library/core\src\ptr\non_null.rs
68:#[rustc_layout_scalar_valid_range_start(1)]

library/core\src\num\niche_types.rs
19:        #[rustc_layout_scalar_valid_range_start($low)]
20:        #[rustc_layout_scalar_valid_range_end($high)]
```

Everything else -- PAL Nanoseconds, alloc's `Cap`, niched FDs, etc -- all just wrap those `niche_types` types.

r? ghost
This commit is contained in:
Jacob Pratt 2025-01-11 01:55:05 -05:00 committed by GitHub
commit 351e6188a8
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
17 changed files with 351 additions and 214 deletions
Download patch file Download diff file Expand all files Collapse all files

1
library/std/src/lib.rs
View file

@ -357,6 +357,7 @@
#![feature(str_internals)]
#![feature(strict_provenance_atomic_ptr)]
#![feature(sync_unsafe_cell)]
#![feature(temporary_niche_types)]
#![feature(ub_checks)]
#![feature(used_with_arg)]
// tidy-alphabetical-end

34
library/std/src/os/fd/owned.rs
View file

@ -11,6 +11,8 @@ use crate::sys::cvt;
use crate::sys_common::{AsInner, FromInner, IntoInner};
use crate::{fmt, fs, io};
type ValidRawFd = core::num::niche_types::NotAllOnes<RawFd>;
/// A borrowed file descriptor.
///
/// This has a lifetime parameter to tie it to the lifetime of something that owns the file
@ -32,15 +34,10 @@ use crate::{fmt, fs, io};
/// instead, but this is not supported on all platforms.
#[derive(Copy, Clone)]
#[repr(transparent)]
#[rustc_layout_scalar_valid_range_start(0)]
// libstd/os/raw/mod.rs assures me that every libstd-supported platform has a
// 32-bit c_int. Below is -2, in two's complement, but that only works out
// because c_int is 32 bits.
#[rustc_layout_scalar_valid_range_end(0xFF_FF_FF_FE)]
#[rustc_nonnull_optimization_guaranteed]
#[stable(feature = "io_safety", since = "1.63.0")]
pub struct BorrowedFd<'fd> {
fd: RawFd,
fd: ValidRawFd,
_phantom: PhantomData<&'fd OwnedFd>,
}
@ -56,15 +53,10 @@ pub struct BorrowedFd<'fd> {
///
/// You can use [`AsFd::as_fd`] to obtain a [`BorrowedFd`].
#[repr(transparent)]
#[rustc_layout_scalar_valid_range_start(0)]
// libstd/os/raw/mod.rs assures me that every libstd-supported platform has a
// 32-bit c_int. Below is -2, in two's complement, but that only works out
// because c_int is 32 bits.
#[rustc_layout_scalar_valid_range_end(0xFF_FF_FF_FE)]
#[rustc_nonnull_optimization_guaranteed]
#[stable(feature = "io_safety", since = "1.63.0")]
pub struct OwnedFd {
fd: RawFd,
fd: ValidRawFd,
}
impl BorrowedFd<'_> {
@ -80,7 +72,8 @@ impl BorrowedFd<'_> {
pub const unsafe fn borrow_raw(fd: RawFd) -> Self {
assert!(fd != u32::MAX as RawFd);
// SAFETY: we just asserted that the value is in the valid range and isn't `-1` (the only value bigger than `0xFF_FF_FF_FE` unsigned)
unsafe { Self { fd, _phantom: PhantomData } }
let fd = unsafe { ValidRawFd::new_unchecked(fd) };
Self { fd, _phantom: PhantomData }
}
}
@ -130,7 +123,7 @@ impl BorrowedFd<'_> {
impl AsRawFd for BorrowedFd<'_> {
#[inline]
fn as_raw_fd(&self) -> RawFd {
self.fd
self.fd.as_inner()
}
}
@ -138,7 +131,7 @@ impl AsRawFd for BorrowedFd<'_> {
impl AsRawFd for OwnedFd {
#[inline]
fn as_raw_fd(&self) -> RawFd {
self.fd
self.fd.as_inner()
}
}
@ -146,7 +139,7 @@ impl AsRawFd for OwnedFd {
impl IntoRawFd for OwnedFd {
#[inline]
fn into_raw_fd(self) -> RawFd {
ManuallyDrop::new(self).fd
ManuallyDrop::new(self).fd.as_inner()
}
}
@ -164,7 +157,8 @@ impl FromRawFd for OwnedFd {
unsafe fn from_raw_fd(fd: RawFd) -> Self {
assert_ne!(fd, u32::MAX as RawFd);
// SAFETY: we just asserted that the value is in the valid range and isn't `-1` (the only value bigger than `0xFF_FF_FF_FE` unsigned)
unsafe { Self { fd } }
let fd = unsafe { ValidRawFd::new_unchecked(fd) };
Self { fd }
}
}
@ -187,12 +181,12 @@ impl Drop for OwnedFd {
#[cfg(not(target_os = "hermit"))]
{
#[cfg(unix)]
crate::sys::fs::debug_assert_fd_is_open(self.fd);
crate::sys::fs::debug_assert_fd_is_open(self.fd.as_inner());
let _ = libc::close(self.fd);
let _ = libc::close(self.fd.as_inner());
}
#[cfg(target_os = "hermit")]
let _ = hermit_abi::close(self.fd);
let _ = hermit_abi::close(self.fd.as_inner());
}
}
}

27
library/std/src/os/solid/io.rs
View file

@ -54,6 +54,9 @@ use crate::{fmt, net, sys};
/// Raw file descriptors.
pub type RawFd = i32;
// The max of this is -2, in two's complement. -1 is `SOLID_NET_INVALID_FD`.
type ValidRawFd = core::num::niche_types::NotAllOnes<RawFd>;
/// A borrowed SOLID Sockets file descriptor.
///
/// This has a lifetime parameter to tie it to the lifetime of something that
@ -69,12 +72,9 @@ pub type RawFd = i32;
/// socket, which is then borrowed under the same lifetime.
#[derive(Copy, Clone)]
#[repr(transparent)]
#[rustc_layout_scalar_valid_range_start(0)]
// This is -2, in two's complement. -1 is `SOLID_NET_INVALID_FD`.
#[rustc_layout_scalar_valid_range_end(0xFF_FF_FF_FE)]
#[rustc_nonnull_optimization_guaranteed]
pub struct BorrowedFd<'socket> {
fd: RawFd,
fd: ValidRawFd,
_phantom: PhantomData<&'socket OwnedFd>,
}
@ -87,12 +87,9 @@ pub struct BorrowedFd<'socket> {
/// an argument, it is not captured or consumed, and it never has the value
/// `SOLID_NET_INVALID_FD`.
#[repr(transparent)]
#[rustc_layout_scalar_valid_range_start(0)]
// This is -2, in two's complement. -1 is `SOLID_NET_INVALID_FD`.
#[rustc_layout_scalar_valid_range_end(0xFF_FF_FF_FE)]
#[rustc_nonnull_optimization_guaranteed]
pub struct OwnedFd {
fd: RawFd,
fd: ValidRawFd,
}
impl BorrowedFd<'_> {
@ -108,7 +105,8 @@ impl BorrowedFd<'_> {
assert!(fd != -1 as RawFd);
// SAFETY: we just asserted that the value is in the valid range and
// isn't `-1` (the only value bigger than `0xFF_FF_FF_FE` unsigned)
unsafe { Self { fd, _phantom: PhantomData } }
let fd = unsafe { ValidRawFd::new_unchecked(fd) };
Self { fd, _phantom: PhantomData }
}
}
@ -132,21 +130,21 @@ impl BorrowedFd<'_> {
impl AsRawFd for BorrowedFd<'_> {
#[inline]
fn as_raw_fd(&self) -> RawFd {
self.fd
self.fd.as_inner()
}
}
impl AsRawFd for OwnedFd {
#[inline]
fn as_raw_fd(&self) -> RawFd {
self.fd
self.fd.as_inner()
}
}
impl IntoRawFd for OwnedFd {
#[inline]
fn into_raw_fd(self) -> RawFd {
ManuallyDrop::new(self).fd
ManuallyDrop::new(self).fd.as_inner()
}
}
@ -162,14 +160,15 @@ impl FromRawFd for OwnedFd {
assert_ne!(fd, -1 as RawFd);
// SAFETY: we just asserted that the value is in the valid range and
// isn't `-1` (the only value bigger than `0xFF_FF_FF_FE` unsigned)
unsafe { Self { fd } }
let fd = unsafe { ValidRawFd::new_unchecked(fd) };
Self { fd }
}
}
impl Drop for OwnedFd {
#[inline]
fn drop(&mut self) {
unsafe { sys::net::netc::close(self.fd) };
unsafe { sys::net::netc::close(self.fd.as_inner()) };
}
}

39
library/std/src/os/windows/io/socket.rs
View file

@ -9,6 +9,9 @@ use crate::mem::{self, ManuallyDrop};
use crate::sys::cvt;
use crate::{fmt, io, sys};
// The max here is -2, in two's complement. -1 is `INVALID_SOCKET`.
type ValidRawSocket = core::num::niche_types::NotAllOnes<RawSocket>;
/// A borrowed socket.
///
/// This has a lifetime parameter to tie it to the lifetime of something that
@ -24,17 +27,10 @@ use crate::{fmt, io, sys};
/// socket, which is then borrowed under the same lifetime.
#[derive(Copy, Clone)]
#[repr(transparent)]
#[rustc_layout_scalar_valid_range_start(0)]
// This is -2, in two's complement. -1 is `INVALID_SOCKET`.
#[cfg_attr(target_pointer_width = "32", rustc_layout_scalar_valid_range_end(0xFF_FF_FF_FE))]
#[cfg_attr(
target_pointer_width = "64",
rustc_layout_scalar_valid_range_end(0xFF_FF_FF_FF_FF_FF_FF_FE)
)]
#[rustc_nonnull_optimization_guaranteed]
#[stable(feature = "io_safety", since = "1.63.0")]
pub struct BorrowedSocket<'socket> {
socket: RawSocket,
socket: ValidRawSocket,
_phantom: PhantomData<&'socket OwnedSocket>,
}
@ -47,17 +43,10 @@ pub struct BorrowedSocket<'socket> {
/// argument or returned as an owned value, and it never has the value
/// `INVALID_SOCKET`.
#[repr(transparent)]
#[rustc_layout_scalar_valid_range_start(0)]
// This is -2, in two's complement. -1 is `INVALID_SOCKET`.
#[cfg_attr(target_pointer_width = "32", rustc_layout_scalar_valid_range_end(0xFF_FF_FF_FE))]
#[cfg_attr(
target_pointer_width = "64",
rustc_layout_scalar_valid_range_end(0xFF_FF_FF_FF_FF_FF_FF_FE)
)]
#[rustc_nonnull_optimization_guaranteed]
#[stable(feature = "io_safety", since = "1.63.0")]
pub struct OwnedSocket {
socket: RawSocket,
socket: ValidRawSocket,
}
impl BorrowedSocket<'_> {
@ -73,7 +62,8 @@ impl BorrowedSocket<'_> {
#[stable(feature = "io_safety", since = "1.63.0")]
pub const unsafe fn borrow_raw(socket: RawSocket) -> Self {
assert!(socket != sys::c::INVALID_SOCKET as RawSocket);
unsafe { Self { socket, _phantom: PhantomData } }
let socket = unsafe { ValidRawSocket::new_unchecked(socket) };
Self { socket, _phantom: PhantomData }
}
}
@ -172,7 +162,7 @@ fn last_error() -> io::Error {
impl AsRawSocket for BorrowedSocket<'_> {
#[inline]
fn as_raw_socket(&self) -> RawSocket {
self.socket
self.socket.as_inner()
}
}
@ -180,7 +170,7 @@ impl AsRawSocket for BorrowedSocket<'_> {
impl AsRawSocket for OwnedSocket {
#[inline]
fn as_raw_socket(&self) -> RawSocket {
self.socket
self.socket.as_inner()
}
}
@ -188,7 +178,7 @@ impl AsRawSocket for OwnedSocket {
impl IntoRawSocket for OwnedSocket {
#[inline]
fn into_raw_socket(self) -> RawSocket {
ManuallyDrop::new(self).socket
ManuallyDrop::new(self).socket.as_inner()
}
}
@ -196,10 +186,9 @@ impl IntoRawSocket for OwnedSocket {
impl FromRawSocket for OwnedSocket {
#[inline]
unsafe fn from_raw_socket(socket: RawSocket) -> Self {
unsafe {
debug_assert_ne!(socket, sys::c::INVALID_SOCKET as RawSocket);
Self { socket }
}
debug_assert_ne!(socket, sys::c::INVALID_SOCKET as RawSocket);
let socket = unsafe { ValidRawSocket::new_unchecked(socket) };
Self { socket }
}
}
@ -208,7 +197,7 @@ impl Drop for OwnedSocket {
#[inline]
fn drop(&mut self) {
unsafe {
let _ = sys::c::closesocket(self.socket as sys::c::SOCKET);
let _ = sys::c::closesocket(self.socket.as_inner() as sys::c::SOCKET);
}
}
}

14
library/std/src/sys/pal/solid/fs.rs
View file

@ -12,15 +12,12 @@ use crate::sys::unsupported;
pub use crate::sys_common::fs::exists;
use crate::sys_common::ignore_notfound;
type CIntNotMinusOne = core::num::niche_types::NotAllOnes<c_int>;
/// A file descriptor.
#[derive(Clone, Copy)]
#[rustc_layout_scalar_valid_range_start(0)]
// libstd/os/raw/mod.rs assures me that every libstd-supported platform has a
// 32-bit c_int. Below is -2, in two's complement, but that only works out
// because c_int is 32 bits.
#[rustc_layout_scalar_valid_range_end(0xFF_FF_FF_FE)]
struct FileDesc {
fd: c_int,
fd: CIntNotMinusOne,
}
impl FileDesc {
@ -29,12 +26,13 @@ impl FileDesc {
assert_ne!(fd, -1i32);
// Safety: we just asserted that the value is in the valid range and
// isn't `-1` (the only value bigger than `0xFF_FF_FF_FE` unsigned)
unsafe { FileDesc { fd } }
let fd = unsafe { CIntNotMinusOne::new_unchecked(fd) };
FileDesc { fd }
}
#[inline]
fn raw(&self) -> c_int {
self.fd
self.fd.as_inner()
}
}

33
library/std/src/sys/pal/unix/time.rs
View file

@ -1,3 +1,5 @@
use core::num::niche_types::Nanoseconds;
use crate::time::Duration;
use crate::{fmt, io};
@ -15,12 +17,6 @@ pub(in crate::sys) const TIMESPEC_MAX_CAPPED: libc::timespec = libc::timespec {
tv_nsec: (u64::MAX % NSEC_PER_SEC) as i64,
};
#[derive(Copy, Clone, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[repr(transparent)]
#[rustc_layout_scalar_valid_range_start(0)]
#[rustc_layout_scalar_valid_range_end(999_999_999)]
struct Nanoseconds(u32);
#[derive(Copy, Clone, PartialEq, Eq, PartialOrd, Ord, Hash)]
pub struct SystemTime {
pub(crate) t: Timespec,
@ -59,14 +55,14 @@ impl fmt::Debug for SystemTime {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
f.debug_struct("SystemTime")
.field("tv_sec", &self.t.tv_sec)
.field("tv_nsec", &self.t.tv_nsec.0)
.field("tv_nsec", &self.t.tv_nsec)
.finish()
}
}
impl Timespec {
const unsafe fn new_unchecked(tv_sec: i64, tv_nsec: i64) -> Timespec {
Timespec { tv_sec, tv_nsec: unsafe { Nanoseconds(tv_nsec as u32) } }
Timespec { tv_sec, tv_nsec: unsafe { Nanoseconds::new_unchecked(tv_nsec as u32) } }
}
pub const fn zero() -> Timespec {
@ -147,12 +143,15 @@ impl Timespec {
//
// Ideally this code could be rearranged such that it more
// directly expresses the lower-cost behavior we want from it.
let (secs, nsec) = if self.tv_nsec.0 >= other.tv_nsec.0 {
((self.tv_sec - other.tv_sec) as u64, self.tv_nsec.0 - other.tv_nsec.0)
let (secs, nsec) = if self.tv_nsec.as_inner() >= other.tv_nsec.as_inner() {
(
(self.tv_sec - other.tv_sec) as u64,
self.tv_nsec.as_inner() - other.tv_nsec.as_inner(),
)
} else {
(
(self.tv_sec - other.tv_sec - 1) as u64,
self.tv_nsec.0 + (NSEC_PER_SEC as u32) - other.tv_nsec.0,
self.tv_nsec.as_inner() + (NSEC_PER_SEC as u32) - other.tv_nsec.as_inner(),
)
};
@ -170,7 +169,7 @@ impl Timespec {
// Nano calculations can't overflow because nanos are <1B which fit
// in a u32.
let mut nsec = other.subsec_nanos() + self.tv_nsec.0;
let mut nsec = other.subsec_nanos() + self.tv_nsec.as_inner();
if nsec >= NSEC_PER_SEC as u32 {
nsec -= NSEC_PER_SEC as u32;
secs = secs.checked_add(1)?;
@ -182,7 +181,7 @@ impl Timespec {
let mut secs = self.tv_sec.checked_sub_unsigned(other.as_secs())?;
// Similar to above, nanos can't overflow.
let mut nsec = self.tv_nsec.0 as i32 - other.subsec_nanos() as i32;
let mut nsec = self.tv_nsec.as_inner() as i32 - other.subsec_nanos() as i32;
if nsec < 0 {
nsec += NSEC_PER_SEC as i32;
secs = secs.checked_sub(1)?;
@ -194,7 +193,7 @@ impl Timespec {
pub fn to_timespec(&self) -> Option<libc::timespec> {
Some(libc::timespec {
tv_sec: self.tv_sec.try_into().ok()?,
tv_nsec: self.tv_nsec.0.try_into().ok()?,
tv_nsec: self.tv_nsec.as_inner().try_into().ok()?,
})
}
@ -203,7 +202,7 @@ impl Timespec {
#[cfg(target_os = "nto")]
pub(in crate::sys) fn to_timespec_capped(&self) -> Option<libc::timespec> {
// Check if timeout in nanoseconds would fit into an u64
if (self.tv_nsec.0 as u64)
if (self.tv_nsec.as_inner() as u64)
.checked_add((self.tv_sec as u64).checked_mul(NSEC_PER_SEC)?)
.is_none()
{
@ -219,7 +218,7 @@ impl Timespec {
not(target_arch = "riscv32")
))]
pub fn to_timespec64(&self) -> __timespec64 {
__timespec64::new(self.tv_sec, self.tv_nsec.0 as _)
__timespec64::new(self.tv_sec, self.tv_nsec.as_inner() as _)
}
}
@ -293,7 +292,7 @@ impl fmt::Debug for Instant {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
f.debug_struct("Instant")
.field("tv_sec", &self.t.tv_sec)
.field("tv_nsec", &self.t.tv_nsec.0)
.field("tv_nsec", &self.t.tv_nsec)
.finish()
}
}