PinCoerceUnsized trait into core #125048
Merged
PinCoerceUnsized trait into core #125048
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
rustbot
added
S-waiting-on-review
This comment has been minimized.
This comment has been minimized.
Noratrieb
reviewed
May 12, 2024
library/core/src/ops/deref.rs
Outdated
| #[unstable(feature = "stable_deref_trait", issue = "123430")] | ||
| /// # Safety | ||
| /// | ||
| /// Any two calls to `deref` must return the same value at the same address unless |
There was a problem hiding this comment.
"same value at the same address" here is pretty vague, and it's unclear to me without reading the RFC thread what exactly that entails and how it compares to the stable deref trait crate. notably, the preconditions on the crate are currently not satisfied by Box because of the special strict aliasing rules imposed by it.
There was a problem hiding this comment.
The meaning of "same value" is that the concrete type must not change. I copied the explanation in below. Was it unclear?
Here, "same value" means that if
derefreturns a trait object, then the actual type behind that trait object must not change. Additionally, when you unsize coerce fromSelftoUnsized, then if you callderefonUnsizedand get a trait object, then the underlying type of that trait object must be<Self as Deref>::Target.Analogous requirements apply to other unsized types. E.g., if
derefreturns[T], then the length must not change. In other words, the underlying type must not change from[T; N]to[T; M].
The motivation for this requirement is that with trait objects, you could otherwise first return one struct, and then later return some wrapper struct that wraps the original struct using #[repr(transparent)].
library/core/src/ops/deref.rs
Outdated
| @@ -309,3 +309,25 @@ impl<T: ?Sized> Receiver for &T {} | |||
|
|
|||
| #[unstable(feature = "receiver_trait", issue = "none")] | |||
| impl<T: ?Sized> Receiver for &mut T {} | |||
|
|
|||
| #[lang = "stable_deref"] | |||
There was a problem hiding this comment.
This shouldn't be made into a lang item until it's actually used by the compiler. I feel like having unused lang items is not desirable.
There was a problem hiding this comment.
is there any chance of us somehow managing to check and error in that case?
There was a problem hiding this comment.
thinks okay the moment this left my hands the answer came to me as "probably not usefully" (it would only be one more formality-tier listing somewhere and someone will just add it to that).
There was a problem hiding this comment.
I think the use of it is rather imminent. Ideally with #123472 this would go into the trait bounds that #[derive(SmartPointer)] generates.
There was a problem hiding this comment.
I came to my right sense! I have dropped the lang term here.
93 tasks
dingxiangfei2009
force-pushed
the
stable-deref
branch
from
711777b to
269eff8
Compare
This comment has been minimized.
This comment has been minimized.
dingxiangfei2009
force-pushed
the
stable-deref
branch
3 times, most recently
from
1795d68 to
77f8779
Compare
dingxiangfei2009
force-pushed
the
stable-deref
branch
from
77f8779 to
5b034e4
Compare
dingxiangfei2009
changed the title
This comment has been minimized.
This comment has been minimized.
dingxiangfei2009
force-pushed
the
stable-deref
branch
from
5b034e4 to
072c114
Compare
6 tasks
dingxiangfei2009
force-pushed
the
stable-deref
branch
from
072c114 to
d5e4fcb
Compare
|
It would make sense to add the following as a test: use core::cell::{Cell, RefCell, UnsafeCell};
use core::pin::Pin;
pub trait MyTrait {}
impl MyTrait for String {}
pub fn cell(arg: Pin<Cell<Box<String>>>) -> Pin<Cell<Box<dyn MyTrait>>> {
arg
}
pub fn refcell(arg: Pin<RefCell<Box<String>>>) -> Pin<RefCell<Box<dyn MyTrait>>> {
arg
}
pub fn ucell(arg: Pin<UnsafeCell<Box<String>>>) -> Pin<UnsafeCell<Box<dyn MyTrait>>> {
arg
}This compiles today, so we shouldn't break it. |
dingxiangfei2009
force-pushed
the
stable-deref
branch
from
d5e4fcb to
ea678b7
Compare
|
@Darksonn test cases have been added. |
|
@rustbot labels +I-lang-nominated +T-lang Nominating as @dingxiangfei2009 requested lang review. |
rustbot
added
I-lang-nominated
nikomatsakis
requested changes
Jul 17, 2024
library/core/src/pin.rs
Outdated
| /// `[T]`, then the length must not change. In other words, the underlying type | ||
| /// must not change from `[T; N]` to `[T; M]` with an `N` different from `M`. | ||
| /// | ||
| /// If this type alos implements `DerefMut`, then the same guarantee must be upheld by |
There was a problem hiding this comment.
Suggested change
| /// If this type alos implements `DerefMut`, then the same guarantee must be upheld by | |
| /// If this type also implements `DerefMut`, then the same guarantee must be upheld by |
|
r? @scottmcm |
bors
added
the
S-waiting-on-bors
tgross35
added a commit
to tgross35/rust
that referenced
this pull request
Jul 31, 2024
…manieu PinCoerceUnsized trait into core cc `@Darksonn` `@wedsonaf` `@ojeda` This is a PR to introduce a `PinCoerceUnsized` trait in order to make trait impls generated by the proc-macro `#[derive(SmartPointer)]`, proposed by [RFC](https://github.com/rust-lang/rfcs/blob/e17e19ac7ad1c8ccad55d4babfaee1aa107d1da5/text/3621-derive-smart-pointer.md#pincoerceunsized-1), sound. There you may find explanation, justification and discussion about the alternatives. Note that we do not seek stabilization of this `PinCoerceUnsized` trait in the near future. The stabilisation of this trait does not block the eventual stabilization process of the `#[derive(SmartPointer)]` macro. Ideally, use of `DerefPure` is more preferrable except this will actually constitute a breaking change. `PinCoerceUnsized` emerges as a solution to the said soundness hole while avoiding the breaking change. More details on the `DerefPure` option have been described in this [section](https://github.com/rust-lang/rfcs/blob/e17e19ac7ad1c8ccad55d4babfaee1aa107d1da5/text/3621-derive-smart-pointer.md#derefpure) of the RFC linked above. Earlier discussion can be found in this [Zulip stream](https://rust-lang.zulipchat.com/#narrow/stream/136281-t-opsem/topic/Pin.20and.20soundness.20of.20unsizing.20coercions) and [rust-for-linux thread](https://rust-lang.zulipchat.com/#narrow/stream/425075-rust-for-linux/topic/.23.5Bderive.28SmartPointer.29.5D.20and.20pin.20unsoundness.20rfc.233621).
bors
added a commit
to rust-lang-ci/rust
that referenced
this pull request
Jul 31, 2024
Rollup of 8 pull requests Successful merges: - rust-lang#125048 (PinCoerceUnsized trait into core) - rust-lang#127681 (derive(SmartPointer): rewrite bounds in where and generic bounds) - rust-lang#127830 (When an archive fails to build, print the path) - rust-lang#128147 (migrate fmt-write-bloat to rmake) - rust-lang#128356 (Migrate `cross-lang-lto-clang` and `cross-lang-lto-pgo-smoketest` `run-make` tests to rmake) - rust-lang#128387 (More detailed note to deprecate ONCE_INIT) - rust-lang#128388 (Match LLVM ABI in `extern "C"` functions for `f128` on Windows) - rust-lang#128412 (Remove `crate_level_only` from `ELIDED_LIFETIMES_IN_PATHS`) r? `@ghost` `@rustbot` modify labels: rollup
|
@bors r- Rollup failed, looks like |
bors
added
S-waiting-on-author
dingxiangfei2009
force-pushed
the
stable-deref
branch
from
449deaf to
d495b84
Compare
|
@tgross35 I tested |
|
@rustbot label F-derive_smart_pointer |
rustbot
added
the
F-derive_coerce_pointee
|
@bors try |
bors
added a commit
to rust-lang-ci/rust
that referenced
this pull request
Aug 6, 2024
PinCoerceUnsized trait into core cc `@Darksonn` `@wedsonaf` `@ojeda` This is a PR to introduce a `PinCoerceUnsized` trait in order to make trait impls generated by the proc-macro `#[derive(SmartPointer)]`, proposed by [RFC](https://github.com/rust-lang/rfcs/blob/e17e19ac7ad1c8ccad55d4babfaee1aa107d1da5/text/3621-derive-smart-pointer.md#pincoerceunsized-1), sound. There you may find explanation, justification and discussion about the alternatives. Note that we do not seek stabilization of this `PinCoerceUnsized` trait in the near future. The stabilisation of this trait does not block the eventual stabilization process of the `#[derive(SmartPointer)]` macro. Ideally, use of `DerefPure` is more preferrable except this will actually constitute a breaking change. `PinCoerceUnsized` emerges as a solution to the said soundness hole while avoiding the breaking change. More details on the `DerefPure` option have been described in this [section](https://github.com/rust-lang/rfcs/blob/e17e19ac7ad1c8ccad55d4babfaee1aa107d1da5/text/3621-derive-smart-pointer.md#derefpure) of the RFC linked above. Earlier discussion can be found in this [Zulip stream](https://rust-lang.zulipchat.com/#narrow/stream/136281-t-opsem/topic/Pin.20and.20soundness.20of.20unsizing.20coercions) and [rust-for-linux thread](https://rust-lang.zulipchat.com/#narrow/stream/425075-rust-for-linux/topic/.23.5Bderive.28SmartPointer.29.5D.20and.20pin.20unsoundness.20rfc.233621). try-job: dist-various-2
|
☀️ Try build successful - checks-actions |
|
@bors r=amanieu |
bors
added
S-waiting-on-bors
matthiaskrgr
added a commit
to matthiaskrgr/rust
that referenced
this pull request
Aug 6, 2024
…manieu PinCoerceUnsized trait into core cc `@Darksonn` `@wedsonaf` `@ojeda` This is a PR to introduce a `PinCoerceUnsized` trait in order to make trait impls generated by the proc-macro `#[derive(SmartPointer)]`, proposed by [RFC](https://github.com/rust-lang/rfcs/blob/e17e19ac7ad1c8ccad55d4babfaee1aa107d1da5/text/3621-derive-smart-pointer.md#pincoerceunsized-1), sound. There you may find explanation, justification and discussion about the alternatives. Note that we do not seek stabilization of this `PinCoerceUnsized` trait in the near future. The stabilisation of this trait does not block the eventual stabilization process of the `#[derive(SmartPointer)]` macro. Ideally, use of `DerefPure` is more preferrable except this will actually constitute a breaking change. `PinCoerceUnsized` emerges as a solution to the said soundness hole while avoiding the breaking change. More details on the `DerefPure` option have been described in this [section](https://github.com/rust-lang/rfcs/blob/e17e19ac7ad1c8ccad55d4babfaee1aa107d1da5/text/3621-derive-smart-pointer.md#derefpure) of the RFC linked above. Earlier discussion can be found in this [Zulip stream](https://rust-lang.zulipchat.com/#narrow/stream/136281-t-opsem/topic/Pin.20and.20soundness.20of.20unsizing.20coercions) and [rust-for-linux thread](https://rust-lang.zulipchat.com/#narrow/stream/425075-rust-for-linux/topic/.23.5Bderive.28SmartPointer.29.5D.20and.20pin.20unsoundness.20rfc.233621). try-job: dist-various-2
bors
added a commit
to rust-lang-ci/rust
that referenced
this pull request
Aug 6, 2024
…iaskrgr Rollup of 8 pull requests Successful merges: - rust-lang#125048 (PinCoerceUnsized trait into core) - rust-lang#128273 (Improve `Ord` violation help) - rust-lang#128406 (implement BufReader::peek) - rust-lang#128539 (Forbid unused unsafe in vxworks-specific std modules) - rust-lang#128687 (interpret: refactor function call handling to be better-abstracted) - rust-lang#128692 (Add a triagebot mention for `library/Cargo.lock`) - rust-lang#128710 (Don't ICE when getting an input file name's stem fails) - rust-lang#128718 (Consider `cfg_attr` checked by `CheckAttrVisitor`) r? `@ghost` `@rustbot` modify labels: rollup
bors
added a commit
to rust-lang-ci/rust
that referenced
this pull request
Aug 6, 2024
…iaskrgr Rollup of 8 pull requests Successful merges: - rust-lang#125048 (PinCoerceUnsized trait into core) - rust-lang#128273 (Improve `Ord` violation help) - rust-lang#128406 (implement BufReader::peek) - rust-lang#128539 (Forbid unused unsafe in vxworks-specific std modules) - rust-lang#128687 (interpret: refactor function call handling to be better-abstracted) - rust-lang#128692 (Add a triagebot mention for `library/Cargo.lock`) - rust-lang#128710 (Don't ICE when getting an input file name's stem fails) - rust-lang#128718 (Consider `cfg_attr` checked by `CheckAttrVisitor`) r? `@ghost` `@rustbot` modify labels: rollup
bors
added a commit
to rust-lang-ci/rust
that referenced
this pull request
Aug 7, 2024
…iaskrgr Rollup of 9 pull requests Successful merges: - rust-lang#124944 (On trait bound mismatch, detect multiple crate versions in dep tree) - rust-lang#125048 (PinCoerceUnsized trait into core) - rust-lang#128406 (implement BufReader::peek) - rust-lang#128539 (Forbid unused unsafe in vxworks-specific std modules) - rust-lang#128687 (interpret: refactor function call handling to be better-abstracted) - rust-lang#128692 (Add a triagebot mention for `library/Cargo.lock`) - rust-lang#128710 (Don't ICE when getting an input file name's stem fails) - rust-lang#128718 (Consider `cfg_attr` checked by `CheckAttrVisitor`) - rust-lang#128751 (std::thread: set_name implementation proposal for vxWorks.) r? `@ghost` `@rustbot` modify labels: rollup
rust-timer
added a commit
to rust-lang-ci/rust
that referenced
this pull request
Aug 7, 2024
Rollup merge of rust-lang#125048 - dingxiangfei2009:stable-deref, r=amanieu PinCoerceUnsized trait into core cc ``@Darksonn`` ``@wedsonaf`` ``@ojeda`` This is a PR to introduce a `PinCoerceUnsized` trait in order to make trait impls generated by the proc-macro `#[derive(SmartPointer)]`, proposed by [RFC](https://github.com/rust-lang/rfcs/blob/e17e19ac7ad1c8ccad55d4babfaee1aa107d1da5/text/3621-derive-smart-pointer.md#pincoerceunsized-1), sound. There you may find explanation, justification and discussion about the alternatives. Note that we do not seek stabilization of this `PinCoerceUnsized` trait in the near future. The stabilisation of this trait does not block the eventual stabilization process of the `#[derive(SmartPointer)]` macro. Ideally, use of `DerefPure` is more preferrable except this will actually constitute a breaking change. `PinCoerceUnsized` emerges as a solution to the said soundness hole while avoiding the breaking change. More details on the `DerefPure` option have been described in this [section](https://github.com/rust-lang/rfcs/blob/e17e19ac7ad1c8ccad55d4babfaee1aa107d1da5/text/3621-derive-smart-pointer.md#derefpure) of the RFC linked above. Earlier discussion can be found in this [Zulip stream](https://rust-lang.zulipchat.com/#narrow/stream/136281-t-opsem/topic/Pin.20and.20soundness.20of.20unsizing.20coercions) and [rust-for-linux thread](https://rust-lang.zulipchat.com/#narrow/stream/425075-rust-for-linux/topic/.23.5Bderive.28SmartPointer.29.5D.20and.20pin.20unsoundness.20rfc.233621). try-job: dist-various-2
26 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
cc @Darksonn @wedsonaf @ojeda
This is a PR to introduce a
PinCoerceUnsizedtrait in order to make trait impls generated by the proc-macro#[derive(SmartPointer)], proposed by RFC, sound. There you may find explanation, justification and discussion about the alternatives.Note that we do not seek stabilization of this
PinCoerceUnsizedtrait in the near future. The stabilisation of this trait does not block the eventual stabilization process of the#[derive(SmartPointer)]macro. Ideally, use ofDerefPureis more preferrable except this will actually constitute a breaking change.PinCoerceUnsizedemerges as a solution to the said soundness hole while avoiding the breaking change. More details on theDerefPureoption have been described in this section of the RFC linked above.Earlier discussion can be found in this Zulip stream and rust-for-linux thread.
try-job: dist-various-2