Make non-power-of-two alignments a validity error in Layout
#95361
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
(rust-highfive has picked a reviewer for you, use r? to override) |
This comment has been minimized.
This comment has been minimized.
|
@bors rollup=iffy (I manually crafted a 32-bit stderr, which I could easily have done wrong) |
bjorn3
reviewed
Mar 27, 2022
| LL | const LAYOUT_INVALID: Layout = unsafe { Layout::from_size_align_unchecked(0x1000, 0x00) }; | ||
| | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ type validation failed at .align_: encountered 0, but expected something greater or equal to 1 | ||
| LL | const LAYOUT_INVALID_ZERO: Layout = unsafe { Layout::from_size_align_unchecked(0x1000, 0x00) }; | ||
| | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ type validation failed at .align_.0.<enum-tag>: encountered 0x00000000, but expected a valid enum tag |
There was a problem hiding this comment.
This error message is not exactly clear about what property the value needs to have.
There was a problem hiding this comment.
I think that's ok. It's a best-effort UB check -- the place to look is at the # Safety comment, not the error message.
One gets essentially the same error from things like this too:
pub const BAD_ORDERING: std::cmp::Ordering = unsafe { std::mem::transmute(3_u8) };So it'll get better here if the error in general gets better for enums, which seems fine for this PR.
|
This feels like overall a good change to me, modulo the one nit -- r=me with that fixed or we can discuss if you disagree. I would prefer for the commits to all be squashed into one as well. |
Inspired by the zulip conversation about how `Layout` should better enforce `size < isize::MAX as usize`, this uses an N-variant enum on N-bit platforms to require at the validity level that the existing invariant of "must be a power of two" is upheld. This was MIRI can catch it, and means there's a more-specific type for `Layout` to store than just `NonZeroUsize`.
|
Removed the macro and squashed. @bors r=Mark-Simulacrum |
|
📌 Commit fe0c08a has been approved by |
Dylan-DPC
added a commit
to Dylan-DPC/rust
that referenced
this pull request
Apr 9, 2022
…crum Make non-power-of-two alignments a validity error in `Layout` Inspired by the zulip conversation about how `Layout` should better enforce `size <= isize::MAX as usize`, this uses an N-variant enum on N-bit platforms to require at the validity level that the existing invariant of "must be a power of two" is upheld. This was MIRI can catch it, and means there's a more-specific type for `Layout` to store than just `NonZeroUsize`. It's left as `pub(crate)` here; a future PR could consider giving it a tracking issue for non-internal usage.
bors
added a commit
to rust-lang-ci/rust
that referenced
this pull request
Apr 9, 2022
Rollup of 7 pull requests Successful merges: - rust-lang#94794 (Clarify indexing into Strings) - rust-lang#95361 (Make non-power-of-two alignments a validity error in `Layout`) - rust-lang#95369 (Fix `x test src/librustdoc` with `download-rustc` enabled ) - rust-lang#95805 (Left overs of rust-lang#95761) - rust-lang#95808 (expand: Remove `ParseSess::missing_fragment_specifiers`) - rust-lang#95817 (hide another #[allow] directive from a docs example) - rust-lang#95831 (Use bitwise XOR in to_ascii_uppercase) Failed merges: r? `@ghost` `@rustbot` modify labels: rollup
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Inspired by the zulip conversation about how
Layoutshould better enforcesize <= isize::MAX as usize, this uses an N-variant enum on N-bit platforms to require at the validity level that the existing invariant of "must be a power of two" is upheld.This was MIRI can catch it, and means there's a more-specific type for
Layoutto store than justNonZeroUsize.It's left as
pub(crate)here; a future PR could consider giving it a tracking issue for non-internal usage.