Lang/RfL meeting 2025-03-26

Attendance

People: Miguel Ojeda, Gary Guo, Boqun Feng, TC, Niko, Wesley Wiser, Josh Triplett, davidtwco

Inviting Linus to the all-hands

There's been discussion of inviting Linus to the all-hands. We're interested in Greg coming also, but we understand he can't make it this year. Maybe he can make it next year.

TL;DR

Most of the major items are in an iteration phase. The rustdoc changes for exporting doctests are the furthest along, with a working prototype; the RFL project has been integrating that prototype and providing feedback. Clippy stabilization now has a pre-RFC and there is active iteration towards support for build-std.

Other areas of progress:

• We have an open PR to stabilize -Zdwarf-version.
• The lang and types team have been discussing the best path forward to resolve #136702. This is a soundness concern that was raised around certain casts, specifically, casts from a type like *mut dyn Foo + '_ (with some lifetime) to *mut dyn Foo + 'static (with a static lifetime). Rust's defaulting rules mean that the latter is more commonly written with a defaulted lifetime, i.e., just *mut dyn Foo, which makes this an easy footgun. This kind of cast has always been dubious, as it disregards the lifetime in a rather subtle way, but when combined with arbitrary self types it permits users to disregard safety invariants making it hard to enforce soundness (see #136702 for details). The current proposal under discussion in #136776 is to make this sort of cast a hard error at least outside of an unsafe block; we evaluated the feasibility of doing a future-compatibility-warning and found it was infeasible. Crater runs suggest very limited fallout from this soundness fix but discussion continues about the best set of rules to adopt so as to balance minimizing fallout with overall language simplicity.

Tracking

Tracking issue

Finalizing 2024h2 goals

• Stabilize derive(CoercePointee) (blocked on #136764 / #136776)
• Stabilize arbitrary self types v2 (blocked on #136764 / #136776)
• Stabilize asm-goto
• Support for pointers with asm_const https://github.com/rust-lang/rust/issues/128464

First two are making progress, see monthly update.

asm-goto will be released in 1.87

asm-const has a preliminary impl, gcc support is needed: https://github.com/rust-lang/rust/pull/138618

While not used in RFL, naked_asm is not on the list but it will be moving forward for stabilization. It suffers from the same LLVM bug as global_asm forgetting target feature flags.

ABI-modifying compiler flags

• Author RFC (@darksonn)
• RFC decision (compiler ![Team][])
• Implementation (draft PR from @azhogin)
• Standard reviews (compiler ![Team][])
• Stabilization decision (compiler ![Team][])

Andrew Zhogin has opened a draft PR (https://github.com/rust-lang/rust/pull/138736) following Alice's issue about which santisers should be modifiers (https://github.com/rust-lang/rust/issues/138453)

Extract dependency information, configure no-std externally (-Zcrate-attr)

• Author an RFC to stabilize RFC #3791
• Implementation ()
• Standard reviews (compiler ![Team][])
• Stabilization decision (compiler ![Team][])

Dependency thing we do not need

-Zcrate-attr has an RFC from jyn: https://github.com/rust-lang/rfcs/pull/3791

Rustdoc features to extract doc tests

• Author RFC ()
• RFC decision (rustdoc ![Team][])
• Implementation ()
• Standard reviews (rustdoc ![Team][])
• Experimentation in RFL (@ojeda)
• Stabilization decision (rustdoc ![Team][])

No update.

Clippy configuration

• RFC text (pre-RFC draft)
• Stabilization decision (clippy ![Team][])

Pre-RFC was published but hasn't (to our knowledge) made progress. Would be good to sync up on next steps with @flip1995.

Build-std (https://github.com/rust-lang/rust-project-goals/issues/274)

No update. Progress will resume next week when the contributor working on this returns from holiday.

-Zsanitize-kcfi-arity

• Tracking issue: https://github.com/rust-lang/rust/issues/138311
• Implementation (https://github.com/rust-lang/rust/pull/138368, already reviewed by davidtwco)
• Stabilization

Notes available here and here.

Unblocked to land. Ideally we'd have more end-to-end tests but that's not always possible.

Previous minutes

https://hackmd.io/e_sJtc0UQPWVgVBMDUY33A

Want to have assertions at link time…?

Some places where const assert runs too early.

Miguel can bring some of the details.

Some of the cases are parameters that always have const values but using turbofish is annoying. Others are due to limitations of const functions.

const fn foo(const len: usize) {
	
}

// ...

const fn foo<L: usize>() {
	
}

examples from chat:

125-    pub fn access<'a>(&'a self, owner: &'a U) -> &'a T
126-    where
127-        T: Sync,
128-    {
129:        build_assert!(
130-            size_of::<U>() > 0,
131-            "`U` cannot be a ZST because `owner` wouldn't be unique"
132-        );

92-    /// Creates a new instance of `C22` with a vendor specific register.
93-    pub const fn vendor_specific<const N: u8>() -> Self {
94:        build_assert!(
95-            N > 0x0f && N < 0x20,
96-            "Vendor-specific register address must be between 16 and 31"
97-        );
98-        C22(N)
99-    }

11-/// Build an ioctl number, analogous to the C macro of the same name.
12-#[inline(always)]
13-const fn _IOC(dir: u32, ty: u32, nr: u32, size: usize) -> u32 {
14:    build_assert!(dir <= uapi::_IOC_DIRMASK);
15:    build_assert!(ty <= uapi::_IOC_TYPEMASK);
16:    build_assert!(nr <= uapi::_IOC_NRMASK);
17:    build_assert!(size <= (uapi::_IOC_SIZEMASK as usize));

option A. Require something to be run only at compilation time.

option B. Niko would like to be able to declare some parameters as const as well as a more ergonomic variant on const generics, kind of like impl Trait but for constants…

11-/// Build an ioctl number, analogous to the C macro of the same name.
12-#[inline(always)]
13-const fn _IOC(const dir: u32, const ty: u32, const nr: u32, const size: usize) -> u32 {
14:    const {
         assert!(dir <= uapi::_IOC_DIRMASK);
15:      assert!(ty <= uapi::_IOC_TYPEMASK);
16:      assert!(nr <= uapi::_IOC_NRMASK);
17:      assert!(size <= (uapi::_IOC_SIZEMASK as usize));
       }

Gary: I would really like this for atomics ordering… rustc_legacy_const_generics

TC: You can hack this in Rust today. E.g.:

const fn divide<const D: u64>(n: u64) -> u64 {
    const { assert!(D > 0) }; // <--- Post-mono assertion.
    n / D
}

const fn divide_checked<const D: u64>(n: u64) -> Option<u64> {
    match D {
        0 => None,
        1.. => Some(divide::<D>(n)),
    }
}

fn main() {
    dbg!({const { divide_checked::<1>(1) }});
    dbg!({const { divide_checked::<0>(1) }}); // <--- Look here.
    dbg!(divide_checked::<1>(1));
    dbg!(divide_checked::<0>(1)); //~ ERROR
}

So we can write this:

const fn postmono_panic<T>() {
    const { panic!() }
}

const fn only_in_const() -> u8 {
    if false {
        postmono_panic::<()>();
    }
    42
}

fn main() {
    assert_eq!(42, const { only_in_const() }); //~ OK
    _ = only_in_const(); //~ ERROR
}