Merge pull request #5 from rust-lang/feat/code-considerations

Initial code considerations and other sections

Author: KodrAus

.travis.yml

@@ -8,7 +8,6 @@ cache:
   - book/linkcheck/
 before_install:
 - shopt -s globstar
-- MAX_LINE_LENGTH=100 bash ci/check_line_lengths.sh src/**/*.md
 install:
 - source ~/.cargo/env || true
 - cargo install mdbook --version '^0.4.5'

src/SUMMARY.md

@@ -1,3 +1,41 @@
 # Summary
 
 [About this guide](./about-this-guide.md)
+
+[Getting started](./getting-started.md)
+
+[Reviewer checklist](./reviewer-checklist.md)
+
+---
+
+- [The feature lifecycle](./feature-lifecycle/summary.md)
+    - [Landing new features](./feature-lifecycle/new-unstable-features.md)
+    - [Using tracking issues](./feature-lifecycle/tracking-issues.md)
+    - [Stabilizing features](./feature-lifecycle/stabilization.md)
+    - [Deprecating features](./feature-lifecycle/deprecation.md)
+
+---
+
+- [Code considerations](./code-considerations/summary.md)
+    - [Design](./code-considerations/design/summary.md)
+        - [Public APIs](./code-considerations/design/public-apis.md)
+    - [Breaking changes](./code-considerations/breaking-changes/summary.md)
+        - [Breakage from changing behavior](./code-considerations/breaking-changes/behavior.md)
+        - [Breakage from new trait impls](./code-considerations/breaking-changes/new-trait-impls.md)
+        - [`#[fundamental]` types](./code-considerations/breaking-changes/fundamental.md)
+    - [Safety and soundness](./code-considerations/safety-and-soundness/summary.md)
+        - [Generics and unsafe](./code-considerations/safety-and-soundness/generics-and-unsafe.md)
+        - [Drop and `#[may_dangle]`](./code-considerations/safety-and-soundness/may-dangle.md)
+        - [`std::mem` and exclusive references](./code-considerations/safety-and-soundness/mem-and-exclusive-refs.md)
+    - [Using unstable language features](./code-considerations/using-unstable-lang/summary.md)
+        - [Const generics](./code-considerations/using-unstable-lang/const-generics.md)
+        - [Specialization](./code-considerations/using-unstable-lang/specialization.md)
+    - [Performance](./code-considerations/performance/summary.md)
+        - [When to `#[inline]`](./code-considerations/performance/inline.md)
+
+---
+
+- [Tools and bots](./tools-and-bots/summary.md)
+    - [`@bors`](./tools-and-bots/bors.md)
+    - [`@rust-timer`](./tools-and-bots/timer.md)
+    - [`@craterbot`](./tools-and-bots/crater.md)

src/about-this-guide.md

@@ -1,5 +1,7 @@
 # About this guide
 
+**Status:** Stub
+
 This guide is for contributors and reviewers to Rust's standard library.
 
 ## Other places to find information

src/code-considerations/breaking-changes/behavior.md

@@ -0,0 +1,9 @@
+# Breakage from changing behavior
+
+Breaking changes aren't just limited to compilation failures. Behavioral changes to stable functions generally can't be accepted. See [the `home_dir` issue](https://github.com/rust-lang/rust/pull/46799) for an example.
+
+An exception is when a behavior is specified in an RFC (such as IETF specifications for IP addresses). If a behavioral change fixes non-conformance then it can be considered a bug fix. In these cases, `@rust-lang/libs` should still be pinged for input.
+
+## For reviewers
+
+Look out for changes in existing implementations for stable functions, especially if assertions in test cases have been changed.

src/code-considerations/breaking-changes/fundamental.md

@@ -0,0 +1,31 @@
+# `#[fundamental]` types
+
+**Status:** Stub
+
+Type annotated with the `#[fundamental]` attribute have different coherence rules. See [RFC 1023](https://rust-lang.github.io/rfcs/1023-rebalancing-coherence.html) for details. That includes:
+
+- `&T`
+- `&mut T`
+- `Box<T>`
+- `Pin<T>`
+
+Typically, the scope of [breakage in new trait impls](./reviewing-code/breakage/new-trait-impls.md) is limited to inference and deref-coercion. New trait impls on `#[fundamental]` types may overlap with downstream impls and cause other kinds of breakage.
+
+[RFC 1023]: https://rust-lang.github.io/rfcs/1023-rebalancing-coherence.html
+
+## For reviewers
+
+Look out for blanket trait implementations for fundamental types, like:
+
+```rust
+impl<'a, T> PublicTrait for &'a T
+where
+    T: SomeBound,
+{
+
+}
+```
+
+unless the blanket implementation is being stabilized along with `PublicTrait`. In cases where we really want to do this, a [crater] run can help estimate the scope of the breakage.
+
+[crater]: ../../tools-and-bots/crater.md

src/code-considerations/breaking-changes/new-trait-impls.md

@@ -0,0 +1,76 @@
+# Breakage from new trait impls
+
+A lot of PRs to the standard library are adding new impls for already stable traits, which can break consumers in many weird and wonderful ways. The following sections gives some examples of breakage from new trait impls that may not be obvious just from the change made to the standard library.
+
+Also see [`#[fundamental]` types](./fundamental.md) for special considerations for types like `&T`, `&mut T`, `Box<T>`, and other core smart pointers.
+
+## Inference breaks when a second generic impl is introduced
+
+Rust will use the fact that there's only a single impl for a generic trait during inference. This breaks once a second impl makes the type of that generic ambiguous. Say we have:
+
+```rust
+// in `std`
+impl From<&str> for Arc<str> { .. }
+```
+
+```rust
+// in an external `lib`
+let b = Arc::from("a");
+```
+
+then we add:
+
+```diff
+impl From<&str> for Arc<str> { .. }
++ impl From<&str> for Arc<String> { .. }
+```
+
+then
+
+```rust
+let b = Arc::from("a");
+```
+
+will no longer compile, because we've previously been relying on inference to figure out the `T` in `Box<T>`.
+
+This kind of breakage can be ok, but a [crater] run should estimate the scope.
+
+## Deref coercion breaks when a new impl is introduced
+
+Rust will use deref coercion to find a valid trait impl if the arguments don't type check directly. This only seems to occur if there's a single impl so introducing a new one may break consumers relying on deref coercion. Say we have:
+
+```rust
+// in `std`
+impl Add<&str> for String { .. }
+
+impl Deref for String { type Target = str; .. }
+```
+
+```rust
+// in an external `lib`
+let a = String::from("a");
+let b = String::from("b");
+
+let c = a + &b;
+```
+
+then we add:
+
+```diff
+impl Add<&str> for String { .. }
++ impl Add<char> for String { .. }
+```
+
+then
+
+```rust
+let c = a + &b;
+```
+
+will no longer compile, because we won't attempt to use deref to coerce the `&String` into `&str`.
+
+This kind of breakage can be ok, but a [crater](../../tools-and-bots/crater.md) run should estimate the scope.
+
+## For reviewers
+
+Look out for new `#[stable]` trait implementations for existing stable traits.

src/code-considerations/breaking-changes/summary.md

@@ -0,0 +1,17 @@
+# Breaking changes
+
+Breaking changes should be avoided when possible. [RFC 1105](https://rust-lang.github.io/rfcs/1105-api-evolution.html) lays the foundations for what constitutes a breaking change. Breakage may be deemed acceptable or not based on its actual impact, which can be approximated with a [crater](../../tools-and-bots/crater.md) run.
+
+There are strategies for mitigating breakage depending on the impact.
+
+For changes where the value is high and the impact is high too:
+
+- Using compiler lints to try phase out broken behavior.
+
+If the impact isn't too high:
+
+- Looping in maintainers of broken crates and submitting PRs to fix them.
+
+## For reviewers
+
+Look out for changes to documented behavior and new trait impls for existing stable traits.

src/code-considerations/design/public-apis.md

@@ -0,0 +1,9 @@
+# Public API design
+
+**Status:** Stub
+
+Standard library APIs typically follow the [API Guidelines](https://rust-lang.github.io/api-guidelines/), which were originally spawned from the standard library itself.
+
+## For reviewers
+
+For new unstable features, look for any prior discussion of the proposed API to see what options and tradeoffs have already been considered. If in doubt, ping `@rust-lang/libs` for input.

src/code-considerations/design/summary.md

@@ -0,0 +1,9 @@
+# Design
+
+**Status:** Stub
+
+Most of the considerations in this guide are quality in some sense. This section has some general advice on maintaining code quality in the standard library.
+
+## For reviewers
+
+Think about how you would implement a feature and whether your approach would differ from what's being proposed. What trade-offs are being made? Is the weighting of those trade-offs the most appropriate?

src/code-considerations/performance/inline.md

@@ -0,0 +1,24 @@
+# When to `#[inline]`
+
+Inlining is a trade-off between potential execution speed, compile time and code size. There's some discussion about it in [this PR to the `hashbrown` crate](https://github.com/rust-lang/hashbrown/pull/119). From the thread:
+
+> `#[inline]` is very different than simply just an inline hint. As I mentioned before, there's no equivalent in C++ for what `#[inline]` does. In debug mode rustc basically ignores `#[inline]`, pretending you didn't even write it. In release mode the compiler will, by default, codegen an `#[inline]` function into every single referencing codegen unit, and then it will also add `inlinehint`. This means that if you have 16 CGUs and they all reference an item, every single one is getting the entire item's implementation inlined into it.
+
+You can add `#[inline]`:
+
+- To public, small, non-generic functions.
+
+You shouldn't need `#[inline]`:
+
+- On methods that have any generics in scope.
+- On methods on traits that don't have a default implementation.
+
+`#[inline]` can always be introduced later, so if you're in doubt they can just be removed.
+
+## What about `#[inline(always)]`?
+
+You should just about never need `#[inline(always)]`. It may be beneficial for private helper methods that are used in a limited number of places or for trivial operators. A micro benchmark should justify the attribute.
+
+## For reviewers
+
+`#[inline]` can always be added later, so if there's any debate about whether it's appropriate feel free to defer it by removing the annotations for a start.