RFC: Checking conditional compilation at compile time

[sivadeilra]

This proposes a minor new feature for rustc and cargo, which will allow rustc to detect
invalid usage of #[cfg] conditions, such as misspelling a "feature" name.

The feature is purely opt-in. If the user doesn't enable this feature, then there is no impact on anything.
If the user does enable this feature, then the only possible impact is that rustc fires new diagnostics.
Language semantics, codegen, etc. are all unchanged.

Rendered

[bjorn3]

How will this handle build scripts? Those can set arbitrary cfgs without any statically known list on which they could set. These are for example used to detect features supported by the used rustc version.

[sivadeilra]

I think there's two parts to it: 1) What rustc does, and 2) what build tools do.

This RFC covers what rustc does, and you get a lot of control over what forms of checking are turned on (and which are left turned off).

For Cargo, I think the best approach would be to enable checking of feature values, and initially nothing else. Since most crates use feature for conditional compilation, and not boolean --cfg values, this will cover most cases.

However, even crates that use build.rs and --cfg names other than feature could still use this feature. The build.rs script would emit --cfg valid(my_flag) in addition to (optionally) emitting --cfg my_flag. So rustc could still validate the source code, and the build.rs script could still control compilation.

edit: I could add a section clarifying the impact on build.rs scripts, if you think that would help

[jyn514]

However, even crates that use build.rs and --cfg names other than feature could still use this feature. The build.rs script would emit --cfg valid(my_flag) in addition to (optionally) emitting --cfg my_flag. So rustc could still validate the source code, and the build.rs script could still control compilation.

What happens if the build script forgets to do this (as will be the case for all proc-macros just after this is implemented)? Will cargo still warn about the missing cfg? That doesn't seem ideal.

[jyn514]

This also doesn't seem to consider that you can set --cfg in arbitrary ways, for example it's common to set --cfg docsrs from the command line when compiling for docs.rs: https://github.com/tokio-rs/tracing/blob/master/tracing-core/Cargo.toml#L39-L41

[jyn514]

I think valid_values is the most useful part of this; tracking other arbitrary cfgs seems really hard.

[jyn514]

What happens if you pass a cfg that's not marked as valid? I think you shouldn't need to specify anything that's already being passed.

[sivadeilra]

Passing --cfg foo implicitly means that foo is valid. So --cfg foo --cfg 'valid(foo)' is legal, but is redundant.

[jyn514]

I think cargo should unconditionally provide the information to rustc, and then you can configure the lint with normal lints flags (allow, deny, -D).

[sivadeilra]

@jyn512 writes:

What happens if the build script forgets to do this (as will be the case for all proc-macros just after this is implemented)? Will cargo still warn about the missing cfg? That doesn't seem ideal.

Nothing will happen, because Cargo will not enable checking the set of all --cfg names, only the set of values specified for feature. Cargo would specify --cfg valid_values(feature, "foo", "bar", ...), but by default would not specify --cfg valid(...).

Or, we could have Cargo change its behavior depending on whether there is a build.rs file or not. If there is no build.rs file, then Cargo could also enable checking cfg names (not just feature values, but cfg names). For crates where a build.rs file is used, we could disable this by default to prevent any breaks. Telemetry (like Crater runs) could then be used to find where this has any negative effect. If it's a reasonably small number of crates, I could work with the crate owners so that they could add the right --cfg valid(...) options to cover their cases. Then, this could be turned on by default, even for crates that have build.rs scripts.

This also doesn't seem to consider that you can set --cfg in arbitrary ways [...]

Good to know; I wasn't aware of docsrs.

I think this just emphasizes that it's good to split this into two parts: the mechanisms (which go in rustc) and the policy (when to use it, and when not to use it). Maybe the best policy to start with (post-stabilization) would be:

1. The code is present in rustc, but doesn't do anything until you opt-in.
2. Cargo always specifies valid_values(feature, ...) so that feature values are checked, but nothing else is checked.
3. A new Cargo.toml property controls whether checking is turned on for a given package (or crate within a package).
4. We iterate on these use cases (such as building docs, build.rs scripts, etc.) to find where this can be applied.

The goal is to make life better for devs, not worse, of course. :) I think getting the mechanisms into the compiler, and then experimenting with how to turn them on/off, would be a good first step.

[Julian-Wollersberger]

A future possibility would be to check for simple misspellings for the well-known condition names, even when -cfg valid(...) isn't used.

I guess this would catch most of the bugs this RFC wants to detect, but avoids the problem of false warnings caused by unknown -cfgs from build scripts.
Implementation wise, maybe the logic from some diagnostics can be reused, like help: a config with a similar name exists: 'test'

[Julian-Wollersberger]

The feature proposed here feels very much desireable to me and actually I'm surprised that rustc doesn't already do this.
A warning for a wrong cfg falls in the caregory of "Thank you compiler, you just safed me from a weird bug." :)

But the CLI syntax should be simplified:

rustc --cfg 'valid(name1, name2, ..., nameN)' ...
rustc --cfg 'valid_values(c, "value1", "value2", ... "valueN")' ...

• There will surely be an environment that messes up the quotes or parentheses.
• The format is inconsistent with other rustc arguments, which are like --arg=val1,val2,val3.
• These are not really --cfg arguments, so they should have their own --whatever flags.

Alternatives that spring to my mind:

rustc --valid_cfgs=name1,name2,nameN
# Not shure how the handle this "arg with a list" situation
rustc --valid_values_for=cond1=value1,value2,valueN
# Special-casing features might be worth it if it's the only thing that will be implemented
rustc --valid_features=feature1,feature2,featureN 

[sivadeilra]

But the CLI syntax should be simplified: [...]

I like that. I'll update the doc.

[sivadeilra]

I've updated the RFC. This moves the command-line options to a new --check-cfg option; the original --cfg is now unchanged. I've also clarified a few corner cases in the spec, like how to specify empty sets of valid names but still turn on checking.

I have a prototype implementation: https://github.com/sivadeilra/rust/tree/user/ardavis/check_cfg

This prototype is NOT ready for a thorough review, but it does implement the RFC.

[Havvy]

You can probably link to the reference on conditional compilation for well-known values.

As for drawbacks, it's more surface area. You're adding in command line arguments merely for a lint. And those command line arguments take up a lot of space that detracts from the arguments that actually do something.

[sivadeilra]

You can probably link to the reference on conditional compilation for well-known values.

As for drawbacks, it's more surface area. You're adding in command line arguments merely for a lint. And those command line arguments take up a lot of space that detracts from the arguments that actually do something.

What would you suggest?

I originally wrote the spec in such a way that the existing --cfg option was used for this information, and just expanded the set of syntactic forms that it would accept.

detracts from the arguments that actually do something

I'm going to push back on this. This "does something" in the same sense that the -A, -D, -W, and -F args do something. They are providing control over diagnostics. And in the case of --check-cfg, they are providing a form of static checking that we did not have before. "Clutter" is subjective; there is no ambiguity about what --check-cfg does, nor does it interfere with parsing other arguments.

[Havvy]

I'm not suggesting anything to fix it. Merely to document it. Drawbacks are inherent in almost any proposal and they should be documented in the RFC.

Usually, when I see a drawbacks section that says "None", it signals to me that the author hasn't thought hard enough about what the tradeoffs they are making actually are. I just posted the first drawback I could think of, but there are probably others, though nothing RFC-stopping to me.

[sivadeilra]

I've updated the drawbacks section.

[sivadeilra]

Hey folks, what's next? I think I've addressed all of the feedback.

[jyn514]

I think @scottmcm or another member of lang-team needs to start an FCP.

[ehuss]

Huzzah! The @rust-lang/compiler team has decided to accept this RFC.

To track further discussion, subscribe to the tracking issue here:
rust-lang/rust#82450

[Urgau]

Call for Testing

This is in preparation for stabilizing cargo check -Zcheck-cfg as always-on in Cargo.

RFC 3013 adds validation to #[cfg] conditionals to help catch typos, stale conditionals, etc.

Note: the implementaion has drasticly changed since the RFC approval, please always refer to the cargo unstable docs and rustc unstable docs.

For cargo users

Testing instructions

Requires: nightly-2024-02-06 or newer

1. On your projects, run cargo +nightly check -Zcheck-cfg
2. Fix typos / mistakes
3. Mark custom --cfgs as expected via build.rs (see docs)

Note: docs.rs now (automaticly) provides --cfg docsrs.

Feedback

We are looking for any feedback:

• Where did the feature not work as expected?
• How often did you end up having to use a build.rs directive?
  • Were there surprising cases?
  • How well can you model your needs with the check-cfg syntax
• Any concerns with -Zcheck-cfg being the default?
• Any concerns with -Zcheck-cfg being stabilized as-is?
• How many typos did you have? ;-)

You can leave feedback on the Cargo tracking issue.

For maintainers of alternative build systems

Testing instructions

Look over rustc --check-cfg and evaluate how well it would integrate with your build system.
If you can prototype it out, even better!

Feedback

We are looking for any feedback:

• Does the syntax meet your needs?
• Did the documentation anwser all your questions?
• Do you think you will have trouble making use of it?

You can leave feedback on the Rust tracking issue.

---

_{And thanks to @epage for this help in preparing this Call for Testing as well as his (and the Cargo team) support in helping move this feature forward.}

[sivadeilra]

I'm the original author of the RFC for this feature. I want to thank @Urgau and @mwkmwkmwk for driving this work through its completion! I spent the time to write the original RFC and to "sell" the idea, but unfortunately other work required my focus. I am thankful that @mwkmwkmwk picked up this work and pushed it (the first cycle), and that @Urgau repeated that exercise and took it further, all the way to completion.

Thank you both! I'm looking forward to being able to test this and use it, myself.

[U007D]

Hello,

This RFC will appear in the Call for Testing section of This Week in Rust # 534. I've removed the call-for-testing label. Please feel free to re-add it if you wish this RFC to appear in a future edition of TWiR.