| Age | Commit message (Collapse) | Author | Lines |
|---|
|
|
|
|
|
Improve performance of `String` methods by avoiding unnecessary memcpy
for the character bytes, with added codegen check to ensure compliance.
|
|
|
|
Replace last `usize` -> `ptr` transmute in `alloc` with strict provenance API
This replaces the `usize -> ptr` transmute in `RawVecInner::new_in` with a strict provenance API (`NonNull::without_provenance`).
The API is changed to take an `Alignment` which encodes the non-null constraint needed for `Unique` and allows us to do the construction safely.
Two internal-only APIs were added to let us avoid UB-checking in this hot code: `Layout::alignment` to get the `Alignment` type directly rather than as a `usize`, and `Unique::from_non_null` to create `Unique` in const context without a transmute.
|
|
Switch some rustc_on_unimplemented uses to diagnostic::on_unimplemented
The use on the SliceIndex impl appears unreachable, there is no mention of "vector indices" in any test output and I could not get it to show up in error messages.
|
|
|
|
Implement `alloc::sync::UniqueArc`
This implements the `alloc::sync::UniqueArc` part of #112566.
|
|
Removes some unsafety and reduces the number of `usize` -> `ptr`
transmutes which might be helpful for CHERI-like targets in the future.
|
|
Encodes the safety constraint that `Unique`'s pointer must be non-zero
into the API.
|
|
|
|
|
|
|
|
|
|
|
|
This ensures that they will be correctly mangled in a future commit.
|
|
std: Mention clone-on-write mutation in Arc<T>
Fixes #138322
r? libs
|
|
document capacity for ZST as example
The main text already covers this, although it provides weaker guarantees, but I think an example in the right spot does not hurt. Fixes #80747
|
|
Fix Ptr inconsistency in {Rc,Arc}
### PR Description
This pr aims to address the problem discussed on [zulip](https://rust-lang.zulipchat.com/#narrow/channel/219381-t-libs/topic/Inconsistency.20in.20.7BRc.2CArc.7D's.20ptr.20requirements/with/504259637).
### Problem Clarification
As this post presents, the `{Rc, Arc}::{in/de-crement_strong_count_/in}` do not limit the layout of the memory that `ptr` points to, while internally `Rc::from_raw_in` is called directly.
UB doesn't just appear when the strong count is decremented to zero. Miri also detects the UB of `out-of-bounds pointer use` when increment strong count is called on a pointer with an incorrect layout(shown as below).
```rust
use std::rc::Rc;
#[repr(align(8))]
struct Aligned8(u64);
#[repr(align(16))]
struct Aligned16(u64);
fn main() {
let rc: Rc<Aligned8> = Rc::new(Aligned8(42));
let raw_ptr = Rc::into_raw(rc);
unsafe {
Rc::increment_strong_count(raw_ptr as *const Aligned16);
}
}
```
Miri output:
```
error: Undefined Behavior: out-of-bounds pointer use: expected a pointer to 32 bytes of memory, but got alloc954 which is only 24 bytes from the end of the allocation
```
|
|
intrinsics: remove unnecessary leading underscore from argument names
This is unnecessary since https://github.com/rust-lang/rust/pull/135840.
|
|
Add PeekMut::refresh
I'm not sure if this should go through ACP or not. BinaryHeap is not the most critical data structure in the standard library and it would be understandable if maintainer throughput is thus too limited to accept this PR without a proper design phase that ensures the required understanding of consequence over a longer time period.
This aims to improve the useability of heaps for priority-based work queues. In certain scenarios, modifications on the most relevant or critical items are performed until a condition that determines the work items have been sufficiently addressed. For instance the criticality could be a deadline that is relaxed whenever some part of a work item is completed. Such a loop will repeatedly access the most critical item and put it back in a sorted position when it is complete. Crucially, due to the ordering invariant we know that all necessary work was performed when the completed item remains the most critical. Getting this information from the heap position avoids a (potentially more costly) check on the item state itself.
A customized `drop` with boolean result would avoid up to two more comparisons performed in both the last no-op refresh and Drop code but this occurs once in each execution of the above scenario whereas refresh occurs any number of times. Also note that the comparison overhead of Drop is only taken if the element is mutably inspected to determine the end condition, i.e. not when refresh itself is the break condition.
|
|
|
|
This improves the useability of heaps for priority-based work queues. In
certain scenarios, modifications on the most relevant or critical items are
performed until a condition that determines the work items have been
sufficiently addressed. The loop will repeatedly access the most critical
item and put it back in a sorted position when it is complete. Crucially,
due to the ordering invariant we know that all work was performed when the
completed item remains the most critical. Getting this information from the
heap position avoids a (potentially more costly) check on the item state
itself.
A customized `drop` with boolean result would avoid up to two more
comparisons performed in both the last no-op refresh and Drop code but this
occurs once in each execution of the above scenario whereas refresh occurs
any number of times. Also note that the comparison overhead of Drop is only
taken if the element is mutably inspected to determine the end condition,
i.e. not when refresh itself is the break condition.
|
|
Signed-off-by: xizheyin <xizheyin@smail.nju.edu.cn>
|
|
|
|
|
|
|
|
This feature was approved for stabilization in
https://github.com/rust-lang/rust/issues/129041#issuecomment-2508940661
so this change stabilizes it.
|
|
Put the alloc unit tests in a separate alloctests package
Same rationale as https://github.com/rust-lang/rust/pull/135937. This PR has some extra complexity though as a decent amount of tests are testing internal implementation details rather than the public api. As such I opted to include the modules containing the types under test using `#[path]` into the alloctests package. This means that those modules still need `#[cfg(test)]`, but the rest of liballoc no longer need it.
|
|
|
|
For the tests that make use of internal implementation details, we
include the module to test using #[path] in alloctests now.
|
|
|
|
|
|
|
|
Ergonomic ref counting
This is an experimental first version of ergonomic ref counting.
This first version implements most of the RFC but doesn't implement any of the optimizations. This was left for following iterations.
RFC: https://github.com/rust-lang/rfcs/pull/3680
Tracking issue: https://github.com/rust-lang/rust/issues/132290
Project goal: https://github.com/rust-lang/rust-project-goals/issues/107
r? ```@nikomatsakis```
|
|
library: Use `size_of` from the prelude instead of imported
Use `std::mem::{size_of, size_of_val, align_of, align_of_val}` from the prelude instead of importing or qualifying them.
These functions were added to all preludes in Rust 1.80.
try-job: test-various
try-job: x86_64-gnu
try-job: x86_64-msvc-1
|
|
Use `std::mem::{size_of, size_of_val, align_of, align_of_val}` from the
prelude instead of importing or qualifying them.
These functions were added to all preludes in Rust 1.80.
|
|
|
|
|
|
Stabilize `string_extend_from_within`
FCP'd here: https://github.com/rust-lang/rust/issues/103806#issuecomment-2674989531.
Closes #103806.
|
|
Stabilize `box_uninit_write`
Closes: https://github.com/rust-lang/rust/issues/129397.
|
|
More precisely document `Global::deallocate()`'s safety.
There is a subtlety which "other conditions must be upheld by the caller" does not capture: `GlobalAlloc`/`alloc::dealloc()` require that the provided layout will be *equal*, not just that it "fits", the layout used to allocate. This is always true here due to how `allocate()`, `grow()`, and `shrink()` are implemented (they never return a larger allocation than requested), but that is a non-local property of the implementation, so it should be documented explicitly.
r? libs
`@rustbot` label A-allocators
|
|
|
|
There is a subtlety which "other conditions must be upheld by the caller"
does not capture: `GlobalAlloc`/`alloc::dealloc()` require that the
provided layout will be *equal*, not just that it "fits", the layout
used to allocate. This is always true here due to how `allocate()`,
`grow()`, and `shrink()` are implemented (they never return a larger
allocation than requested), but that is a non-local property of the
implementation, so it should be documented explicitly.
|
|
Don't doc-comment BTreeMap<K, SetValZST, A>
This otherwise shows up in documentation as an empty impl block (worse, at the *top* of the docs above the public impls).
|
|
Rollup of 8 pull requests
Successful merges:
- #134655 (Stabilize `hash_extract_if`)
- #135933 (Explain how Vec::with_capacity is faithful)
- #136668 (Stabilize `core::str::from_utf8_mut` as `const`)
- #136775 (Update `String::from_raw_parts` safety requirements)
- #137109 (stabilize extract_if)
- #137349 (Implement `read_buf` for zkVM stdin)
- #137493 (configure.py: don't instruct user to run nonexistent program)
- #137516 (remove some unnecessary rustc_const_unstable)
r? `@ghost`
`@rustbot` modify labels: rollup
|
|
|
|
stabilize extract_if
Tracking issue: #43244
Closes: #43244
FCP completed: https://github.com/rust-lang/rust/issues/43244#issuecomment-2523595704
|
|
Update `String::from_raw_parts` safety requirements
These have become out of sync with `Vec::from_raw_part`'s safety requirements, and are likely to diverge again. I think it's safest to just point at `Vec`'s requirements.
https://github.com/rust-lang/rust/issues/119206#issuecomment-2180116680
|
|
Explain how Vec::with_capacity is faithful
This is a revival of https://github.com/rust-lang/rust/pull/99790 building on the prose of `@workingjubilee` and edits of `@jmaargh.` Closes https://github.com/rust-lang/rust/issues/99385.
|
