Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

do not mark interior mutable shared refs as dereferenceable #98017

Merged
merged 3 commits into from
Jul 23, 2022

Conversation

RalfJung
Copy link
Member

@RalfJung RalfJung commented Jun 12, 2022

My proposed solution to #55005.

@rust-highfive
Copy link
Collaborator

r? @wesleywiser

(rust-highfive has picked a reviewer for you, use r? to override)

@rustbot rustbot added the T-compiler Relevant to the compiler team, which will review and decide on the PR/issue. label Jun 12, 2022
@rust-highfive rust-highfive added the S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. label Jun 12, 2022
@RalfJung
Copy link
Member Author

This will fail a codegen test, but I think try builds don't care?
@bors try

@bors
Copy link
Contributor

bors commented Jun 12, 2022

⌛ Trying commit 1af98f60f0facb1221bda0b6819791691264d583 with merge 7c7ee4caf159c6825c63c55cde19b5727f1d55ba...

@rust-log-analyzer

This comment has been minimized.

@bors
Copy link
Contributor

bors commented Jun 12, 2022

☀️ Try build successful - checks-actions
Build commit: 7c7ee4caf159c6825c63c55cde19b5727f1d55ba (7c7ee4caf159c6825c63c55cde19b5727f1d55ba)

@nikic
Copy link
Contributor

nikic commented Jun 12, 2022

What information do you hope to gain from a crater run here? If I understood correct, his allows less optimization, not more, so it shouldn't break any unsafe code assumptions?

@RalfJung RalfJung changed the title [crater experiment] make only frozen references as dereferenceable [perf experiment] make only frozen references as dereferenceable Jun 12, 2022
@RalfJung
Copy link
Member Author

Sorry, I meant "perf experiment", not crater 🤦

@RalfJung
Copy link
Member Author

@rust-timer queue

@rust-timer
Copy link
Collaborator

Awaiting bors try build completion.

@rustbot label: +S-waiting-on-perf

@rustbot rustbot added the S-waiting-on-perf Status: Waiting on a perf run to be completed. label Jun 12, 2022
@bjorn3
Copy link
Member

bjorn3 commented Jun 12, 2022

@rust-timer build 7c7ee4caf159c6825c63c55cde19b5727f1d55ba

@rust-timer
Copy link
Collaborator

Queued 7c7ee4caf159c6825c63c55cde19b5727f1d55ba with parent 37a4225, future comparison URL.

@RalfJung
Copy link
Member Author

RalfJung commented Jun 12, 2022

Ah, how do I start a perf run when the try build is already done? Sadly I found no documentation for rust-timer commands... the forge only lists the "queue" command.

EDIT: Thanks @bjorn3 :)

@bjorn3
Copy link
Member

bjorn3 commented Jun 12, 2022

@rust-timer
Copy link
Collaborator

Finished benchmarking commit (7c7ee4caf159c6825c63c55cde19b5727f1d55ba): comparison url.

Instruction count

  • Primary benchmarks: 🎉 relevant improvements found
  • Secondary benchmarks: 🎉 relevant improvements found
mean1 max count2
Regressions 😿
(primary)
0.6% 0.8% 5
Regressions 😿
(secondary)
0.9% 1.0% 2
Improvements 🎉
(primary)
-0.4% -2.9% 84
Improvements 🎉
(secondary)
-0.4% -0.9% 29
All 😿🎉 (primary) -0.3% -2.9% 89

Max RSS (memory usage)

Results
  • Primary benchmarks: no relevant changes found
  • Secondary benchmarks: mixed results
mean1 max count2
Regressions 😿
(primary)
N/A N/A 0
Regressions 😿
(secondary)
2.0% 2.0% 1
Improvements 🎉
(primary)
N/A N/A 0
Improvements 🎉
(secondary)
-3.6% -3.6% 1
All 😿🎉 (primary) N/A N/A 0

Cycles

Results
  • Primary benchmarks: 🎉 relevant improvement found
  • Secondary benchmarks: no relevant changes found
mean1 max count2
Regressions 😿
(primary)
N/A N/A 0
Regressions 😿
(secondary)
N/A N/A 0
Improvements 🎉
(primary)
-2.0% -2.0% 1
Improvements 🎉
(secondary)
N/A N/A 0
All 😿🎉 (primary) -2.0% -2.0% 1

If you disagree with this performance assessment, please file an issue in rust-lang/rustc-perf.

Benchmarking this pull request likely means that it is perf-sensitive, so we're automatically marking it as not fit for rolling up. While you can manually mark this PR as fit for rollup, we strongly recommend not doing so since this PR may lead to changes in compiler perf.

@bors rollup=never
@rustbot label: +S-waiting-on-review -S-waiting-on-perf -perf-regression

Footnotes

  1. the arithmetic mean of the percent change 2 3

  2. number of relevant changes 2 3

@rustbot rustbot removed the S-waiting-on-perf Status: Waiting on a perf run to be completed. label Jun 12, 2022
@RalfJung
Copy link
Member Author

It is documented at https://github.com/rust-lang/rustc-perf/tree/master/collector#how-to-benchmark-a-change-using-the-benchmark-server as "the harder way".

Ah, so there's a bot and a collector, but the bot command docs are with the collector. No wonder I missed them. ;) I'll add a link to the forge. Thanks!

@RalfJung
Copy link
Member Author

So, uh, this change is more of a perf gain than a loss? That is certainly not what I expected.

My guess would be this is because we emit fewer attributes, and the attribute itself did not help the make the compiler much faster. Not sure how much we can conclude from that.

@RalfJung RalfJung changed the title [perf experiment] make only frozen references as dereferenceable [perf experiment] do not mark interior mutable shared refs as dereferenceable Jun 21, 2022
@RalfJung
Copy link
Member Author

Based on my last comment in #55005, I adjusted this PR to keep dereferenceable in mutable refs but remove it from non-frozen shared refs.

@bors try @rust-timer queue

@rust-timer
Copy link
Collaborator

Awaiting bors try build completion.

@rustbot label: +S-waiting-on-perf

@rustbot rustbot added the S-waiting-on-perf Status: Waiting on a perf run to be completed. label Jun 21, 2022
@bors
Copy link
Contributor

bors commented Jul 22, 2022

📌 Commit 35c6dec has been approved by nikic

It is now in the queue for this repository.

@bors bors added S-waiting-on-bors Status: Waiting on bors to run and complete tests. Bors will change the label on completion. and removed S-waiting-on-team Status: Awaiting decision from the relevant subteam (see the T-<team> label). labels Jul 22, 2022
@bors
Copy link
Contributor

bors commented Jul 22, 2022

⌛ Testing commit 35c6dec with merge 848090d...

@bors
Copy link
Contributor

bors commented Jul 23, 2022

☀️ Test successful - checks-actions
Approved by: nikic
Pushing 848090d to master...

@bors bors added the merged-by-bors This PR was explicitly merged by bors. label Jul 23, 2022
@bors bors merged commit 848090d into rust-lang:master Jul 23, 2022
@rustbot rustbot added this to the 1.64.0 milestone Jul 23, 2022
@rust-timer
Copy link
Collaborator

Finished benchmarking commit (848090d): comparison url.

Instruction count

This benchmark run did not return any relevant results for this metric.

Max RSS (memory usage)

Results
  • Primary benchmarks: 🎉 relevant improvements found
  • Secondary benchmarks: no relevant changes found
mean1 max count2
Regressions 😿
(primary)
N/A N/A 0
Regressions 😿
(secondary)
N/A N/A 0
Improvements 🎉
(primary)
-3.1% -3.9% 2
Improvements 🎉
(secondary)
N/A N/A 0
All 😿🎉 (primary) -3.1% -3.9% 2

Cycles

Results
  • Primary benchmarks: no relevant changes found
  • Secondary benchmarks: 🎉 relevant improvement found
mean1 max count2
Regressions 😿
(primary)
N/A N/A 0
Regressions 😿
(secondary)
N/A N/A 0
Improvements 🎉
(primary)
N/A N/A 0
Improvements 🎉
(secondary)
-2.0% -2.0% 1
All 😿🎉 (primary) N/A N/A 0

If you disagree with this performance assessment, please file an issue in rust-lang/rustc-perf.

@rustbot label: -perf-regression

Footnotes

  1. the arithmetic mean of the percent change 2

  2. number of relevant changes 2

@RalfJung RalfJung deleted the dereferenceable branch July 23, 2022 11:43
@m-ou-se
Copy link
Member

m-ou-se commented Aug 22, 2022

It's not entirely clear to me how an implementation of Drop for Arc should look like to make use of this new rule/exception to avoid undefined behavior.

The usual pattern looks something like this:

pub struct Arc<T> {
    ptr: NonNull<ArcData<T>>,
}

struct ArcData<T> {
    ref_count: AtomicUsize,
    data: T,
}

impl<T> Arc<T> {fn data(&self) -> &ArcData<T> {
        unsafe { self.ptr.as_ref() }
    }
}

impl<T> Drop for Arc<T> {
    fn drop(&mut self) {
        if self.data().ref_count.fetch_sub(1, Release) == 1 {
            fence(Acquire);
            unsafe {
                drop(Box::from_raw(self.ptr.as_ptr()));
            }
        }
    }
}

Is this fine now?

Or is it a problem that self.data() returns a &ArcData<T> to the whole struct, as part of the same if condition expression that does the fetch_sub operation?

@RalfJung
Copy link
Member Author

Or is it a problem that self.data() returns a &ArcData to the whole struct, as part of the same if condition expression that does the fetch_sub operation?

Yes this is a problem under the rules as written, since the lifetime of ArcData is still ongoing when another thread might deallocate this memory. A raw pointer should be used instead.

It is not a problem under the rules as implemented in Miri (aka Stacked Borrows), where the "dynamic lifetime" of the reference is relevant -- the lifetime of the ref_count part of the reference is extended until fetch_sub returns, so that could still be alive when another thread deallocates the memory, but it is entirely covered by UnsafeCell; and the rest of the reference returned by self.data() is unused and hence no problem.

@apiraino apiraino removed the to-announce Announce this issue on triage meeting label Sep 8, 2022
wip-sync pushed a commit to NetBSD/pkgsrc-wip that referenced this pull request Oct 11, 2022
Pkgsrc changes:
 * Add patch to fix vendor/kqueue issue (on 32-bit hosts)
 * Adjust other patches & line numbers
 * Version bumps & checksum changes.

Upstream changes:

Version 1.64.0 (2022-09-22)
===========================

Language
--------
- [Unions with mutable references or tuples of allowed types are
  now allowed](rust-lang/rust#97995)

- It is now considered valid to deallocate memory pointed to by a
  shared reference `&T` [if every byte in `T` is inside an
  `UnsafeCell`](rust-lang/rust#98017)

- Unused tuple struct fields are now warned against in an
  allow-by-default lint, [`unused_tuple_struct_fields`]
  (rust-lang/rust#95977), similar to the
  existing warning for unused struct fields. This lint will become
  warn-by-default in the future.

Compiler
--------
- [Add Nintendo Switch as tier 3 target]
  (rust-lang/rust#88991)
  - Refer to Rust's [platform support page][platform-support-doc] for more
    information on Rust's tiered platform support.
- [Only compile `#[used]` as llvm.compiler.used for ELF targets]
  (rust-lang/rust#93718)
- [Add the `--diagnostic-width` compiler flag to define the terminal width.]
  (rust-lang/rust#95635)
- [Add support for link-flavor `rust-lld` for iOS, tvOS and watchOS]
  (rust-lang/rust#98771)

Libraries
---------
- [Remove restrictions on compare-exchange memory ordering.]
  (rust-lang/rust#98383)
- You can now `write!` or `writeln!` into an `OsString`: [Implement
  `fmt::Write` for `OsString`](rust-lang/rust#97915)
- [Make RwLockReadGuard covariant]
  (rust-lang/rust#96820)
- [Implement `FusedIterator` for `std::net::[Into]Incoming`]
  (rust-lang/rust#97300)
- [`impl<T: AsRawFd> AsRawFd for {Arc,Box}<T>`]
  (rust-lang/rust#97437)
- [`ptr::copy` and `ptr::swap` are doing untyped copies]
  (rust-lang/rust#97712)
- [Add cgroupv1 support to `available_parallelism`]
  (rust-lang/rust#97925)
- [Mitigate many incorrect uses of `mem::uninitialized`]
  (rust-lang/rust#99182)

Stabilized APIs
---------------
- [`future::IntoFuture`]
  (https://doc.rust-lang.org/stable/std/future/trait.IntoFuture.html)
- [`future::poll_fn`]
  (https://doc.rust-lang.org/stable/std/future/fn.poll_fn.html)
- [`task::ready!`]
  (https://doc.rust-lang.org/stable/std/task/macro.ready.html)
- [`num::NonZero*::checked_mul`]
  (https://doc.rust-lang.org/stable/std/num/struct.NonZeroUsize.html#method.checked_mul)
- [`num::NonZero*::checked_pow`]
  (https://doc.rust-lang.org/stable/std/num/struct.NonZeroUsize.html#method.checked_pow)
- [`num::NonZero*::saturating_mul`]
  (https://doc.rust-lang.org/stable/std/num/struct.NonZeroUsize.html#method.saturating_mul)
- [`num::NonZero*::saturating_pow`]
  (https://doc.rust-lang.org/stable/std/num/struct.NonZeroUsize.html#method.saturating_pow)
- [`num::NonZeroI*::abs`]
  (https://doc.rust-lang.org/stable/std/num/struct.NonZeroIsize.html#method.abs)
- [`num::NonZeroI*::checked_abs`]
  (https://doc.rust-lang.org/stable/std/num/struct.NonZeroIsize.html#method.checked_abs)
- [`num::NonZeroI*::overflowing_abs`]
  (https://doc.rust-lang.org/stable/std/num/struct.NonZeroIsize.html#method.overflowing_abs)
- [`num::NonZeroI*::saturating_abs`]
  (https://doc.rust-lang.org/stable/std/num/struct.NonZeroIsize.html#method.saturating_abs)
- [`num::NonZeroI*::unsigned_abs`]
  (https://doc.rust-lang.org/stable/std/num/struct.NonZeroIsize.html#method.unsigned_abs)
- [`num::NonZeroI*::wrapping_abs`]
  (https://doc.rust-lang.org/stable/std/num/struct.NonZeroIsize.html#method.wrapping_abs)
- [`num::NonZeroU*::checked_add`]
  (https://doc.rust-lang.org/stable/std/num/struct.NonZeroUsize.html#method.checked_add)
- [`num::NonZeroU*::checked_next_power_of_two`]
  (https://doc.rust-lang.org/stable/std/num/struct.NonZeroUsize.html#method.checked_next_power_of_two)
- [`num::NonZeroU*::saturating_add`]
  (https://doc.rust-lang.org/stable/std/num/struct.NonZeroUsize.html#method.saturating_add)
- [`os::unix::process::CommandExt::process_group`]
  (https://doc.rust-lang.org/stable/std/os/unix/process/trait.CommandExt.html#tymethod.process_group)
- [`os::windows::fs::FileTypeExt::is_symlink_dir`]
  (https://doc.rust-lang.org/stable/std/os/windows/fs/trait.FileTypeExt.html#tymethod.is_symlink_dir)
- [`os::windows::fs::FileTypeExt::is_symlink_file`]
  (https://doc.rust-lang.org/stable/std/os/windows/fs/trait.FileTypeExt.html#tymethod.is_symlink_file)

These types were previously stable in `std::ffi`, but are now also
available in `core` and `alloc`:

- [`core::ffi::CStr`]
  (https://doc.rust-lang.org/stable/core/ffi/struct.CStr.html)
- [`core::ffi::FromBytesWithNulError`]
  (https://doc.rust-lang.org/stable/core/ffi/struct.FromBytesWithNulError.html)
- [`alloc::ffi::CString`]
  (https://doc.rust-lang.org/stable/alloc/ffi/struct.CString.html)
- [`alloc::ffi::FromVecWithNulError`]
  (https://doc.rust-lang.org/stable/alloc/ffi/struct.FromVecWithNulError.html)
- [`alloc::ffi::IntoStringError`]
  (https://doc.rust-lang.org/stable/alloc/ffi/struct.IntoStringError.html)
- [`alloc::ffi::NulError`]
  (https://doc.rust-lang.org/stable/alloc/ffi/struct.NulError.html)

These types were previously stable in `std::os::raw`, but are now also available in `core::ffi` and `std::ffi`:

- [`ffi::c_char`]
  (https://doc.rust-lang.org/stable/std/ffi/type.c_char.html)
- [`ffi::c_double`]
  (https://doc.rust-lang.org/stable/std/ffi/type.c_double.html)
- [`ffi::c_float`]
  (https://doc.rust-lang.org/stable/std/ffi/type.c_float.html)
- [`ffi::c_int`]
  (https://doc.rust-lang.org/stable/std/ffi/type.c_int.html)
- [`ffi::c_long`]
  (https://doc.rust-lang.org/stable/std/ffi/type.c_long.html)
- [`ffi::c_longlong`]
  (https://doc.rust-lang.org/stable/std/ffi/type.c_longlong.html)
- [`ffi::c_schar`]
  (https://doc.rust-lang.org/stable/std/ffi/type.c_schar.html)
- [`ffi::c_short`]
  (https://doc.rust-lang.org/stable/std/ffi/type.c_short.html)
- [`ffi::c_uchar`]
  (https://doc.rust-lang.org/stable/std/ffi/type.c_uchar.html)
- [`ffi::c_uint`]
  (https://doc.rust-lang.org/stable/std/ffi/type.c_uint.html)
- [`ffi::c_ulong`]
  (https://doc.rust-lang.org/stable/std/ffi/type.c_ulong.html)
- [`ffi::c_ulonglong`]
  (https://doc.rust-lang.org/stable/std/ffi/type.c_ulonglong.html)
- [`ffi::c_ushort`]
  (https://doc.rust-lang.org/stable/std/ffi/type.c_ushort.html)

These APIs are now usable in const contexts:

- [`slice::from_raw_parts`]
  (https://doc.rust-lang.org/stable/core/slice/fn.from_raw_parts.html)

Cargo
-----
- [Packages can now inherit settings from the workspace so that
  the settings can be centralized in one place.]
  (rust-lang/cargo#10859) See
  [`workspace.package`](https://doc.rust-lang.org/nightly/cargo/reference/workspaces.html#the-workspacepackage-table)
  and
  [`workspace.dependencies`](https://doc.rust-lang.org/nightly/cargo/reference/workspaces.html#the-workspacedependencies-table)
  for more details on how to define these common settings.
- [Cargo commands can now accept multiple `--target` flags to build
  for multiple targets at once]
  (rust-lang/cargo#10766), and the
  [`build.target`](https://doc.rust-lang.org/nightly/cargo/reference/config.html#buildtarget)
  config option may now take an array of multiple targets.
- [The `--jobs` argument can now take a negative number to count
  backwards from the max CPUs.]
  (rust-lang/cargo#10844)
- [`cargo add` will now update `Cargo.lock`.]
  (rust-lang/cargo#10902)
- [Added](rust-lang/cargo#10838) the
  [`--crate-type`](https://doc.rust-lang.org/nightly/cargo/commands/cargo-rustc.html#option-cargo-rustc---crate-type)
  flag to `cargo rustc` to override the crate type.
- [Significantly improved the performance fetching git dependencies from GitHub
  when using a hash in the `rev` field.]
  (rust-lang/cargo#10079)

Misc
----
- [The `rust-analyzer` rustup component is now available on the stable channel.]
  (rust-lang/rust#98640)

Compatibility Notes
-------------------
- The minimum required versions for all `-linux-gnu` targets are
  now at least kernel 3.2 and glibc 2.17, for targets that previously
  supported older versions: [Increase the minimum linux-gnu
  versions](rust-lang/rust#95026)
- [Network primitives are now implemented with the ideal Rust
  layout, not the C system layout]
  (rust-lang/rust#78802). This can
  cause problems when transmuting the types.
- [Add assertion that `transmute_copy`'s `U` is not larger than `T`]
  (rust-lang/rust#98839)
- [A soundness bug in `BTreeMap` was fixed]
  (rust-lang/rust#99413) that allowed data
  it was borrowing to be dropped before the container.
- [The Drop behavior of C-like enums cast to ints has changed]
  (rust-lang/rust#96862). These are already
  discouraged by a compiler warning.
- [Relate late-bound closure lifetimes to parent fn in NLL]
  (rust-lang/rust#98835)
- [Errors at const-eval time are now in future incompatibility reports]
  (rust-lang/rust#97743)
- On the `thumbv6m-none-eabi` target, some incorrect `asm!` statements
  were erroneously accepted if they used the high registers (r8 to
  r14) as an input/output operand. [This is no longer accepted]
  (rust-lang/rust#99155).
- [`impl Trait` was accidentally accepted as the associated type
  value of return-position `impl Trait`]
  (rust-lang/rust#97346), without
  fulfilling all the trait bounds of that associated type, as long
  as the hidden type satisfies said bounds. This has been fixed.

Internal Changes
----------------

These changes do not affect any public interfaces of Rust, but they
represent significant improvements to the performance or internals
of rustc and related tools.

- Windows builds now use profile-guided optimization, providing
  10-20% improvements to compiler performance: [Utilize PGO for
  windows x64 rustc dist builds]
  (rust-lang/rust#96978)
- [Stop keeping metadata in memory before writing it to disk]
  (rust-lang/rust#96544)
- [compiletest: strip debuginfo by default for mode=ui]
  (rust-lang/rust#98140)
- Many improvements to generated code for derives, including
  performance improvements:
  - [Don't use match-destructuring for derived ops on structs.]
    (rust-lang/rust#98446)
  - [Many small deriving cleanups]
    (rust-lang/rust#98741)
  - [More derive output improvements]
    (rust-lang/rust#98758)
  - [Clarify deriving code](rust-lang/rust#98915)
  - [Final derive output improvements]
    (rust-lang/rust#99046)
  - [Stop injecting `#[allow(unused_qualifications)]` in generated
    `derive` implementations](rust-lang/rust#99485)
  - [Improve `derive(Debug)`](rust-lang/rust#98190)
- [Bump to clap 3](rust-lang/rust#98213)
- [fully move dropck to mir](rust-lang/rust#98641)
- [Optimize `Vec::insert` for the case where `index == len`.]
  (rust-lang/rust#98755)
- [Convert rust-analyzer to an in-tree tool]
  (rust-lang/rust#99603)
netbsd-srcmastr pushed a commit to NetBSD/pkgsrc that referenced this pull request Nov 16, 2022
Pkgsrc changes:
 * This package now contains rust-analyzer, so implicitly
   conflicts with that pkgsrc package.  The same goes for
   the rust-src package.
 * Add NetBSD/arm6 port
 * Add unfinished NetBSD/mipsel port
 * Revert the use of the internal LLVM,
   should now build with the new pkgsrc LLVM (15).
 * Add depndence on compat80 for sparc64 to fix the build
 * Adapt patches
 * Add CHECK_INTERPRETER_SKIP for a few (mostly unused) files.
   (A proper fix may come later.)

Upstream changes:

Version 1.64.0 (2022-09-22)
===========================

Language
--------
- [Unions with mutable references or tuples of allowed types are
  now allowed](rust-lang/rust#97995)

- It is now considered valid to deallocate memory pointed to by a
  shared reference `&T` [if every byte in `T` is inside an
  `UnsafeCell`](rust-lang/rust#98017)

- Unused tuple struct fields are now warned against in an
  allow-by-default lint, [`unused_tuple_struct_fields`]
  (rust-lang/rust#95977), similar to the
  existing warning for unused struct fields. This lint will become
  warn-by-default in the future.

Compiler
--------
- [Add Nintendo Switch as tier 3 target]
  (rust-lang/rust#88991)
  - Refer to Rust's [platform support page][platform-support-doc] for more
    information on Rust's tiered platform support.
- [Only compile `#[used]` as llvm.compiler.used for ELF targets]
  (rust-lang/rust#93718)
- [Add the `--diagnostic-width` compiler flag to define the terminal width.]
  (rust-lang/rust#95635)
- [Add support for link-flavor `rust-lld` for iOS, tvOS and watchOS]
  (rust-lang/rust#98771)

Libraries
---------
- [Remove restrictions on compare-exchange memory ordering.]
  (rust-lang/rust#98383)
- You can now `write!` or `writeln!` into an `OsString`: [Implement
  `fmt::Write` for `OsString`](rust-lang/rust#97915)
- [Make RwLockReadGuard covariant]
  (rust-lang/rust#96820)
- [Implement `FusedIterator` for `std::net::[Into]Incoming`]
  (rust-lang/rust#97300)
- [`impl<T: AsRawFd> AsRawFd for {Arc,Box}<T>`]
  (rust-lang/rust#97437)
- [`ptr::copy` and `ptr::swap` are doing untyped copies]
  (rust-lang/rust#97712)
- [Add cgroupv1 support to `available_parallelism`]
  (rust-lang/rust#97925)
- [Mitigate many incorrect uses of `mem::uninitialized`]
  (rust-lang/rust#99182)

Stabilized APIs
---------------
- [`future::IntoFuture`]
  (https://doc.rust-lang.org/stable/std/future/trait.IntoFuture.html)
- [`future::poll_fn`]
  (https://doc.rust-lang.org/stable/std/future/fn.poll_fn.html)
- [`task::ready!`]
  (https://doc.rust-lang.org/stable/std/task/macro.ready.html)
- [`num::NonZero*::checked_mul`]
  (https://doc.rust-lang.org/stable/std/num/struct.NonZeroUsize.html#method.checked_mul)
- [`num::NonZero*::checked_pow`]
  (https://doc.rust-lang.org/stable/std/num/struct.NonZeroUsize.html#method.checked_pow)
- [`num::NonZero*::saturating_mul`]
  (https://doc.rust-lang.org/stable/std/num/struct.NonZeroUsize.html#method.saturating_mul)
- [`num::NonZero*::saturating_pow`]
  (https://doc.rust-lang.org/stable/std/num/struct.NonZeroUsize.html#method.saturating_pow)
- [`num::NonZeroI*::abs`]
  (https://doc.rust-lang.org/stable/std/num/struct.NonZeroIsize.html#method.abs)
- [`num::NonZeroI*::checked_abs`]
  (https://doc.rust-lang.org/stable/std/num/struct.NonZeroIsize.html#method.checked_abs)
- [`num::NonZeroI*::overflowing_abs`]
  (https://doc.rust-lang.org/stable/std/num/struct.NonZeroIsize.html#method.overflowing_abs)
- [`num::NonZeroI*::saturating_abs`]
  (https://doc.rust-lang.org/stable/std/num/struct.NonZeroIsize.html#method.saturating_abs)
- [`num::NonZeroI*::unsigned_abs`]
  (https://doc.rust-lang.org/stable/std/num/struct.NonZeroIsize.html#method.unsigned_abs)
- [`num::NonZeroI*::wrapping_abs`]
  (https://doc.rust-lang.org/stable/std/num/struct.NonZeroIsize.html#method.wrapping_abs)
- [`num::NonZeroU*::checked_add`]
  (https://doc.rust-lang.org/stable/std/num/struct.NonZeroUsize.html#method.checked_add)
- [`num::NonZeroU*::checked_next_power_of_two`]
  (https://doc.rust-lang.org/stable/std/num/struct.NonZeroUsize.html#method.checked_next_power_of_two)
- [`num::NonZeroU*::saturating_add`]
  (https://doc.rust-lang.org/stable/std/num/struct.NonZeroUsize.html#method.saturating_add)
- [`os::unix::process::CommandExt::process_group`]
  (https://doc.rust-lang.org/stable/std/os/unix/process/trait.CommandExt.html#tymethod.process_group)
- [`os::windows::fs::FileTypeExt::is_symlink_dir`]
  (https://doc.rust-lang.org/stable/std/os/windows/fs/trait.FileTypeExt.html#tymethod.is_symlink_dir)
- [`os::windows::fs::FileTypeExt::is_symlink_file`]
  (https://doc.rust-lang.org/stable/std/os/windows/fs/trait.FileTypeExt.html#tymethod.is_symlink_file)

These types were previously stable in `std::ffi`, but are now also
available in `core` and `alloc`:

- [`core::ffi::CStr`]
  (https://doc.rust-lang.org/stable/core/ffi/struct.CStr.html)
- [`core::ffi::FromBytesWithNulError`]
  (https://doc.rust-lang.org/stable/core/ffi/struct.FromBytesWithNulError.html)
- [`alloc::ffi::CString`]
  (https://doc.rust-lang.org/stable/alloc/ffi/struct.CString.html)
- [`alloc::ffi::FromVecWithNulError`]
  (https://doc.rust-lang.org/stable/alloc/ffi/struct.FromVecWithNulError.html)
- [`alloc::ffi::IntoStringError`]
  (https://doc.rust-lang.org/stable/alloc/ffi/struct.IntoStringError.html)
- [`alloc::ffi::NulError`]
  (https://doc.rust-lang.org/stable/alloc/ffi/struct.NulError.html)

These types were previously stable in `std::os::raw`, but are now
also available in `core::ffi` and `std::ffi`:

- [`ffi::c_char`]
  (https://doc.rust-lang.org/stable/std/ffi/type.c_char.html)
- [`ffi::c_double`]
  (https://doc.rust-lang.org/stable/std/ffi/type.c_double.html)
- [`ffi::c_float`]
  (https://doc.rust-lang.org/stable/std/ffi/type.c_float.html)
- [`ffi::c_int`]
  (https://doc.rust-lang.org/stable/std/ffi/type.c_int.html)
- [`ffi::c_long`]
  (https://doc.rust-lang.org/stable/std/ffi/type.c_long.html)
- [`ffi::c_longlong`]
  (https://doc.rust-lang.org/stable/std/ffi/type.c_longlong.html)
- [`ffi::c_schar`]
  (https://doc.rust-lang.org/stable/std/ffi/type.c_schar.html)
- [`ffi::c_short`]
  (https://doc.rust-lang.org/stable/std/ffi/type.c_short.html)
- [`ffi::c_uchar`]
  (https://doc.rust-lang.org/stable/std/ffi/type.c_uchar.html)
- [`ffi::c_uint`]
  (https://doc.rust-lang.org/stable/std/ffi/type.c_uint.html)
- [`ffi::c_ulong`]
  (https://doc.rust-lang.org/stable/std/ffi/type.c_ulong.html)
- [`ffi::c_ulonglong`]
  (https://doc.rust-lang.org/stable/std/ffi/type.c_ulonglong.html)
- [`ffi::c_ushort`]
  (https://doc.rust-lang.org/stable/std/ffi/type.c_ushort.html)

These APIs are now usable in const contexts:

- [`slice::from_raw_parts`]
  (https://doc.rust-lang.org/stable/core/slice/fn.from_raw_parts.html)

Cargo
-----
- [Packages can now inherit settings from the workspace so that
  the settings can be centralized in one place.]
  (rust-lang/cargo#10859) See
  [`workspace.package`](https://doc.rust-lang.org/nightly/cargo/reference/workspaces.html#the-workspacepackage-table)
  and
  [`workspace.dependencies`](https://doc.rust-lang.org/nightly/cargo/reference/workspaces.html#the-workspacedependencies-table)
  for more details on how to define these common settings.
- [Cargo commands can now accept multiple `--target` flags to build
  for multiple targets at once]
  (rust-lang/cargo#10766), and the
  [`build.target`](https://doc.rust-lang.org/nightly/cargo/reference/config.html#buildtarget)
  config option may now take an array of multiple targets.
- [The `--jobs` argument can now take a negative number to count
  backwards from the max CPUs.]
  (rust-lang/cargo#10844)
- [`cargo add` will now update `Cargo.lock`.]
  (rust-lang/cargo#10902)
- [Added](rust-lang/cargo#10838) the
  [`--crate-type`](https://doc.rust-lang.org/nightly/cargo/commands/cargo-rustc.html#option-cargo-rustc---crate-type)
  flag to `cargo rustc` to override the crate type.
- [Significantly improved the performance fetching git dependencies from GitHub
  when using a hash in the `rev` field.]
  (rust-lang/cargo#10079)

Misc
----
- [The `rust-analyzer` rustup component is now available on the stable channel.]
  (rust-lang/rust#98640)

Compatibility Notes
-------------------
- The minimum required versions for all `-linux-gnu` targets are
  now at least kernel 3.2 and glibc 2.17, for targets that previously
  supported older versions: [Increase the minimum linux-gnu
  versions](rust-lang/rust#95026)
- [Network primitives are now implemented with the ideal Rust
  layout, not the C system layout]
  (rust-lang/rust#78802). This can
  cause problems when transmuting the types.
- [Add assertion that `transmute_copy`'s `U` is not larger than `T`]
  (rust-lang/rust#98839)
- [A soundness bug in `BTreeMap` was fixed]
  (rust-lang/rust#99413) that allowed data
  it was borrowing to be dropped before the container.
- [The Drop behavior of C-like enums cast to ints has changed]
  (rust-lang/rust#96862). These are already
  discouraged by a compiler warning.
- [Relate late-bound closure lifetimes to parent fn in NLL]
  (rust-lang/rust#98835)
- [Errors at const-eval time are now in future incompatibility reports]
  (rust-lang/rust#97743)
- On the `thumbv6m-none-eabi` target, some incorrect `asm!` statements
  were erroneously accepted if they used the high registers (r8 to
  r14) as an input/output operand. [This is no longer accepted]
  (rust-lang/rust#99155).
- [`impl Trait` was accidentally accepted as the associated type
  value of return-position `impl Trait`]
  (rust-lang/rust#97346), without
  fulfilling all the trait bounds of that associated type, as long
  as the hidden type satisfies said bounds. This has been fixed.

Internal Changes
----------------

These changes do not affect any public interfaces of Rust, but they
represent significant improvements to the performance or internals
of rustc and related tools.

- Windows builds now use profile-guided optimization, providing
  10-20% improvements to compiler performance: [Utilize PGO for
  windows x64 rustc dist builds]
  (rust-lang/rust#96978)
- [Stop keeping metadata in memory before writing it to disk]
  (rust-lang/rust#96544)
- [compiletest: strip debuginfo by default for mode=ui]
  (rust-lang/rust#98140)
- Many improvements to generated code for derives, including
  performance improvements:
  - [Don't use match-destructuring for derived ops on structs.]
    (rust-lang/rust#98446)
  - [Many small deriving cleanups]
    (rust-lang/rust#98741)
  - [More derive output improvements]
    (rust-lang/rust#98758)
  - [Clarify deriving code](rust-lang/rust#98915)
  - [Final derive output improvements]
    (rust-lang/rust#99046)
  - [Stop injecting `#[allow(unused_qualifications)]` in generated
    `derive` implementations](rust-lang/rust#99485)
  - [Improve `derive(Debug)`](rust-lang/rust#98190)
- [Bump to clap 3](rust-lang/rust#98213)
- [fully move dropck to mir](rust-lang/rust#98641)
- [Optimize `Vec::insert` for the case where `index == len`.]
  (rust-lang/rust#98755)
- [Convert rust-analyzer to an in-tree tool]
  (rust-lang/rust#99603)
cuviper added a commit to cuviper/rayon that referenced this pull request Jan 19, 2023
`Latch::set` can invalidate its own `&self`, because it releases the
owning thread to continue execution, which may then invalidate the latch
by deallocation, reuse, etc. We've known about this problem when it
comes to accessing latch fields too late, but the possibly dangling
reference was still a problem, like rust-lang/rust#55005.

The result of that was rust-lang/rust#98017, omitting the LLVM attribute
`dereferenceable` on references to `!Freeze` types -- those containing
`UnsafeCell`. However, miri's Stacked Borrows implementation is finer-
grained than that, only relaxing for the cell itself in the `!Freeze`
type. For rayon, that solves the dangling reference in atomic calls, but
remains a problem for other fields of a `Latch`.

This easiest fix for rayon is to use a raw pointer instead of `&self`.
We still end up with some temporary references for stuff like atomics,
but those should be fine with the rules above.
cuviper added a commit to cuviper/rayon that referenced this pull request Jan 20, 2023
`Latch::set` can invalidate its own `&self`, because it releases the
owning thread to continue execution, which may then invalidate the latch
by deallocation, reuse, etc. We've known about this problem when it
comes to accessing latch fields too late, but the possibly dangling
reference was still a problem, like rust-lang/rust#55005.

The result of that was rust-lang/rust#98017, omitting the LLVM attribute
`dereferenceable` on references to `!Freeze` types -- those containing
`UnsafeCell`. However, miri's Stacked Borrows implementation is finer-
grained than that, only relaxing for the cell itself in the `!Freeze`
type. For rayon, that solves the dangling reference in atomic calls, but
remains a problem for other fields of a `Latch`.

This easiest fix for rayon is to use a raw pointer instead of `&self`.
We still end up with some temporary references for stuff like atomics,
but those should be fine with the rules above.
bors bot added a commit to rayon-rs/rayon that referenced this pull request Jan 21, 2023
1011: Use pointers instead of `&self` in `Latch::set` r=cuviper a=cuviper

`Latch::set` can invalidate its own `&self`, because it releases the
owning thread to continue execution, which may then invalidate the latch
by deallocation, reuse, etc. We've known about this problem when it
comes to accessing latch fields too late, but the possibly dangling
reference was still a problem, like rust-lang/rust#55005.

The result of that was rust-lang/rust#98017, omitting the LLVM attribute
`dereferenceable` on references to `!Freeze` types -- those containing
`UnsafeCell`. However, miri's Stacked Borrows implementation is finer-
grained than that, only relaxing for the cell itself in the `!Freeze`
type. For rayon, that solves the dangling reference in atomic calls, but
remains a problem for other fields of a `Latch`.

This easiest fix for rayon is to use a raw pointer instead of `&self`.
We still end up with some temporary references for stuff like atomics,
but those should be fine with the rules above.


Co-authored-by: Josh Stone <[email protected]>
bors added a commit to rust-lang-ci/rust that referenced this pull request Feb 7, 2023
… r=nbdd0121

make &mut !Unpin not dereferenceable, and Box<!Unpin> not noalias

See rust-lang/unsafe-code-guidelines#381 and [this LLVM discussion](https://discourse.llvm.org/t/interaction-of-noalias-and-dereferenceable/66979). The exact semantics of how `noalias` and `dereferenceable` interact are unclear, and `@comex` found a case of LLVM actually exploiting that ambiguity for optimizations. I think for now we should treat LLVM `dereferenceable` as implying a "fake read" to happen immediately at the top of the function (standing in for the spurious reads that LLVM might introduce), and that fake read is subject to all the usual `noalias` restrictions. This means we cannot put `dereferenceable` on `&mut !Unpin` references as those references can alias with other references that are being read and written inside the function (e.g. for self-referential generators), meaning the fake read introduces aliasing conflicts with those other accesses.

For `&` this is already not a problem due to rust-lang#98017 which removed the `dereferenceable` attribute for other reasons.

Regular `&mut Unpin` references are unaffected, so I hope the impact of this is going to be tiny.

The first commit does some refactoring of the `PointerKind` enum since I found the old code very confusing each time I had to touch it. It doesn't change behavior.

Fixes rust-lang/miri#2714

EDIT: Turns out our `Box<!Unpin>` treatment was incorrect, too, so the PR also fixes that now (in codegen and Miri): we do not put `noalias` on these boxes any more.
bors added a commit to rust-lang/miri that referenced this pull request Feb 7, 2023
make &mut !Unpin not dereferenceable, and Box<!Unpin> not noalias

See rust-lang/unsafe-code-guidelines#381 and [this LLVM discussion](https://discourse.llvm.org/t/interaction-of-noalias-and-dereferenceable/66979). The exact semantics of how `noalias` and `dereferenceable` interact are unclear, and `@comex` found a case of LLVM actually exploiting that ambiguity for optimizations. I think for now we should treat LLVM `dereferenceable` as implying a "fake read" to happen immediately at the top of the function (standing in for the spurious reads that LLVM might introduce), and that fake read is subject to all the usual `noalias` restrictions. This means we cannot put `dereferenceable` on `&mut !Unpin` references as those references can alias with other references that are being read and written inside the function (e.g. for self-referential generators), meaning the fake read introduces aliasing conflicts with those other accesses.

For `&` this is already not a problem due to rust-lang/rust#98017 which removed the `dereferenceable` attribute for other reasons.

Regular `&mut Unpin` references are unaffected, so I hope the impact of this is going to be tiny.

The first commit does some refactoring of the `PointerKind` enum since I found the old code very confusing each time I had to touch it. It doesn't change behavior.

Fixes #2714

EDIT: Turns out our `Box<!Unpin>` treatment was incorrect, too, so the PR also fixes that now (in codegen and Miri): we do not put `noalias` on these boxes any more.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
disposition-merge This issue / PR is in PFCP or FCP with a disposition to merge it. finished-final-comment-period The final comment period is finished for this PR / Issue. merged-by-bors This PR was explicitly merged by bors. S-waiting-on-bors Status: Waiting on bors to run and complete tests. Bors will change the label on completion. T-lang Relevant to the language team, which will review and decide on the PR/issue.
Projects
None yet
Development

Successfully merging this pull request may close these issues.