Change {Box,Arc,Rc,Weak}::into_raw to only work with A = Global#141219
Merged
Conversation
Collaborator
rustbot
added
S-waiting-on-review
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
Member
Author
|
I don't know why this is failing on Miri... I only moved the methods and didn't change any implementation (except |
This comment has been minimized.
This comment has been minimized.
Member
Author
|
@RalfJung Do you have any idea why these miri tests would fail? The only relevant change is moving |
Member
|
Yeah it has to do with this comment. This is part of the general issue that adding allocators to |
Member
Author
|
Sure, but the implementation of I don't see why changing the bounds on that methods from |
Member
|
Miri has no choice but use some terrible hacks to work around the poor state that |
Member
|
I pushed a commit that should hopefully fix CI. |
joboet
approved these changes
May 23, 2025
joboet
left a comment
joboet
left a comment
Member
There was a problem hiding this comment.
r=me pending approval from the rest of libs-api
This was referenced May 24, 2025
Contributor
|
@rustbot label +A-box +A-allocators +A-MIR +A-miri |
rustbot
added
A-allocators
Collaborator
|
☔ The latest upstream changes (presumably #142483) made this pull request unmergeable. Please resolve the merge conflicts. |
Member
|
Looks good to me as a libs-api member! This affects unstable code only: |
dtolnay
approved these changes
Jul 1, 2025
Also applies to `Vec::into_raw_parts`. The expectation is that you can round-trip these methods with `from_raw`, but this is only true when using the global allocator. With custom allocators you should instead be using `into_raw_with_allocator` and `from_raw_in`. The implementation of `Box::leak` is changed to use `Box::into_raw_with_allocator` and explicitly leak the allocator (which was already the existing behavior). This is because, for `leak` to be safe, the allocator must not free its underlying backing store. The `Allocator` trait only guarantees that allocated memory remains valid until the allocator is dropped.
Member
Author
|
@bors r=joboet |
Collaborator
bors
added
S-waiting-on-bors
Amanieu
removed
the
I-libs-api-nominated
This comment has been minimized.
This comment has been minimized.
Member
|
I had pushed a Miri fix into this PR in the past... did that get force-pushed away? |
Member
|
Yeah, looks like it... @Amanieu I would recommend never using |
Member
|
Meanwhile, please cherry-pick 432a1c0, I hope that still fixes the problem. I won't push to this branch again to avoid repeating history. ;) |
Member
Author
|
@bors r=joboet |
Collaborator
Member
Author
Thanks, I've added that and will try to remember to use it in the future! |
GrigorenkoPV
reviewed
Jul 2, 2025
| // Avoid `into_raw_with_allocator` as that interacts poorly with Miri's Stacked Borrows. | ||
| let mut b = mem::ManuallyDrop::new(b); | ||
| // We go through the built-in deref for `Box`, which is crucial for Miri to recognize this | ||
| // operation for it's alias tracking. |
bors
added a commit
that referenced
this pull request
Jul 2, 2025
Rollup of 11 pull requests Successful merges: - #131923 (Derive `Copy` and `Hash` for `IntErrorKind`) - #138340 (Remove some unsized tuple impls now that we don't support unsizing tuples anymore) - #141219 (Change `{Box,Arc,Rc,Weak}::into_raw` to only work with `A = Global`) - #142212 (bootstrap: validate `rust.codegen-backends` & `target.<triple>.codegen-backends`) - #142237 (Detect more cases of unused_parens around types) - #142964 (Attribute rework: a parser for single attributes without arguments) - #143070 (Rewrite `macro_rules!` parser to not use the MBE engine itself) - #143235 (Assemble const bounds via normal item bounds in old solver too) - #143261 (Feed `explicit_predicates_of` instead of `predicates_of`) - #143276 (loop match: handle opaque patterns) - #143306 (Add `track_caller` attributes to trace origin of Clippy lints) r? `@ghost` `@rustbot` modify labels: rollup try-job: aarch64-apple try-job: x86_64-msvc-1 try-job: x86_64-gnu try-job: dist-i586-gnu-i586-i686-musl try-job: test-various
bors
added a commit
that referenced
this pull request
Jul 2, 2025
Rollup of 11 pull requests Successful merges: - #131923 (Derive `Copy` and `Hash` for `IntErrorKind`) - #138340 (Remove some unsized tuple impls now that we don't support unsizing tuples anymore) - #141219 (Change `{Box,Arc,Rc,Weak}::into_raw` to only work with `A = Global`) - #142212 (bootstrap: validate `rust.codegen-backends` & `target.<triple>.codegen-backends`) - #142237 (Detect more cases of unused_parens around types) - #142964 (Attribute rework: a parser for single attributes without arguments) - #143070 (Rewrite `macro_rules!` parser to not use the MBE engine itself) - #143235 (Assemble const bounds via normal item bounds in old solver too) - #143261 (Feed `explicit_predicates_of` instead of `predicates_of`) - #143276 (loop match: handle opaque patterns) - #143306 (Add `track_caller` attributes to trace origin of Clippy lints) r? `@ghost` `@rustbot` modify labels: rollup try-job: aarch64-apple try-job: x86_64-msvc-1 try-job: x86_64-gnu try-job: dist-i586-gnu-i586-i686-musl try-job: test-various
rust-timer
added a commit
that referenced
this pull request
Jul 3, 2025
Rollup merge of #141219 - Amanieu:leak_alloc, r=joboet Change `{Box,Arc,Rc,Weak}::into_raw` to only work with `A = Global` Also applies to `Vec::into_raw_parts`. The expectation is that you can round-trip these methods with `from_raw`, but this is only true when using the global allocator. With custom allocators you should instead be using `into_raw_with_allocator` and `from_raw_in`. The implementation of `Box::leak` is changed to use `Box::into_raw_with_allocator` and explicitly leak the allocator (which was already the existing behavior). This is because, for `leak` to be safe, the allocator must not free its underlying backing store. The `Allocator` trait only guarantees that allocated memory remains valid until the allocator is dropped.
1 task
gwilymk
added a commit
to agbrs/agb
that referenced
this pull request
Jul 4, 2025
Fix issue introduced by rust-lang/rust#141219 - [x] Changelog updated
github-actions Bot
pushed a commit
to model-checking/verify-rust-std
that referenced
this pull request
Jul 11, 2025
Change `{Box,Arc,Rc,Weak}::into_raw` to only work with `A = Global`
Also applies to `Vec::into_raw_parts`.
The expectation is that you can round-trip these methods with `from_raw`, but this is only true when using the global allocator. With custom allocators you should instead be using `into_raw_with_allocator` and `from_raw_in`.
The implementation of `Box::leak` is changed to use `Box::into_raw_with_allocator` and explicitly leak the allocator (which was already the existing behavior). This is because, for `leak` to be safe, the allocator must not free its underlying backing store. The `Allocator` trait only guarantees that allocated memory remains valid until the allocator is dropped.
github-actions Bot
pushed a commit
to model-checking/verify-rust-std
that referenced
this pull request
Jul 11, 2025
…iaskrgr Rollup of 11 pull requests Successful merges: - rust-lang#131923 (Derive `Copy` and `Hash` for `IntErrorKind`) - rust-lang#138340 (Remove some unsized tuple impls now that we don't support unsizing tuples anymore) - rust-lang#141219 (Change `{Box,Arc,Rc,Weak}::into_raw` to only work with `A = Global`) - rust-lang#142212 (bootstrap: validate `rust.codegen-backends` & `target.<triple>.codegen-backends`) - rust-lang#142237 (Detect more cases of unused_parens around types) - rust-lang#142964 (Attribute rework: a parser for single attributes without arguments) - rust-lang#143070 (Rewrite `macro_rules!` parser to not use the MBE engine itself) - rust-lang#143235 (Assemble const bounds via normal item bounds in old solver too) - rust-lang#143261 (Feed `explicit_predicates_of` instead of `predicates_of`) - rust-lang#143276 (loop match: handle opaque patterns) - rust-lang#143306 (Add `track_caller` attributes to trace origin of Clippy lints) r? `@ghost` `@rustbot` modify labels: rollup try-job: aarch64-apple try-job: x86_64-msvc-1 try-job: x86_64-gnu try-job: dist-i586-gnu-i586-i686-musl try-job: test-various
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
9 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Also applies to
Vec::into_raw_parts.The expectation is that you can round-trip these methods with
from_raw, but this is only true when using the global allocator. With custom allocators you should instead be usinginto_raw_with_allocatorandfrom_raw_in.The implementation of
Box::leakis changed to useBox::into_raw_with_allocatorand explicitly leak the allocator (which was already the existing behavior). This is because, forleakto be safe, the allocator must not free its underlying backing store. TheAllocatortrait only guarantees that allocated memory remains valid until the allocator is dropped.