Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[WIP] Transmute #2335

Open
wants to merge 96 commits into
base: main
Choose a base branch
from
Open

[WIP] Transmute #2335

wants to merge 96 commits into from

Conversation

joshlf
Copy link
Member

@joshlf joshlf commented Feb 12, 2025
edited
Loading

joshlf and others added 30 commits October 12, 2024 14:06
@joshlf
[ci] Don't run on push (#1882)
5b5d5a6 
We already have the merge queue; running on push is redundant.
@joshlf
Release 0.9.0-alpha.0 (#1881)
e7217b5 
Upgrade our MSRV to 1.65 and remove version detection logic prior to
that version.
@joshlf
Enable clippy::missing_const_for_fn (#1883)
2b56c07 
* Release 0.9.0-alpha.0

Upgrade our MSRV to 1.65 and remove version detection logic prior to
that version.

* Enable clippy::missing_const_for_fn

While we're here, remove defensive programming against bug in
`Layout::from_size_align` which is no longer needed on our new MSRV.
@joshlf
Upgrade some code for MSRV 1.65 (#1885)
1788f44 
Now that our MSRV is 1.65, we can clean up some code.

Makes progress on #67
@joshlf
Clean up some code for new MSRV (#1888)
7349fe0 
Also clean up some code for 0.9.
@joshlf
Upgrade versions of some dependencies (#1886)
19ab41c 
* Upgrade some code for MSRV 1.65

Now that our MSRV is 1.65, we can clean up some code.

Makes progress on #67

* Upgrade versions of some dependencies

Now that our MSRV is 1.65, it unlocks upgrading some dependencies'
versions.
@joshlf
Roll pinned toolchains on v0.8.x branch (#1887)
5452c3d
@google-pr-creation-bot
[ci] Roll pinned nightly toolchain (#1900)
2e819ac
@google-pr-creation-bot
[ci] Roll pinned nightly toolchain (#1902)
ccf477d
@dependabot
[CI] Bump github/codeql-action from 3.26.12 to 3.26.13 (#1903)
c128ed2 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.12 to 3.26.13.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@c36620d...f779452)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
[CI] Bump Swatinem/rust-cache from 2.7.3 to 2.7.5 (#1904)
1c8cbc7 
Bumps [Swatinem/rust-cache](https://github.com/swatinem/rust-cache) from 2.7.3 to 2.7.5.
- [Release notes](https://github.com/swatinem/rust-cache/releases)
- [Changelog](https://github.com/Swatinem/rust-cache/blob/master/CHANGELOG.md)
- [Commits](Swatinem/rust-cache@23bce25...82a92a6)

---
updated-dependencies:
- dependency-name: Swatinem/rust-cache
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@joshlf
[pointer] Clarify semantics of aliasing invariants (#1889)
d9e48e3 
Previously, we supported the `AtLeast` bound, which was used to describe
a subset relationship in which `I: AtLeast<J>` implied that `I` as at
least as restrictive as `J`. However, as described in #1866, this
incorrectly models invariants as monotonic. In reality, invariants both
provide guarantees but also *require* guarantees.

This commit takes a step in the direction of resolving #1866 by removing
`AtLeast`. Uses of `AtLeast<Shared>` are replaced by a new `Reference`
trait, which is implemented for `Shared` and `Exclusive`. This serves
two purposes: First, it makes it explicit what this bound means.
Previously, `AtLeast<Shared>` had an ambiguous meaning, while
`Reference` means precisely that an invariant is either `Shared` or
`Exclusive` and nothing else. Second, it paves the way for #1183, in
which we may add new aliasing invariants which convey ownership. In that
case, it will be important for existing methods to add `Reference`
bounds when those methods would not be sound in the face of ownership
semantics.

We also inline the items in the `invariant` module, which were
previously generated by macro. The addition of the `Reference` trait did
not play nicely with that macro, and we will likely need to go further
from the macro in order to fix #1839 – this fix will likely require
making aliasing invariants meaningfully different than other invariants,
for example by adding an associated type.

Makes progress on #1866
@joshlf
[derive] Document trivial_is_bit_valid (#1905)
967b3a0 
Explain why we only support concrete types so that future authors won't
spuriously add support for them.
@joshlf
[pointer] Add separate PtrInner (#1891)
b43c510 
`PtrInner` carries all invariants which are not controlled by type
parameters. Since `PtrInner` does not promise to uphold aliasing,
alignment, or validity, we can move some utility methods to `PtrInner`
which previously were responsible for maintaining invariants orthogonal
to their purpose.

Makes progress on #1892 (still needs to be fixed on v0.8.x)
Closes #1890
@joshlf
[pointer][invariant] Move to separate file (#1906)
ca9243f 
This prepares us for future changes which will significantly increase
the amount of code in the `invariant` module.

Also merge `aliasing_safety` into this new file.
@joshlf
[pointer] Match variance of references (#1894)
51475bd 
When the aliasing mode is `Any`, `Ptr<'a, T>` is invariant in `'a` and
`T`. When the aliasing mode is `Shared` or `Exclusive`, `Ptr` has the
same variance as `&'a T` and `&'a mut T` respectively.

Makes progress on #1839
@joshlf
[pointer] Make invariants opaque, more ergonomic (#1895)
f80a65d 
Closes #1876
@joshlf
[pointer] Simplify AliasingSafe, rename to Read (#1908)
85a12e2 
`AliasingSafe` is really about whether a pointer permits unsynchronized
reads - either because the referent contains no `UnsafeCell`s or because
the aliasing mode is `Exclusive`. Previously, `AliasingSafe` was not
named consistent with this meaning, and was a function of a *pair* of
types rather than of a single type. This commit fixes both oversights.

While we're here, we also add `Read` bounds in some places, allowing us
to simplify many safety comments.
@joshlf
[pointer] Rename Any -> Unknown/Inaccessible (#1909)
ae43fce 
For aliasing, use `Inaccessible`. For alignment and validity, use
`Unknown`.
@joshlf
[pointer] Support generic invariant mapping (#1896)
0665b90 
This commit adds a framework which supports encoding in the type system
any `I -> I` mapping where `I` is any `Invariant` type. This permits us
to make `cast_unsized`'s return value smarter, and as a result, allows
us to remove a lot of `unsafe` code.

Makes progress on #1122
@google-pr-creation-bot
[ci] Roll pinned nightly toolchain (#1915)
77a5f56
@joshlf
Remove items deprecated in 0.8 (#1916)
49749b7 
gherrit-pr-id: I003d5360d1b7f7882a71490813eca50b39025f14
@jswrenn
Fix flaky TryFromBytes tests (#1917)
f04c344 
These tests depend on `src` being aligned to multiples of 2. With
this commit, that dependency is explicitly enforced.
@joshlf
Use #[marker] on nightly in CI (#1925)
70e5ef4 
We eventually hope to make use of `#[marker]` traits once they're
stable. This permits us to test to make sure the feature is as we expect
and that our intended usage works.

gherrit-pr-id: I3a111bf5647fdcc9805cbadf36f729ac69b28509
@google-pr-creation-bot
[ci] Roll pinned nightly toolchain (#1928)
d3e44e2 
And allow `non_local_definitions`.
@joshlf
Use #[marker] on nightly in CI (#1926)
af67d9a 
We eventually hope to make use of `#[marker]` traits once they're
stable. This permits us to test to make sure the feature is as we expect
and that our intended usage works.

gherrit-pr-id: I3a111bf5647fdcc9805cbadf36f729ac69b28509
@google-pr-creation-bot
[ci] Roll pinned stable toolchain (#1938)
5bd167f
@google-pr-creation-bot @joshlf
[ci] Roll pinned nightly toolchain (#1935)
706dccf 
Co-authored-by: Joshua Liebow-Feeser <joshlf@users.noreply.github.com>
@google-pr-creation-bot
[ci] Roll pinned nightly toolchain (#1947)
65e60ae
@google-pr-creation-bot
[ci] Roll pinned nightly toolchain (#1950)
35d9d4f
@joshlf joshlf force-pushed the I8d5d162c1b6fe43e3dcb90a6dc5bf58a7a203bf8 branch 2 times, most recently from 7c40c2b to b3c7e29 Compare February 14, 2025 23:34
@joshlf joshlf force-pushed the I15d38f2f1fffad82caa70ea6eb18dffcd6504495 branch from ed0cd83 to 2341b21 Compare February 14, 2025 23:34
@joshlf joshlf force-pushed the I8d5d162c1b6fe43e3dcb90a6dc5bf58a7a203bf8 branch from b3c7e29 to 660856a Compare February 14, 2025 23:42
@joshlf joshlf force-pushed the I15d38f2f1fffad82caa70ea6eb18dffcd6504495 branch from 2341b21 to 53cca63 Compare February 14, 2025 23:42
@joshlf joshlf force-pushed the I8d5d162c1b6fe43e3dcb90a6dc5bf58a7a203bf8 branch 2 times, most recently from f412de1 to 6258775 Compare February 17, 2025 21:31
@joshlf
[pointer] Store validity in the referent type (#2334)
28b55b9 
Previously, validity was stored as part of the `I: Invariants` type
parameter on a `Ptr<T, I>`. In this commit, we migrate the validity to
being stored as the `V` in `Ptr<V, I>`; `I` now only stores aliasing and
alignment.

Bit validity is subtle, in that the pair of referent type and validity
invariant define a set of bit patterns which may appear in the `Ptr`'s
referent. By encoding the validity in the referent type instead of in
the `I` parameter, we ensure that the validity of the referent is
captured entirely by a single type parameter rather than by a pair of
two separate type parameters. This makes future changes (e.g. #1359)
easier to model.

This idea was originally proposed in #1866 (comment)

Makes progress on #1866

gherrit-pr-id: Ia73ca4e5dfb3b20f71ed72ffda24dd7450c427ba
@joshlf joshlf force-pushed the I8d5d162c1b6fe43e3dcb90a6dc5bf58a7a203bf8 branch from 6258775 to 7315981 Compare February 17, 2025 21:48
@joshlf joshlf force-pushed the I15d38f2f1fffad82caa70ea6eb18dffcd6504495 branch from 53cca63 to 347c999 Compare February 17, 2025 22:07
@joshlf joshlf force-pushed the I8d5d162c1b6fe43e3dcb90a6dc5bf58a7a203bf8 branch from 7315981 to 9109472 Compare February 17, 2025 22:07
@joshlf
[pointer] Remove Ptr::project method (#2339)
9322a2c 
Now that #1122 is complete in #1896, `project` is redundant.

gherrit-pr-id: I15d38f2f1fffad82caa70ea6eb18dffcd6504495
Base automatically changed from I15d38f2f1fffad82caa70ea6eb18dffcd6504495 to main February 17, 2025 22:43
@joshlf joshlf force-pushed the I8d5d162c1b6fe43e3dcb90a6dc5bf58a7a203bf8 branch 2 times, most recently from 04e31db to d91bba0 Compare February 18, 2025 00:28
@joshlf joshlf changed the base branch from main to I29f8429d9d7b14026313f030f8dc1e895a98ad56 February 18, 2025 00:28
@joshlf joshlf mentioned this pull request Feb 18, 2025
Merged
@jswrenn jswrenn force-pushed the I29f8429d9d7b14026313f030f8dc1e895a98ad56 branch from 674e2af to 2a1dd8b Compare February 18, 2025 16:37
@joshlf
[pointer] Fix Ptr[Inner] variance (#2351)
79ec7c4 
Previously, `Ptr<'a, T>` and `PtrInner<'a, T>` documented themselves to
be covariant in both `'a` and `T`. This was true for `PtrInner`, but not
for `Ptr`, which used GATs, which are invariant. This is also not the
desired variance: for `Exclusive` aliasing, the desired variance matches
that of `&mut` references - namely, covariant in `'a` but invariant in
`T`.

This commit fixes this by making `Ptr<'a, T>` and `PtrInner<'a, T>`
unconditionally covariant in `'a` and invariant in `T`.

gherrit-pr-id: I29f8429d9d7b14026313f030f8dc1e895a98ad56
Base automatically changed from I29f8429d9d7b14026313f030f8dc1e895a98ad56 to main February 18, 2025 17:15
@joshlf joshlf force-pushed the I8d5d162c1b6fe43e3dcb90a6dc5bf58a7a203bf8 branch from d91bba0 to bb1a6cf Compare February 18, 2025 17:20
@joshlf joshlf mentioned this pull request Feb 19, 2025
Open
@kupiakos
Fix soundness of FromBytes::read_from_io (#2320)
1339ee9 
See #2319. Includes a Miri test confirming the previous unsoundness.

gherrit-pr-id: Iede94c196c710c74d970c93935f1539e07446e50
@joshlf joshlf force-pushed the I8d5d162c1b6fe43e3dcb90a6dc5bf58a7a203bf8 branch from bb1a6cf to 387ec61 Compare February 19, 2025 14:38
joshlf and others added 4 commits February 19, 2025 21:31
@joshlf
[release-new-crate-versions] Release on v0.8.x by default (#2362)
7ed40f1
@joshlf
[readme] Explain maintenance, thank contributors (#2360) (#2363)
c3aaddc 
Add jswrenn as an author in `Cargo.toml` files.

gherrit-pr-id: I50cc283e73af52a110de292c7fd92426fea21e26
@google-pr-creation-bot
[ci] Roll pinned stable toolchain (#2366)
8ee868d
@joshlf @jswrenn
[WIP] Transmute
02f5982 
Co-authored-by: Jack Wrenn <jswrenn@amazon.com>
gherrit-pr-id: I8d5d162c1b6fe43e3dcb90a6dc5bf58a7a203bf8
@joshlf joshlf force-pushed the I8d5d162c1b6fe43e3dcb90a6dc5bf58a7a203bf8 branch from 387ec61 to 02f5982 Compare February 20, 2025 22:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@joshlf @google-pr-creation-bot @jswrenn @dacozai @Aditya-PS-05 @kupiakos