In Rust, the strongest guarantee that `&mut` provides is that the memory
pointed to is *not aliased*, whereas `&`'s guarantees are much weaker:
that the value can be aliased, and may be mutated under proper precautions
(interior mutability).
Our atomics though use `&mut` for mutation even while creating multiple
aliases, so this changes them to use 'interior mutability', mutating
through immutable references.
Most of the standard distribution is still using ~[] instead of Vec, so this
lint is essentially useless currently. When the standard distribution has been
ported to not use ~[], then we can turn the lint back on.
Previously, any library of the pattern `lib<name>-<hash>-<version>.so` was
>considered a candidate (rightly so) for loading a crate. Sets are generated for
each unique `<hash>`, and then from these sets a candidate is selected. If a set
contained more than one element, then it immediately generated an error saying
that multiple copies of the same dylib were found.
This is incorrect because each candidate needs to be validated to actually
contain a rust library (valid metadata). This commit alters the logic to filter
each set of candidates for a hash to only libraries which are actually rust
libraries. This means that if multiple false positives are found with the right
name pattern, they're all ignored.
Closes#13010
`Share` implies that all *reachable* content is *threadsafe*.
Threadsafe is defined as "exposing no operation that permits a data race if multiple threads have access to a &T pointer simultaneously". (NB: the type system should guarantee that if you have access to memory via a &T pointer, the only other way to gain access to that memory is through another &T pointer)...
Fixes#11781
cc #12577
What this PR will do
================
- [x] Add Share kind and
- [x] Replace usages of Freeze with Share in bounds.
- [x] Add Unsafe<T> #12577
- [x] Forbid taking the address of a immutable static item with `Unsafe<T>` interior
What's left to do in a separate PR (after the snapshot)?
===========================================
- Remove `Freeze` completely
this comes from a discussion on IRC where the split between stdin and stdout
seemed unnatural, and the fact that reading on stdin won't flush stdout, which
is unlike every other language (including C's stdio).
These variants occur rarely but inflate the whole enum for the other variants, leaving a lot of wasted space. In total this reduces `ty::sty` from 160 bytes to 96 (on a 64-bit platform).
After this, `ty_struct` and `ty_enum` are the largest variants, with the 80-byte `substs` being the major contributor.
Previously, any library of the pattern `lib<name>-<hash>-<version>.so` was
>considered a candidate (rightly so) for loading a crate. Sets are generated for
each unique `<hash>`, and then from these sets a candidate is selected. If a set
contained more than one element, then it immediately generated an error saying
that multiple copies of the same dylib were found.
This is incorrect because each candidate needs to be validated to actually
contain a rust library (valid metadata). This commit alters the logic to filter
each set of candidates for a hash to only libraries which are actually rust
libraries. This means that if multiple false positives are found with the right
name pattern, they're all ignored.
Closes#13010
This fixes struct passing abi on x86 ffi: Structs are now passed
indirectly with byval attribute (as clang does).
Empty structs are also explicitly ignored rather than directly passed.
Fixes#5744Fixes#11198Fixes#11343
This reduces the size of sty from 112 to 96; like with the ty_trait
variant, this variant of sty occurs rarely (~1%) so the benefits are
large and the costs small.
This reduces ty::sty from 160 bytes to just 112, and some measurements
eddyb made suggest that the ty_trait variant occurs very
rarely (e.g. ~1% of all sty instances) hence this will result in a large
memory saving, and the cost of the indirection is unlikely to be an
issue.
This adds lots of docs to the atomics module. Two of the examples
are using the future atomics API (relying on `Share`) and are ignored temporarily.
I discovered a bug in the way AtomicBool's fetch_nand method is
implemented and fixed it by using the correct value for `true`.
I also fixed the implementation of AcqRel fences (it was only doing
a release barrier), and made a "relaxed" fence a failure.