Skip to content

fix(allocator): remove unsound impl Sync for Allocator #13033

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Aug 19, 2025
Merged

fix(allocator): remove unsound impl Sync for Allocator #13033

merged 1 commit into from
Aug 19, 2025

Conversation

@overlookmotel
Copy link
Member

@overlookmotel overlookmotel commented Aug 12, 2025
edited
Loading

Allocator should not be Sync. Allocator is not thread-safe and allocating into it in multiple threads can cause data corruption or, in worst case, writing out of bounds.

Remove the unsound impl Sync for Allocator.

This PR also removes impl Send for Allocator, but that doesn't change anything. bumpalo::Bump is already Send, so Allocator is automatically Send too. It doesn't need an explicit Send impl.

@github-actions github-actions bot added the C-bug Category - Bug label Aug 12, 2025
@overlookmotel Graphite App
Copy link
Member Author

overlookmotel commented Aug 12, 2025
edited
Loading

How to use the Graphite Merge Queue

Add either label to this PR to merge it via the merge queue:

  • 0-merge - adds this PR to the back of the merge queue
  • hotfix - for urgent hot fixes, skip the queue and merge this PR next

You must have a Graphite account in order to use the merge queue. Sign up using this link.

An organization admin has enabled the Graphite Merge Queue in this repository.

Please do not merge from GitHub as this will restart CI on PRs being processed by the merge queue.

This stack of pull requests is managed by Graphite. Learn more about stacking.

@overlookmotel overlookmotel mentioned this pull request Aug 12, 2025
Merged
@codspeed-hq
Copy link

codspeed-hq bot commented Aug 12, 2025
edited
Loading

CodSpeed Instrumentation Performance Report

Merging #13033 will not alter performance

Comparing 08-12-fix_allocator_remove_unsound_impl_sync_for_allocator_ (d2e8cb6) with main (163dbea)

Summary

✅ 34 untouched benchmarks

@Boshen
Copy link
Member

Boshen commented Aug 12, 2025

You need to fix breaking changes in rolldown.

@overlookmotel
Copy link
Member Author

overlookmotel commented Aug 12, 2025

You need to fix breaking changes in rolldown.

I know! 😢 So far I've only fixed the ones in Oxc...

@overlookmotel overlookmotel changed the base branch from 08-12-fix_linter_prevent_unsound_use_of_allocator_across_threads to graphite-base/13033 August 13, 2025 00:04
@overlookmotel overlookmotel force-pushed the 08-12-fix_allocator_remove_unsound_impl_sync_for_allocator_ branch from 25af23b to 6b33f35 Compare August 13, 2025 00:05
@overlookmotel overlookmotel changed the base branch from graphite-base/13033 to 08-12-fix_linter_prevent_unsound_use_of_allocator_across_threads August 13, 2025 00:05
This was referenced Aug 13, 2025
Merged
Merged
Merged
Merged
Merged
@graphite-app graphite-app bot changed the base branch from 08-12-fix_linter_prevent_unsound_use_of_allocator_across_threads to graphite-base/13033 August 13, 2025 11:47
@graphite-app graphite-app bot force-pushed the graphite-base/13033 branch from 1585688 to b0558a4 Compare August 13, 2025 11:51
@graphite-app graphite-app bot force-pushed the 08-12-fix_allocator_remove_unsound_impl_sync_for_allocator_ branch from 6b33f35 to 68b7ce3 Compare August 13, 2025 11:51
@graphite-app graphite-app bot changed the base branch from graphite-base/13033 to main August 13, 2025 11:52
@graphite-app graphite-app bot force-pushed the 08-12-fix_allocator_remove_unsound_impl_sync_for_allocator_ branch from 68b7ce3 to b76e7e6 Compare August 13, 2025 11:52
@overlookmotel overlookmotel force-pushed the 08-12-fix_allocator_remove_unsound_impl_sync_for_allocator_ branch from b76e7e6 to 2535244 Compare August 18, 2025 23:54
@overlookmotel overlookmotel mentioned this pull request Aug 18, 2025
Merged
@overlookmotel overlookmotel marked this pull request as ready for review August 19, 2025 00:06
Copilot AI review requested due to automatic review settings August 19, 2025 00:06
Copilot AI reviewed Aug 19, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR removes unsafe Send and Sync implementations for the Allocator type to fix thread safety issues. The Allocator is not thread-safe and allowing concurrent access could cause data corruption or out-of-bounds writes.

  • Removes unsafe impl Send for Allocator and impl Sync for Allocator
  • Improves memory safety by preventing unsound concurrent access to the allocator

Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.

@graphite-app graphite-app bot added the 0-merge Merge with Graphite Merge Queue label Aug 19, 2025
@graphite-app
Copy link
Contributor

graphite-app bot commented Aug 19, 2025
edited
Loading

Merge activity

@overlookmotel
fix(allocator): remove unsound impl Sync for Allocator (#13033)
d2e8cb6 
`Allocator` should not be `Sync`. `Allocator` is not thread-safe and allocating into it in multiple threads can cause data corruption or, in worst case, writing out of bounds.

Remove the unsound `impl Sync for Allocator`.

This PR also removes `impl Send for Allocator`, but that doesn't change anything. `bumpalo::Bump` is already `Send`, so `Allocator` is automatically `Send` too. It doesn't need an explicit `Send` impl.
@graphite-app graphite-app bot force-pushed the 08-12-fix_allocator_remove_unsound_impl_sync_for_allocator_ branch from 2535244 to d2e8cb6 Compare August 19, 2025 21:35
graphite-app bot pushed a commit that referenced this pull request Aug 19, 2025
@overlookmotel
refactor(semantic): implement Send and Sync for ScopingCell (#1…
cc067c2 
…3042)

Previous PRs removed unsound `Sync` impl for `Allocator` (#13033) and `Send` impl for `Vec` (#13041).

Previously `ScopingCell` was `Send` and `Sync` (and therefore `Scoping` was too). The recent PRs mean that `ScopingCell` lost those traits too.

This PR implements both traits again for `ScopingCell` by restricting its API slightly, so now it is `Send` and `Sync` again, but this time in a manner which maintains soundness.

The comments in the code outline the logic of why I believe it to be sound.

Rolldown relies on `ScopingCell` being `Send` and `Sync`. After this PR, this stack does not require any changes in Rolldown. I've checked that `cargo ck` in Rolldown passes when using the version of Oxc from this branch.
graphite-app bot pushed a commit that referenced this pull request Aug 19, 2025
@overlookmotel
refactor(allocator): replace AtomicUsize with Cell<usize> in `All…
93eaf5f 
…ocationStats` (#13043)

`AllocationStats` (introduced in #12555 and #12937) previously had to contain `AtomicUsize`s because `Allocator` was `Sync`. #13033 removed the `Sync` impl for `Allocator`, so now there's no need for synchronization in `AllocationStats`, and these fields can be `Cell<usize>` instead.
@graphite-app graphite-app bot merged commit d2e8cb6 into main Aug 19, 2025
26 checks passed
@graphite-app graphite-app bot deleted the 08-12-fix_allocator_remove_unsound_impl_sync_for_allocator_ branch August 19, 2025 21:41
@graphite-app graphite-app bot removed the 0-merge Merge with Graphite Merge Queue label Aug 19, 2025
@oxc-bot oxc-bot mentioned this pull request Aug 20, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@camc314 camc314 camc314 approved these changes

Assignees

No one assigned

Labels

C-bug Category - Bug

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@overlookmotel @Boshen @camc314