Merge pull request #221 from GaloisInc/T219-patch-new_uninit_zeroed

`libs`: More patches for `Arc` and `Rc`

Author: RyanGlScott

libs/Patches.md

@@ -90,14 +90,24 @@ into the main commit for that patch, and then the *Update* line can be removed.
   functions to call built-in Crucible allocation functions instead (e.g.
   `crucible::alloc::allocate`).
 
+* Define `Arc`/`Rc` constructors in terms of `{Arc,Rc}::new` (last applied: January 20, 2026)
+
+  This ensures that all `Arc`/`Rc` constructors are defined in terms of
+  `Box::new`, which uses Crucible's typed allocator instead of Rust's untyped
+  allocator. (See the `` Use crucible's allocator in `Box` constructors ``
+  patch above.)
+
 * Don't deallocate in `Box::drop` (last applied: November 17, 2025)
 
   Crucible doesn't support a `deallocate` operation.
 
-* Don't deallocate in `Arc::drop` and related functions (last applied: November 17, 2025)
+* Don't deallocate in `Arc::drop`, `Rc::drop`, and related functions (last applied: November 17, 2025)
 
   Crucible doesn't support a `deallocate` operation.
 
+  *Update* (January 20, 2026): Also patch out `Rc`-related functions (e.g.,
+  `Rc::drop`).
+
 * Skip `addr_eq` debug asserts in `Arc::drop` (last applied: November 20, 2025)
 
   `Arc::drop` (and its corresponding `Weak::drop`) has a `debug_assert!` to

libs/alloc/src/rc.rs

@@ -497,13 +497,7 @@ impl<T> Rc<T> {
     #[stable(feature = "new_uninit", since = "1.82.0")]
     #[must_use]
     pub fn new_uninit() -> Rc<mem::MaybeUninit<T>> {
-        unsafe {
-            Rc::from_ptr(Rc::allocate_for_layout(
-                Layout::new::<T>(),
-                |layout| Global.allocate(layout),
-                <*mut u8>::cast,
-            ))
-        }
+        Rc::new(mem::MaybeUninit::uninit())
     }
 
     /// Constructs a new `Rc` with uninitialized contents, with the memory
@@ -530,13 +524,7 @@ impl<T> Rc<T> {
     #[unstable(feature = "new_zeroed_alloc", issue = "129396")]
     #[must_use]
     pub fn new_zeroed() -> Rc<mem::MaybeUninit<T>> {
-        unsafe {
-            Rc::from_ptr(Rc::allocate_for_layout(
-                Layout::new::<T>(),
-                |layout| Global.allocate_zeroed(layout),
-                <*mut u8>::cast,
-            ))
-        }
+        Rc::new(mem::MaybeUninit::zeroed())
     }
 
     /// Constructs a new `Rc<T>`, returning an error if the allocation fails
@@ -591,13 +579,7 @@ impl<T> Rc<T> {
     #[unstable(feature = "allocator_api", issue = "32838")]
     // #[unstable(feature = "new_uninit", issue = "63291")]
     pub fn try_new_uninit() -> Result<Rc<mem::MaybeUninit<T>>, AllocError> {
-        unsafe {
-            Ok(Rc::from_ptr(Rc::try_allocate_for_layout(
-                Layout::new::<T>(),
-                |layout| Global.allocate(layout),
-                <*mut u8>::cast,
-            )?))
-        }
+        Rc::try_new(mem::MaybeUninit::uninit())
     }
 
     /// Constructs a new `Rc` with uninitialized contents, with the memory
@@ -624,13 +606,7 @@ impl<T> Rc<T> {
     #[unstable(feature = "allocator_api", issue = "32838")]
     //#[unstable(feature = "new_uninit", issue = "63291")]
     pub fn try_new_zeroed() -> Result<Rc<mem::MaybeUninit<T>>, AllocError> {
-        unsafe {
-            Ok(Rc::from_ptr(Rc::try_allocate_for_layout(
-                Layout::new::<T>(),
-                |layout| Global.allocate_zeroed(layout),
-                <*mut u8>::cast,
-            )?))
-        }
+        Rc::try_new(mem::MaybeUninit::zeroed())
     }
     /// Constructs a new `Pin<Rc<T>>`. If `T` does not implement `Unpin`, then
     /// `value` will be pinned in memory and unable to be moved.
@@ -2181,7 +2157,10 @@ impl<T> Rc<[T]> {
                     let slice = from_raw_parts_mut(self.elems, self.n_elems);
                     ptr::drop_in_place(slice);
 
+                    // Crucible: skip deallocation, which is currently unimplemented in crucible-mir.
+                    /*
                     Global.deallocate(self.mem, self.layout);
+                    */
                 }
             }
         }
@@ -3489,9 +3468,12 @@ unsafe impl<#[may_dangle] T: ?Sized, A: Allocator> Drop for Weak<T, A> {
         // the weak count starts at 1, and will only go to zero if all
         // the strong pointers have disappeared.
         if inner.weak() == 0 {
+            // Crucible: skip deallocation, which is currently unimplemented in crucible-mir.
+            /*
             unsafe {
                 self.alloc.deallocate(self.ptr.cast(), Layout::for_value_raw(self.ptr.as_ptr()));
             }
+            */
         }
     }
 }
@@ -4101,7 +4083,10 @@ unsafe impl<#[may_dangle] T: ?Sized, A: Allocator> Drop for UniqueRc<T, A> {
             self.ptr.as_ref().dec_weak();
 
             if self.ptr.as_ref().weak() == 0 {
+                // Crucible: skip deallocation, which is currently unimplemented in crucible-mir.
+                /*
                 self.alloc.deallocate(self.ptr.cast(), Layout::for_value_raw(self.ptr.as_ptr()));
+                */
             }
         }
     }
@@ -4160,6 +4145,8 @@ impl<T: ?Sized, A: Allocator> UniqueRcUninit<T, A> {
 #[cfg(not(no_global_oom_handling))]
 impl<T: ?Sized, A: Allocator> Drop for UniqueRcUninit<T, A> {
     fn drop(&mut self) {
+        // Crucible: skip deallocation, which is currently unimplemented in crucible-mir.
+        /*
         // SAFETY:
         // * new() produced a pointer safe to deallocate.
         // * We own the pointer unless into_rc() was called, which forgets us.
@@ -4169,5 +4156,6 @@ impl<T: ?Sized, A: Allocator> Drop for UniqueRcUninit<T, A> {
                 rc_inner_layout_for_value_layout(self.layout_for_value),
             );
         }
+        */
     }
 }

libs/alloc/src/sync.rs

@@ -498,13 +498,7 @@ impl<T> Arc<T> {
     #[stable(feature = "new_uninit", since = "1.82.0")]
     #[must_use]
     pub fn new_uninit() -> Arc<mem::MaybeUninit<T>> {
-        unsafe {
-            Arc::from_ptr(Arc::allocate_for_layout(
-                Layout::new::<T>(),
-                |layout| Global.allocate(layout),
-                <*mut u8>::cast,
-            ))
-        }
+        Arc::new(mem::MaybeUninit::uninit())
     }
 
     /// Constructs a new `Arc` with uninitialized contents, with the memory
@@ -532,13 +526,7 @@ impl<T> Arc<T> {
     #[unstable(feature = "new_zeroed_alloc", issue = "129396")]
     #[must_use]
     pub fn new_zeroed() -> Arc<mem::MaybeUninit<T>> {
-        unsafe {
-            Arc::from_ptr(Arc::allocate_for_layout(
-                Layout::new::<T>(),
-                |layout| Global.allocate_zeroed(layout),
-                <*mut u8>::cast,
-            ))
-        }
+        Arc::new(mem::MaybeUninit::zeroed())
     }
 
     /// Constructs a new `Pin<Arc<T>>`. If `T` does not implement `Unpin`, then
@@ -605,13 +593,7 @@ impl<T> Arc<T> {
     #[unstable(feature = "allocator_api", issue = "32838")]
     // #[unstable(feature = "new_uninit", issue = "63291")]
     pub fn try_new_uninit() -> Result<Arc<mem::MaybeUninit<T>>, AllocError> {
-        unsafe {
-            Ok(Arc::from_ptr(Arc::try_allocate_for_layout(
-                Layout::new::<T>(),
-                |layout| Global.allocate(layout),
-                <*mut u8>::cast,
-            )?))
-        }
+        Arc::try_new(mem::MaybeUninit::uninit())
     }
 
     /// Constructs a new `Arc` with uninitialized contents, with the memory
@@ -638,13 +620,7 @@ impl<T> Arc<T> {
     #[unstable(feature = "allocator_api", issue = "32838")]
     // #[unstable(feature = "new_uninit", issue = "63291")]
     pub fn try_new_zeroed() -> Result<Arc<mem::MaybeUninit<T>>, AllocError> {
-        unsafe {
-            Ok(Arc::from_ptr(Arc::try_allocate_for_layout(
-                Layout::new::<T>(),
-                |layout| Global.allocate_zeroed(layout),
-                <*mut u8>::cast,
-            )?))
-        }
+        Arc::try_new(mem::MaybeUninit::zeroed())
     }
 }