[alloc+atomic] Making the two slab allocators Sync under the atomic feature flag

[williamwutq]

Description: Under the flag atomic, making the two slab allocators (SlabBStackAllocator and CheckedSlabBStackAllocator) operations atomic and safe across threads with a mutex and bstack atomic methods such as try_extend_zeros and try_discard, implementing the rust Sync trait.

Important Feature: No
Type: Allocator - Optimization; Allocator - Concurrent
Tests: Included
Feature Flags: alloc + set + atomic
Breaking change: No
New Types: None
Rust Only: No
Fuzz: Yes
Safety Review: Needed: Crash Safety, Invariants, Thread Safety

[Copilot]

Pull request overview

Enables safe cross-thread sharing of the slab allocators under the atomic feature by introducing allocator-level mutexes around multi-step free-list/tail logic and using BStack’s atomic tail operations (try_extend_zeros / try_discard) where appropriate. This is paired with a format “patch” bump (magic bytes) and documentation/C-API updates to describe the new thread-safety behavior.

Changes:

• Add Mutex<()>-based internal locking to SlabBStackAllocator and CheckedSlabBStackAllocator under feature = "atomic" to make them Sync.
• Use try_extend_zeros / try_discard for atomic tail check-and-act paths (plus revised locking scopes in several alloc/dealloc/realloc paths).
• Update on-disk magic bytes and document the version/thread-safety changes across Rust docs, README/CHANGELOG, and the C allocator wrappers (including adding an opaque lock field + init/destroy helpers).

Reviewed changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated 8 comments.

Show a summary per file

File	Description
src/alloc/slab.rs	Adds allocator mutex under atomic, updates alloc/dealloc/realloc to be thread-safe, bumps magic bytes, adds Send/Sync assertions.
src/alloc/checked_slab.rs	Same as slab variant plus locks recover(); revises atomic tail handling in alloc/dealloc/realloc; bumps magic bytes; adds Send/Sync assertions.
README.md	Adds thread-safety sections for both slab allocators under atomic.
CHANGELOG.md	Documents the allocator magic bump and the new Send + Sync behavior under atomic.
c/bstack_alloc.h	Documents thread-safety for slab allocators and adds an opaque lock field under BSTACK_FEATURE_ATOMIC.
c/bstack_alloc.c	Implements lock init/destroy helpers; wires locking + atomic tail ops into slab/checked-slab allocators; bumps magic bytes.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 9 out of 9 changed files in this pull request and generated 5 comments.

Comments suppressed due to low confidence (1)

src/alloc/slab.rs:464

• With atomic, the mutex guard in alloc() stays in scope across the tail-extend fallback. That serializes BStack::extend unnecessarily (and contradicts the “tail ops don’t need allocator lock” model used elsewhere), increasing contention for concurrent allocators.

        if len <= self.block_size {
            #[cfg(feature = "atomic")]
            let _guard = self.lock.lock().unwrap();
            if let Some(block) = self.pop_free_block()? {
                // SAFETY: block is a valid block_size region from pop_free_block
                return Ok(unsafe { BStackSlice::from_raw_parts(self, block.into(), len) });
            }
            let offset = self.stack.extend(self.block_size)?;
            // SAFETY: offset from a fresh tail extension of block_size bytes
            return Ok(unsafe { BStackSlice::from_raw_parts(self, offset, len) });
        }

[Copilot]

Pull request overview

Copilot reviewed 12 out of 12 changed files in this pull request and generated 7 comments.