Remove uses of Pin::new_unchecked in h1 Dispatcher #1374
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This removes the last uses of unsafe
Pin
functions in actix-web.This PR adds a
Pin<Box<_>>
wrapper toDispatcherState::Upgrade
,State::ExpectCall
, andState::ServiceCall
.The previous uses of the futures
State::ExpectCall
andState::ServiceCall
were Undefined Behavior - a future was obtained from
self.expect.call
or
self.service.call
, pinned on the stack, and then immediatelyreturned from
handle_request
. The only alternative to usingBox::pin
would be to refactor
handle_request
to write the futures directly intotheir final location, or avoid polling them before they are returned.
The previous use of
DispatcherState::Upgrade
doesn't seem to beunsound. However, having data pinned inside an enum that we
std::mem::replace
would require some carefulunsafe
code to ensurethat we never call
std::mem::replace
when the active variant containspinned data. By using
Box::pin
, we any possibility of futurerefactoring accidentally introducing undefined behavior.