Mock-builder: add support for custom lifetimes #1335
Conversation
lemunozm
added
D2-notify
lemunozm
force-pushed
the
mock-builder/custom-lifetimes
branch
from
c2d8023
to
27039bc
Compare
lemunozm
force-pushed
the
mock-builder/custom-lifetimes
branch
from
26f9f80
to
37190f7
Compare
libs/mock-builder/src/storage.rs
Outdated
| let f = Box::new(f) as Box<dyn Fn(I) -> O>; | ||
| let ptr = Box::into_raw(f); | ||
|
|
||
| // SAFETY: transforming a wide pointer to an u128 is always safe. |
There was a problem hiding this comment.
Generally, I don't think this is true. Can you show a short proof?
There was a problem hiding this comment.
It's safe in the same way a "normal" reference is always transformable into a * const u64. In fact, the following line does not require unsafe rust:
let reference: &u64 = ...
let ptr = reference as *const u64 This is safe because, it is just an address, a number. What it's not safe is what you do with that address, because all invariants and protections are broken after this.
This is why the other unsafe is the critical one, and you must ensure that the ptr still exists and corresponds to the same type as the original.
There was a problem hiding this comment.
Regarding "why exactly u128?" It's because any &dyn Type is a wide pointer: one part corresponds to the pointer itself and the other to the metadata pointer that contains the trait information of the closure. We do not care about how both pointers are sorted in memory, because we are undoing the same we did in the other method for the same type.
There was a problem hiding this comment.
It might be good to add more explanation in the comments--like how this enables us to use a fixed size in the CallInfo struct for the ptr as opposed to having to know the size/alignment of the vtable ptr in the fat pointer.
Would it be reasonable to have CallInfo have 2 usize fields for the closure address and vtable address instead and use ptr::from_raw_parts to build ptr instead?
There was a problem hiding this comment.
Agree 馃憤馃徎 I'll add a better explanation. Regarding the 2 usize fields, I think separating could confuse in the sense that seems that they should be used separately when not. We only need to allocate that, but not use the internals. Again, I think a good explanation into the code is needed.
libs/mock-builder/src/storage.rs
Outdated
| )); | ||
| } | ||
|
|
||
| // SAFETY: The existance of this boxed clousure in consequent calls is ensured |
There was a problem hiding this comment.
nit
| // SAFETY: The existance of this boxed clousure in consequent calls is ensured | |
| // SAFETY: The existence of this boxed closure in consequent calls is ensured |
There was a problem hiding this comment.
This is some real inception level stuff: The existence is ensured by the forget call 馃く
There was a problem hiding this comment.
Realize this means that you have done a very good review. Thanks so much! 馃檶馃徎
libs/mock-builder/src/storage.rs
Outdated
| let f = Box::new(f) as Box<dyn Fn(I) -> O>; | ||
| let ptr = Box::into_raw(f); | ||
|
|
||
| // SAFETY: transforming a wide pointer to an u128 is always safe. |
There was a problem hiding this comment.
It might be good to add more explanation in the comments--like how this enables us to use a fixed size in the CallInfo struct for the ptr as opposed to having to know the size/alignment of the vtable ptr in the fat pointer.
Would it be reasonable to have CallInfo have 2 usize fields for the closure address and vtable address instead and use ptr::from_raw_parts to build ptr instead?
libs/mock-builder/src/storage.rs
Outdated
| )); | ||
| } | ||
|
|
||
| // SAFETY: The existence of this boxed closure in consequent calls is ensured |
There was a problem hiding this comment.
It might be good to update comment to indicate how these are being persisted--that forget takes ownership, but doesn't call destructor. I was initially unclear as to what was actually going on here.
There was a problem hiding this comment.
Ok! I'll do it. Thanks for the advice and for taking the time to deep into it, it's not an easy PR.
| Error::TypeNotMatch => "The function is registered but the type mismatches", | ||
| } | ||
| ) | ||
| match self { |
|
|
||
| /// Identify a call in the call storage | ||
| pub type CallId = u64; | ||
|
|
||
| trait Callable { | ||
| fn as_any(&self) -> &dyn Any; | ||
| struct CallInfo { |
There was a problem hiding this comment.
Very cool that we can have this as known fixed size, though have comment below in casting thread about the transmute.
|
@thea-leake, I've documented every weird case I was able to see. In the process, I've simplified a bit the |
Description
This is the last technical requirement for
mock-builder. After this PR, I think we can test any possible trait. 馃帀 Future work is to create procedural macros to reduce boilerplate. Roadmap hereNew features:
'static) supported.Fixes #1322
Changes and Descriptions
'static