Weak::from_raw is practically unusable #73840
Comments
|
(I don't know if C-bug is the correct label for a "documentation bug," but it was the closest template to correct.) |
jonas-schievink
added
the
T-libs-api
|
I guess that |
|
That's obviously the intent and what the implementation shows is the case, but when considering documented properties of an API, you have to only consider the documented API. A correct resolution to the issue would be to adjust the documentation to clarify that the weak count is referring to the hidden internal weak count that's not exposed (except conceptually for the safety of |
|
Yes, it's meant as the actual number of weak pointers pointing there (including the ones „frozen“ to raw pointers), not what some method returns (if it's currently in the form of the raw pointer, you really can't even call the method, so I'm not sure if that part can even apply). I agree it could probably be documented better. I'd try to fix the docs, but considering I've already updated them like 3 times during the review and they still haven't ended up entirely correct, I'll probably ask if you want to give it a go first, as obviously the docs aren't my strong ability :-). |
|
The main thing this requires is actually specifying how the "internal" weak count works, and guarnateeing that we don't do "clever" things with converting "zombie |
|
🤔 Maybe just getting rid of the „weak count“ term altogether and try to describe it in a way that the Or maybe just point out that the „weak count“ is meant in its natural meaning, not referring to the method. |
|
Ok, looking into this, how about wording like this? On the into_raw:
And on the
Do you think this would be better? |
|
Yeah, I think that wording captures the semantics properly. |
|
Thanks. I'll get around to submitting the changes some time soonish. |
…lnay Don't use "weak count" around Weak::from_raw_ptr As `Rc/Arc::weak_count` returns 0 when having no strong counts, this could be confusing and it's better to avoid using that completely. Closes rust-lang#73840.
... as documented.
The problem: this line from the documentation:
The weak count as reported by
Weak::weak_countis 0 when the strong count is 0, even if there are still outstanding weak references:The combination of these two means that getting a pointer from
Weak::into_rawis not enough to guarantee that it's safe to use inWeak::from_raw. Instead, you have to know that (if it originated from a strong reference) you still have an outstanding strong reference to the allocation, because otherwise the (exposed) weak count is 0, and thus callingfrom_rawis "documented UB".To properly document when this is intuitively allowed (i.e. it's allowed because I got the pointer from
into_rawand have calledinto_rawmore thanfrom_raw, so there are still "unowned" raw weak references to claim) (which lines up with what the implementation allows), we need to expose (probably docs only) the fact that there is still being a weak reference count behind the hood being tracked until all of theWeaks have been dropped.This will probably also require guaranteeing that
Weakdoesn't drop its weak reference and become dangling "early" (e.g. note thatupgradefailed, decrement the (real) weak count (potentially deallocating the place), and become a dangling weak via internal mutability) and thatWeak::cloneon a "zombie"Weakincrements the (real) weak count and creates a new "zombie"Weak, not a danglingWeak.The text was updated successfully, but these errors were encountered: