Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Clarify the relationship between forget() and ManuallyDrop. #69618

Merged
merged 4 commits into from
Mar 20, 2020
Merged

Clarify the relationship between forget() and ManuallyDrop. #69618

merged 4 commits into from
Mar 20, 2020

Commits on Mar 19, 2020

  1. Clarify the relationship between forget() and ManuallyDrop. 

    As discussed on reddit, this commit addresses two issues with the
documentation of `mem::forget()`:

* The documentation of `mem::forget()` can confuse the reader because of the
  discrepancy between usage examples that show correct usage and the
  accompanying text which speaks of the possibility of double-free.  The
  text that says "if the panic occurs before `mem::forget` was called"
  refers to a variant of the second example that was never shown, modified
  to use `mem::forget` instead of `ManuallyDrop`.  Ideally the documentation
  should show both variants, so it's clear what it's talking about.

  Also, the double free could be fixed just by placing `mem::forget(v)`
  before the construction of `s`.  Since the lifetimes of `s` and `v`
  wouldn't overlap, there would be no point where panic could cause a double
  free.  This could be mentioned, and contrasted against the more robust fix
  of using `ManuallyDrop`.

* This sentence seems unjustified: "For some types, operations such as
  passing ownership (to a funcion like `mem::forget`) requires them to
  actually be fully owned right now [...]".  Unlike C++, Rust has no move
  constructors, its moves are (possibly elided) bitwise copies.  Even if you
  pass an invalid object to `mem::forget`, no harm should come to pass
  because `mem::forget` consumes the object and exists solely to prevent
  drop, so there no one left to observe the invalid state state.
    @hniksic
    hniksic committed Mar 19, 2020
    Configuration menu
    Copy the full SHA
    8e0398c View commit details
    Browse the repository at this point in the history

  2. Restore (and reword) the warning against passing invalid values to me… 

    …m::forget.

As pointed out by Ralf Jung, dangling references and boxes are
undefined behavior as per
https://doc.rust-lang.org/reference/behavior-considered-undefined.html
and the Miri checker.
    @hniksic
    hniksic committed Mar 19, 2020
    Configuration menu
    Copy the full SHA
    2a08b0e View commit details
    Browse the repository at this point in the history

  3. Minor re-wordings and typo fixes. 

    Co-Authored-By: Ralf Jung <post@ralfj.de>
    @hniksic @RalfJung
    hniksic and RalfJung committed Mar 19, 2020
    Configuration menu
    Copy the full SHA
    7554341 View commit details
    Browse the repository at this point in the history

  4. Don't hard-code the vector length in the examples. 

    Co-Authored-By: lzutao <taolzu@gmail.com>
    @hniksic @tesuji
    hniksic and tesuji committed Mar 19, 2020
    Configuration menu
    Copy the full SHA
    2bebe8d View commit details
    Browse the repository at this point in the history