Fix panic safety issue in drop #15

bluss · 2015-08-20T21:11:43Z

The summary is: SmallVec::drop first attempts to drop every element,
then it inhibits the drop of the inner array. The panic safety issue is
that a panic during drop of an element means the inhibition is never
reached, so the inner data can be dropped again.

If Drop is split betweeen SmallVec and SmallVecData, this issue is
avoided because the SmallVecData drop will be called even in the panic
case.

This solution incurs the overhead of an additional drop flag on
SmallVecData.

Fixes #14


        Panic safety test for SmallVec::drop

A test for issue #14

bluss · 2015-08-20T21:13:09Z

This may not be the solution you want. But it should help anyway, to illustrate the problem(?). Welcome to use the test if not the fix.


        Fix panic safety issue when an element panics in drop

The summary is: SmallVec::drop first attempts to drop every element, then it inhibits the drop of the inner array. The panic safety issue is that a panic during drop of an element means the inhibition is never reached, so the inner data can be dropped again. If Drop is split betweeen SmallVec and SmallVecData, this issue is avoided because the SmallVecData drop will be called even in the panic case. This solution incurs the overhead of an additional drop flag on SmallVecData. Fixes #14

bluss · 2015-08-21T13:14:34Z

Updated fix to not use NoDrop -- the inner SmallVecData serves the same purpose.

SimonSapin · 2015-08-21T14:11:01Z

Yes, I prefer this second version. Thanks!

SimonSapin · 2015-08-21T14:11:03Z

@bors-servo r+

bors-servo · 2015-08-21T14:11:04Z

📌 Commit fbaf095 has been approved by SimonSapin

bors-servo · 2015-08-21T14:11:07Z

⌛ Testing commit fbaf095 with merge b5c3e4f...


        Auto merge of #15 - bluss:drop-nodrop, r=SimonSapin

Fix panic safety issue in drop The summary is: SmallVec::drop first attempts to drop every element, then it inhibits the drop of the inner array. The panic safety issue is that a panic during drop of an element means the inhibition is never reached, so the inner data can be dropped again. If Drop is split betweeen SmallVec and SmallVecData, this issue is avoided because the SmallVecData drop will be called even in the panic case. This solution incurs the overhead of an additional drop flag on SmallVecData. Fixes #14

bors-servo · 2015-08-21T14:12:06Z

☀️ Test successful - travis

Panic safety test for SmallVec::drop

bff26fc

A test for issue #14

bluss force-pushed the bluss:drop-nodrop branch from ecf9078 to dc1de27 Aug 20, 2015

bluss force-pushed the bluss:drop-nodrop branch from dc1de27 to fbaf095 Aug 21, 2015

bluss changed the title ~~Fix panic safety issue in drop by using NoDrop~~ Fix panic safety issue in drop Aug 21, 2015

bors-servo merged commit fbaf095 into servo:master Aug 21, 2015
2 checks passed

2 checks passed

continuous-integration/travis-ci/pr The Travis CI build passed
Details

homu Test successful
Details

bluss deleted the bluss:drop-nodrop branch Aug 21, 2015

bluss mentioned this pull request Dec 7, 2015

Soundness with general (non-Copy) elements, and some Copy elements too. debris/elastic-array#1

Open

scottostler mentioned this pull request Feb 18, 2016

Release new Cargo version #17

Closed

servo / rust-smallvec

Fix panic safety issue in drop #15

Fix panic safety issue in drop #15

bluss commented Aug 20, 2015

bluss commented Aug 20, 2015

bluss commented Aug 21, 2015

SimonSapin commented Aug 21, 2015

SimonSapin commented Aug 21, 2015

bors-servo commented Aug 21, 2015

bors-servo commented Aug 21, 2015

bors-servo commented Aug 21, 2015

servo / rust-smallvec

Join GitHub today

Fix panic safety issue in drop #15

Fix panic safety issue in drop #15

Conversation

bluss commented Aug 20, 2015

bluss commented Aug 20, 2015

bluss commented Aug 21, 2015

SimonSapin commented Aug 21, 2015

SimonSapin commented Aug 21, 2015

bors-servo commented Aug 21, 2015

bors-servo commented Aug 21, 2015

bors-servo commented Aug 21, 2015