New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
avoid mem-forget-in-disguise #458
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Huh, using Box::into_raw
like that seems somewhat confusing.
src/bytes.rs
Outdated
let ptr = slice.as_ptr(); | ||
drop(Box::into_raw(slice)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
How does this compare to just doing this?
let ptr = Box::into_raw(slice) as *const _;
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Where the as
here is doing the wide-to-thin ptr conversion?
Yeah something like that should also work. The important part is not using slice
any more after ptr
got created.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm mainly worried about the as_ptr
creating the pointer through a &self
instead of &mut self
, but that may not be a problem since this is for Bytes
where we can't modify it anyway.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That's fair. I updated my patch.
This fixes stacked borrows violation violations. See tokio-rs/bytes#458 for more.
This fixes stacked borrows violation violations. See tokio-rs/bytes#458 for more.
This fixes stacked borrows violation violations. See tokio-rs/bytes#458 for more.
This fixes stacked borrows violation violations. See tokio-rs/bytes#458 for more.
Box::into_raw(slice)
(which is used just as a way to encodemem::forget
here, from what I can tell) uses theBox
and thus asserts its uniqueness as a pointer, which is not compatible with what the code here does. That's why the docs recommendManuallyDrop
overmem::forget
. This adjusts the code accordingly.I found this with Miri using the
-Zmiri-track-raw-pointers
flag. Unfortunately, the test suite cannot pass with that flag sincebytes
uses int-to-ptr casts, which are incompatible with-Zmiri-track-raw-pointers
. But this fix seems worth landing nevertheless.