Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Use &raw in A|Rc::as_ptr #73845

Merged
merged 10 commits into from
Jul 4, 2020
Merged

Use &raw in A|Rc::as_ptr #73845

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
db539c6
Use raw_ref_op in A|Rc::as_ptr
CAD97 Jun 28, 2020
e4bdf47
Do not require ptr validity in rc::data_offset
CAD97 Jun 28, 2020
d8a9c61
Use impl for Weak::as_ptr that works for unsized T
CAD97 Jun 28, 2020
fc3dc72
Clarify safety comment for A|Rc::as_ptr
CAD97 Jun 30, 2020
0aecf3c
Fix invalid pointer deref in Weak::as_ptr
CAD97 Jun 30, 2020
aed88e1
Clarify when rc::data_offset is safe
CAD97 Jun 30, 2020
ac40d1e
Apply documentation review suggestions
CAD97 Jul 1, 2020
98789ac
Simplify Weak::as_ptr impl
CAD97 Jul 1, 2020
7498cad
Reclarify safety comments in Weak::as_ptr
CAD97 Jul 1, 2020
1b5ac57
Note Weak.ptr never dangles sooner
CAD97 Jul 2, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions src/liballoc/lib.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -100,6 +100,7 @@
#![feature(fundamental)]
#![feature(internal_uninit_const)]
#![feature(lang_items)]
#![feature(layout_for_ptr)]
#![feature(libc)]
#![feature(negative_impls)]
#![feature(new_uninit)]
Expand All @@ -109,6 +110,7 @@
#![feature(pattern)]
#![feature(ptr_internals)]
#![feature(ptr_offset_from)]
#![feature(raw_ref_op)]
#![feature(rustc_attrs)]
#![feature(receiver_trait)]
#![feature(min_specialization)]
Expand Down
32 changes: 15 additions & 17 deletions src/liballoc/rc.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -245,7 +245,7 @@ use core::hash::{Hash, Hasher};
use core::intrinsics::abort;
use core::iter;
use core::marker::{self, PhantomData, Unpin, Unsize};
use core::mem::{self, align_of, align_of_val, forget, size_of_val};
use core::mem::{self, align_of_val_raw, forget, size_of_val};
use core::ops::{CoerceUnsized, Deref, DispatchFromDyn, Receiver};
use core::pin::Pin;
use core::ptr::{self, NonNull};
Expand Down Expand Up @@ -591,17 +591,13 @@ impl<T: ?Sized> Rc<T> {
#[stable(feature = "weak_into_raw", since = "1.45.0")]
pub fn as_ptr(this: &Self) -> *const T {
let ptr: *mut RcBox<T> = NonNull::as_ptr(this.ptr);
let fake_ptr = ptr as *mut T;

// SAFETY: This cannot go through Deref::deref.
// Instead, we manually offset the pointer rather than manifesting a reference.
// This is so that the returned pointer retains the same provenance as our pointer.
// This is required so that e.g. `get_mut` can write through the pointer
// after the Rc is recovered through `from_raw`.
unsafe {
let offset = data_offset(&(*ptr).value);
set_data_ptr(fake_ptr, (ptr as *mut u8).offset(offset))
}
unsafe { &raw const (*ptr).value }
}

/// Constructs an `Rc<T>` from a raw pointer.
Expand Down Expand Up @@ -1708,9 +1704,18 @@ impl<T> Weak<T> {
/// [`null`]: ../../std/ptr/fn.null.html
#[stable(feature = "weak_into_raw", since = "1.45.0")]
pub fn as_ptr(&self) -> *const T {
let offset = data_offset_sized::<T>();
let ptr = self.ptr.cast::<u8>().as_ptr().wrapping_offset(offset);
ptr as *const T
let ptr: *mut RcBox<T> = NonNull::as_ptr(self.ptr);
let fake_ptr = ptr as *mut T;

// SAFETY: we must offset the pointer manually, and said pointer may be
// a dangling weak (usize::MAX). data_offset is safe to call, because we
// know a pointer to unsized T must be derived from a real unsized T,
// because dangling weaks are only created for sized T. wrapping_offset
// is used so that we can use the same code path for dangling weak refs.
unsafe {
let offset = data_offset(&raw const (*ptr).value);
set_data_ptr(fake_ptr, (ptr as *mut u8).wrapping_offset(offset))
}
}

/// Consumes the `Weak<T>` and turns it into a raw pointer.
Expand Down Expand Up @@ -2118,14 +2123,7 @@ unsafe fn data_offset<T: ?Sized>(ptr: *const T) -> isize {
// Because it is ?Sized, it will always be the last field in memory.
// Note: This is a detail of the current implementation of the compiler,
// and is not a guaranteed language detail. Do not rely on it outside of std.
unsafe { data_offset_align(align_of_val(&*ptr)) }
}

/// Computes the offset of the data field within `RcBox`.
///
/// Unlike [`data_offset`], this doesn't need the pointer, but it works only on `T: Sized`.
fn data_offset_sized<T>() -> isize {
data_offset_align(align_of::<T>())
unsafe { data_offset_align(align_of_val_raw(ptr)) }
}

#[inline]
Expand Down
30 changes: 14 additions & 16 deletions src/liballoc/sync.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ use core::hash::{Hash, Hasher};
use core::intrinsics::abort;
use core::iter;
use core::marker::{PhantomData, Unpin, Unsize};
use core::mem::{self, align_of, align_of_val, size_of_val};
use core::mem::{self, align_of_val, size_of_val};
use core::ops::{CoerceUnsized, Deref, DispatchFromDyn, Receiver};
use core::pin::Pin;
use core::ptr::{self, NonNull};
Expand Down Expand Up @@ -590,17 +590,13 @@ impl<T: ?Sized> Arc<T> {
#[stable(feature = "weak_into_raw", since = "1.45.0")]
pub fn as_ptr(this: &Self) -> *const T {
let ptr: *mut ArcInner<T> = NonNull::as_ptr(this.ptr);
let fake_ptr = ptr as *mut T;

// SAFETY: This cannot go through Deref::deref.
// Instead, we manually offset the pointer rather than manifesting a reference.
// This is so that the returned pointer retains the same provenance as our pointer.
// This is required so that e.g. `get_mut` can write through the pointer
// after the Arc is recovered through `from_raw`.
unsafe {
let offset = data_offset(&(*ptr).data);
set_data_ptr(fake_ptr, (ptr as *mut u8).offset(offset))
}
unsafe { &raw const (*ptr).data }
}

/// Constructs an `Arc<T>` from a raw pointer.
Expand Down Expand Up @@ -1476,9 +1472,18 @@ impl<T> Weak<T> {
/// [`null`]: ../../std/ptr/fn.null.html
#[stable(feature = "weak_into_raw", since = "1.45.0")]
pub fn as_ptr(&self) -> *const T {
let offset = data_offset_sized::<T>();
let ptr = self.ptr.cast::<u8>().as_ptr().wrapping_offset(offset);
ptr as *const T
let ptr: *mut ArcInner<T> = NonNull::as_ptr(self.ptr);
let fake_ptr = ptr as *mut T;

// SAFETY: we must offset the pointer manually, and said pointer may be
// a dangling weak (usize::MAX). data_offset is safe to call, because we
// know a pointer to unsized T must be derived from a real unsized T,
// because dangling weaks are only created for sized T. wrapping_offset
// is used so that we can use the same code path for dangling weak refs.
unsafe {
let offset = data_offset(&raw const (*ptr).data);
set_data_ptr(fake_ptr, (ptr as *mut u8).wrapping_offset(offset))
}
}

/// Consumes the `Weak<T>` and turns it into a raw pointer.
Expand Down Expand Up @@ -2279,13 +2284,6 @@ unsafe fn data_offset<T: ?Sized>(ptr: *const T) -> isize {
unsafe { data_offset_align(align_of_val(&*ptr)) }
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

oops this line should have been align_of_val_raw now, right?

But I doubt that that's enough to fix #80365.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, it definitely should have been. I don't know how I missed this one 🙃

}

/// Computes the offset of the data field within `ArcInner`.
///
/// Unlike [`data_offset`], this doesn't need the pointer, but it works only on `T: Sized`.
fn data_offset_sized<T>() -> isize {
data_offset_align(align_of::<T>())
}

#[inline]
fn data_offset_align(align: usize) -> isize {
let layout = Layout::new::<ArcInner<()>>();
Expand Down