Make deref on GcRef into an unsafe get to avoid unsoundness
This commit is contained in:
parent
cd1d83714b
commit
2f690250ae
4 changed files with 31 additions and 14 deletions
|
@ -2,6 +2,7 @@ use std::ptr::NonNull;
|
||||||
|
|
||||||
use super::gc_ref::GcRef;
|
use super::gc_ref::GcRef;
|
||||||
use super::trace;
|
use super::trace;
|
||||||
|
use crate::trace::GCTrace;
|
||||||
|
|
||||||
#[derive(Default)]
|
#[derive(Default)]
|
||||||
pub struct GCAllocator {
|
pub struct GCAllocator {
|
||||||
|
@ -10,6 +11,7 @@ pub struct GCAllocator {
|
||||||
|
|
||||||
impl GCAllocator {
|
impl GCAllocator {
|
||||||
#[inline(always)]
|
#[inline(always)]
|
||||||
|
/// Allocate a value on the heap
|
||||||
pub fn alloc<T: trace::GCTrace>(&mut self, x: T) -> GcRef<T> {
|
pub fn alloc<T: trace::GCTrace>(&mut self, x: T) -> GcRef<T> {
|
||||||
let alloc = Allocation::new(x);
|
let alloc = Allocation::new(x);
|
||||||
let ptr = alloc.ptr as *mut T;
|
let ptr = alloc.ptr as *mut T;
|
||||||
|
@ -61,7 +63,7 @@ impl Allocation {
|
||||||
let ptr = Box::into_raw(alloc) as *mut ();
|
let ptr = Box::into_raw(alloc) as *mut ();
|
||||||
|
|
||||||
let drop = |ptr| unsafe {
|
let drop = |ptr| unsafe {
|
||||||
Box::from_raw(ptr as *mut T);
|
std::mem::drop(Box::from_raw(ptr as *mut T));
|
||||||
};
|
};
|
||||||
|
|
||||||
Self { ptr, drop }
|
Self { ptr, drop }
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
use std::{marker::PhantomData, ops::Deref, ptr::NonNull};
|
use std::{marker::PhantomData, ptr::NonNull};
|
||||||
|
|
||||||
use crate::trace::GCTrace;
|
use crate::trace::GCTrace;
|
||||||
|
|
||||||
|
@ -10,23 +10,34 @@ impl<T: GCTrace> Clone for GcRef<T> {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
impl<T: GCTrace> Deref for GcRef<T> {
|
|
||||||
type Target = T;
|
|
||||||
|
|
||||||
fn deref(&self) -> &Self::Target {
|
|
||||||
unsafe { self.0.as_ref() }
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
impl<T: GCTrace> GcRef<T> {
|
impl<T: GCTrace> GcRef<T> {
|
||||||
pub(crate) unsafe fn new(ptr: NonNull<T>) -> Self {
|
pub(crate) unsafe fn new(ptr: NonNull<T>) -> Self {
|
||||||
Self(ptr, PhantomData)
|
Self(ptr, PhantomData)
|
||||||
}
|
}
|
||||||
|
|
||||||
/// # Safety
|
/// # Safety
|
||||||
/// Ensure that this is the only instance of a pointer to the underlying value.
|
/// The caller needs to ensure that the underlying pointer hasn't been garbage collected.
|
||||||
/// You might want to instead use one of various [cell][`std::cell`] types as the allocated
|
/// Since the drop order for garbage collected structs is undefined that means it is never
|
||||||
/// type
|
/// safe to call this function in a [Drop::drop].
|
||||||
|
///
|
||||||
|
/// Do note that this doesn't mean that any particular instance of GcRef has to be marked
|
||||||
|
/// as reachable during a call to [GCAllocator::gc][`crate::allocator::GCAllocator::gc`]
|
||||||
|
/// but instead any GcRef instance referring to the same underlying pointer has to be reachable
|
||||||
|
pub unsafe fn get(&self) -> &T {
|
||||||
|
unsafe { self.0.as_ref() }
|
||||||
|
}
|
||||||
|
|
||||||
|
/// # Safety
|
||||||
|
/// The caller needs to ensure that the underlying pointer hasn't been garbage collected.
|
||||||
|
/// See [GcRef::get] for more details
|
||||||
|
///
|
||||||
|
/// The caller needs to ensure that this is the only instance of a pointer to the underlying value
|
||||||
|
/// (in other words that [Clone] hasn't been called, or that all other clones of the pointer have
|
||||||
|
/// already been dropped).
|
||||||
|
///
|
||||||
|
/// This function is hard(but not impossible) to use without causing UB. Unless you have a
|
||||||
|
/// really special use case you might want to instead use one of various [cell][`std::cell`]
|
||||||
|
/// types as the allocated type.
|
||||||
pub unsafe fn get_mut(this: &mut Self) -> &mut T {
|
pub unsafe fn get_mut(this: &mut Self) -> &mut T {
|
||||||
this.0.as_mut()
|
this.0.as_mut()
|
||||||
}
|
}
|
||||||
|
|
|
@ -11,11 +11,14 @@ pub mod test_utils;
|
||||||
|
|
||||||
#[cfg(test)]
|
#[cfg(test)]
|
||||||
pub(crate) mod tests {
|
pub(crate) mod tests {
|
||||||
|
|
||||||
use super::allocator::GCAllocator;
|
use super::allocator::GCAllocator;
|
||||||
|
use super::gc_ref::GcRef;
|
||||||
use super::test_utils::GotDropped;
|
use super::test_utils::GotDropped;
|
||||||
|
use super::trace::GCTrace;
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn it_works() {
|
fn gc_allocates_and_frees_structs() {
|
||||||
let got_dropped = GotDropped::default();
|
let got_dropped = GotDropped::default();
|
||||||
|
|
||||||
let mut gc = GCAllocator::default();
|
let mut gc = GCAllocator::default();
|
||||||
|
|
|
@ -7,6 +7,7 @@ unsafe impl GCTrace for i64 {}
|
||||||
unsafe impl GCTrace for u64 {}
|
unsafe impl GCTrace for u64 {}
|
||||||
unsafe impl GCTrace for f32 {}
|
unsafe impl GCTrace for f32 {}
|
||||||
unsafe impl GCTrace for f64 {}
|
unsafe impl GCTrace for f64 {}
|
||||||
|
unsafe impl GCTrace for bool {}
|
||||||
unsafe impl GCTrace for isize {}
|
unsafe impl GCTrace for isize {}
|
||||||
unsafe impl GCTrace for usize {}
|
unsafe impl GCTrace for usize {}
|
||||||
unsafe impl GCTrace for String {}
|
unsafe impl GCTrace for String {}
|
||||||
|
|
Loading…
Reference in a new issue