lib: replace some mem::forget's with ManuallyDrop

This commit is contained in:
Pavel Grigorenko 2024-07-14 22:17:28 +03:00
parent 594702ebb5
commit f6fe7e49a2
20 changed files with 87 additions and 131 deletions

View File

@ -259,7 +259,7 @@
#[cfg(not(no_global_oom_handling))]
use core::iter;
use core::marker::{PhantomData, Unsize};
use core::mem::{self, align_of_val_raw, forget, ManuallyDrop};
use core::mem::{self, align_of_val_raw, ManuallyDrop};
use core::ops::{CoerceUnsized, Deref, DerefMut, DerefPure, DispatchFromDyn, Receiver};
use core::panic::{RefUnwindSafe, UnwindSafe};
#[cfg(not(no_global_oom_handling))]
@ -908,9 +908,10 @@ pub fn pin_in(value: T, alloc: A) -> Pin<Self>
#[stable(feature = "rc_unique", since = "1.4.0")]
pub fn try_unwrap(this: Self) -> Result<T, Self> {
if Rc::strong_count(&this) == 1 {
unsafe {
let val = ptr::read(&*this); // copy the contained object
let alloc = ptr::read(&this.alloc); // copy the allocator
let this = ManuallyDrop::new(this);
let val: T = unsafe { ptr::read(&**this) }; // copy the contained object
let alloc: A = unsafe { ptr::read(&this.alloc) }; // copy the allocator
// Indicate to Weaks that they can't be promoted by decrementing
// the strong count, and then remove the implicit "strong weak"
@ -918,9 +919,7 @@ pub fn try_unwrap(this: Self) -> Result<T, Self> {
// fake Weak.
this.inner().dec_strong();
let _weak = Weak { ptr: this.ptr, alloc };
forget(this);
Ok(val)
}
} else {
Err(this)
}
@ -1354,9 +1353,8 @@ pub fn allocator(this: &Self) -> &A {
#[stable(feature = "rc_raw", since = "1.17.0")]
#[rustc_never_returns_null_ptr]
pub fn into_raw(this: Self) -> *const T {
let ptr = Self::as_ptr(&this);
mem::forget(this);
ptr
let this = ManuallyDrop::new(this);
Self::as_ptr(&*this)
}
/// Consumes the `Rc`, returning the wrapped pointer and allocator.
@ -2127,7 +2125,7 @@ fn drop(&mut self) {
}
// All clear. Forget the guard so it doesn't free the new RcBox.
forget(guard);
mem::forget(guard);
Self::from_ptr(ptr)
}
@ -3080,9 +3078,7 @@ pub fn as_ptr(&self) -> *const T {
#[must_use = "losing the pointer will leak memory"]
#[stable(feature = "weak_into_raw", since = "1.45.0")]
pub fn into_raw(self) -> *const T {
let result = self.as_ptr();
mem::forget(self);
result
mem::ManuallyDrop::new(self).as_ptr()
}
/// Consumes the `Weak<T>`, returning the wrapped pointer and allocator.
@ -3762,10 +3758,11 @@ fn data_ptr(&mut self) -> *mut T {
/// # Safety
///
/// The data must have been initialized (by writing to [`Self::data_ptr()`]).
unsafe fn into_rc(mut self) -> Rc<T, A> {
let ptr = self.ptr;
let alloc = self.alloc.take().unwrap();
mem::forget(self);
unsafe fn into_rc(self) -> Rc<T, A> {
let mut this = ManuallyDrop::new(self);
let ptr = this.ptr;
let alloc = this.alloc.take().unwrap();
// SAFETY: The pointer is valid as per `UniqueRcUninit::new`, and the caller is responsible
// for having initialized the data.
unsafe { Rc::from_ptr_in(ptr.as_ptr(), alloc) }

View File

@ -20,7 +20,7 @@
#[cfg(not(no_global_oom_handling))]
use core::iter;
use core::marker::{PhantomData, Unsize};
use core::mem::{self, align_of_val_raw};
use core::mem::{self, align_of_val_raw, ManuallyDrop};
use core::ops::{CoerceUnsized, Deref, DerefPure, DispatchFromDyn, Receiver};
use core::panic::{RefUnwindSafe, UnwindSafe};
use core::pin::Pin;
@ -960,17 +960,15 @@ pub fn try_unwrap(this: Self) -> Result<T, Self> {
acquire!(this.inner().strong);
unsafe {
let elem = ptr::read(&this.ptr.as_ref().data);
let alloc = ptr::read(&this.alloc); // copy the allocator
let this = ManuallyDrop::new(this);
let elem: T = unsafe { ptr::read(&this.ptr.as_ref().data) };
let alloc: A = unsafe { ptr::read(&this.alloc) }; // copy the allocator
// Make a weak pointer to clean up the implicit strong-weak reference
let _weak = Weak { ptr: this.ptr, alloc };
mem::forget(this);
Ok(elem)
}
}
/// Returns the inner value, if the `Arc` has exactly one strong reference.
///
@ -1493,9 +1491,8 @@ pub fn allocator(this: &Self) -> &A {
#[stable(feature = "rc_raw", since = "1.17.0")]
#[rustc_never_returns_null_ptr]
pub fn into_raw(this: Self) -> *const T {
let ptr = Self::as_ptr(&this);
mem::forget(this);
ptr
let this = ManuallyDrop::new(this);
Self::as_ptr(&*this)
}
/// Consumes the `Arc`, returning the wrapped pointer and allocator.
@ -2801,9 +2798,7 @@ pub fn as_ptr(&self) -> *const T {
#[must_use = "losing the pointer will leak memory"]
#[stable(feature = "weak_into_raw", since = "1.45.0")]
pub fn into_raw(self) -> *const T {
let result = self.as_ptr();
mem::forget(self);
result
ManuallyDrop::new(self).as_ptr()
}
/// Consumes the `Weak<T>`, returning the wrapped pointer and allocator.
@ -3875,13 +3870,14 @@ fn data_ptr(&mut self) -> *mut T {
/// # Safety
///
/// The data must have been initialized (by writing to [`Self::data_ptr()`]).
unsafe fn into_arc(mut self) -> Arc<T, A> {
let ptr = self.ptr;
let alloc = self.alloc.take().unwrap();
mem::forget(self);
unsafe fn into_arc(self) -> Arc<T, A> {
let mut this = ManuallyDrop::new(self);
let ptr = this.ptr.as_ptr();
let alloc = this.alloc.take().unwrap();
// SAFETY: The pointer is valid as per `UniqueArcUninit::new`, and the caller is responsible
// for having initialized the data.
unsafe { Arc::from_ptr_in(ptr.as_ptr(), alloc) }
unsafe { Arc::from_ptr_in(ptr, alloc) }
}
}

View File

@ -1,10 +1,9 @@
#![stable(feature = "futures_api", since = "1.36.0")]
use crate::mem::transmute;
use crate::any::Any;
use crate::fmt;
use crate::marker::PhantomData;
use crate::mem::{transmute, ManuallyDrop};
use crate::panic::AssertUnwindSafe;
use crate::ptr;
@ -465,16 +464,14 @@ impl Waker {
pub fn wake(self) {
// The actual wakeup call is delegated through a virtual function call
// to the implementation which is defined by the executor.
let wake = self.waker.vtable.wake;
let data = self.waker.data;
// Don't call `drop` -- the waker will be consumed by `wake`.
crate::mem::forget(self);
let this = ManuallyDrop::new(self);
// SAFETY: This is safe because `Waker::from_raw` is the only way
// to initialize `wake` and `data` requiring the user to acknowledge
// that the contract of `RawWaker` is upheld.
unsafe { (wake)(data) };
unsafe { (this.waker.vtable.wake)(this.waker.data) };
}
/// Wake up the task associated with this `Waker` without consuming the `Waker`.
@ -726,16 +723,14 @@ impl LocalWaker {
pub fn wake(self) {
// The actual wakeup call is delegated through a virtual function call
// to the implementation which is defined by the executor.
let wake = self.waker.vtable.wake;
let data = self.waker.data;
// Don't call `drop` -- the waker will be consumed by `wake`.
crate::mem::forget(self);
let this = ManuallyDrop::new(self);
// SAFETY: This is safe because `Waker::from_raw` is the only way
// to initialize `wake` and `data` requiring the user to acknowledge
// that the contract of `RawWaker` is upheld.
unsafe { (wake)(data) };
unsafe { (this.waker.vtable.wake)(this.waker.data) };
}
/// Wake up the task associated with this `LocalWaker` without consuming the `LocalWaker`.

View File

@ -1,7 +1,7 @@
//! Buffer management for same-process client<->server communication.
use std::io::{self, Write};
use std::mem;
use std::mem::{self, ManuallyDrop};
use std::ops::{Deref, DerefMut};
use std::slice;
@ -129,17 +129,16 @@ fn drop(&mut self) {
}
impl From<Vec<u8>> for Buffer {
fn from(mut v: Vec<u8>) -> Self {
fn from(v: Vec<u8>) -> Self {
let mut v = ManuallyDrop::new(v);
let (data, len, capacity) = (v.as_mut_ptr(), v.len(), v.capacity());
mem::forget(v);
// This utility function is nested in here because it can *only*
// be safely called on `Buffer`s created by *this* `proc_macro`.
fn to_vec(b: Buffer) -> Vec<u8> {
unsafe {
let Buffer { data, len, capacity, .. } = b;
mem::forget(b);
Vec::from_raw_parts(data, len, capacity)
let b = ManuallyDrop::new(b);
Vec::from_raw_parts(b.data, b.len, b.capacity)
}
}

View File

@ -51,9 +51,7 @@ fn drop(&mut self) {
impl<S> Encode<S> for $oty {
fn encode(self, w: &mut Writer, s: &mut S) {
let handle = self.handle;
mem::forget(self);
handle.encode(w, s);
mem::ManuallyDrop::new(self).handle.encode(w, s);
}
}

View File

@ -8,7 +8,7 @@
use crate::fs;
use crate::io;
use crate::marker::PhantomData;
use crate::mem::forget;
use crate::mem::ManuallyDrop;
#[cfg(not(any(target_arch = "wasm32", target_env = "sgx", target_os = "hermit")))]
use crate::sys::cvt;
use crate::sys_common::{AsInner, FromInner, IntoInner};
@ -141,9 +141,7 @@ fn as_raw_fd(&self) -> RawFd {
impl IntoRawFd for OwnedFd {
#[inline]
fn into_raw_fd(self) -> RawFd {
let fd = self.fd;
forget(self);
fd
ManuallyDrop::new(self).fd
}
}

View File

@ -49,7 +49,7 @@
use crate::fmt;
use crate::marker::PhantomData;
use crate::mem::forget;
use crate::mem::ManuallyDrop;
use crate::net;
use crate::sys;
use crate::sys_common::{self, AsInner, FromInner, IntoInner};
@ -149,9 +149,7 @@ fn as_raw_fd(&self) -> RawFd {
impl IntoRawFd for OwnedFd {
#[inline]
fn into_raw_fd(self) -> RawFd {
let fd = self.fd;
forget(self);
fd
ManuallyDrop::new(self).fd
}
}

View File

@ -7,7 +7,7 @@
use crate::fs;
use crate::io;
use crate::marker::PhantomData;
use crate::mem::{forget, ManuallyDrop};
use crate::mem::ManuallyDrop;
use crate::ptr;
use crate::sys;
use crate::sys::cvt;
@ -319,9 +319,7 @@ fn as_raw_handle(&self) -> RawHandle {
impl IntoRawHandle for OwnedHandle {
#[inline]
fn into_raw_handle(self) -> RawHandle {
let handle = self.handle;
forget(self);
handle
ManuallyDrop::new(self).handle
}
}

View File

@ -6,8 +6,7 @@
use crate::fmt;
use crate::io;
use crate::marker::PhantomData;
use crate::mem;
use crate::mem::forget;
use crate::mem::{self, ManuallyDrop};
use crate::sys;
#[cfg(not(target_vendor = "uwp"))]
use crate::sys::cvt;
@ -191,9 +190,7 @@ fn as_raw_socket(&self) -> RawSocket {
impl IntoRawSocket for OwnedSocket {
#[inline]
fn into_raw_socket(self) -> RawSocket {
let socket = self.socket;
forget(self);
socket
ManuallyDrop::new(self).socket
}
}

View File

@ -3,7 +3,7 @@
use super::hermit_abi;
use crate::ffi::CStr;
use crate::io;
use crate::mem;
use crate::mem::ManuallyDrop;
use crate::num::NonZero;
use crate::ptr;
use crate::time::Duration;
@ -90,9 +90,7 @@ pub fn id(&self) -> Tid {
#[inline]
pub fn into_id(self) -> Tid {
let id = self.tid;
mem::forget(self);
id
ManuallyDrop::new(self).tid
}
}

View File

@ -95,8 +95,8 @@ pub unsafe fn activate(&self) -> ActiveTls<'_> {
#[allow(unused)]
pub unsafe fn activate_persistent(self: Box<Self>) {
// FIXME: Needs safety information. See entry.S for `set_tls_ptr` definition.
unsafe { set_tls_ptr(core::ptr::addr_of!(*self) as _) };
mem::forget(self);
let ptr = Box::into_raw(self).cast_const().cast::<u8>();
unsafe { set_tls_ptr(ptr) };
}
unsafe fn current<'a>() -> &'a Tls {

View File

@ -5,7 +5,7 @@
use crate::cmp;
use crate::convert::TryInto;
use crate::intrinsics;
use crate::mem;
use crate::mem::{self, ManuallyDrop};
use crate::ops::{CoerceUnsized, Deref, DerefMut, Index, IndexMut};
use crate::ptr::{self, NonNull};
use crate::slice;
@ -176,6 +176,7 @@ unsafe fn from_raw_sized_unchecked(ptr: *mut u8, size: usize) -> *mut Self {
/// are used solely to indicate intent: a mutable reference is for writing to
/// user memory, an immutable reference for reading from user memory.
#[unstable(feature = "sgx_platform", issue = "56975")]
#[repr(transparent)]
pub struct UserRef<T: ?Sized>(UnsafeCell<T>);
/// An owned type in userspace memory. `User<T>` is equivalent to `Box<T>` in
/// enclave memory. Access to the memory is only allowed by copying to avoid
@ -266,9 +267,7 @@ pub unsafe fn from_raw(ptr: *mut T) -> Self {
/// Converts this value into a raw pointer. The value will no longer be
/// automatically freed.
pub fn into_raw(self) -> *mut T {
let ret = self.0;
mem::forget(self);
ret.as_ptr() as _
ManuallyDrop::new(self).0.as_ptr() as _
}
}

View File

@ -2,7 +2,7 @@
use super::abi::usercalls;
use crate::io::{self, BorrowedCursor, IoSlice, IoSliceMut};
use crate::mem;
use crate::mem::ManuallyDrop;
use crate::sys::{AsInner, FromInner, IntoInner};
#[derive(Debug)]
@ -21,9 +21,7 @@ pub fn raw(&self) -> Fd {
/// Extracts the actual file descriptor without closing it.
pub fn into_raw(self) -> Fd {
let fd = self.fd;
mem::forget(self);
fd
ManuallyDrop::new(self).fd
}
pub fn read(&self, buf: &mut [u8]) -> io::Result<usize> {
@ -70,9 +68,7 @@ fn as_inner(&self) -> &Fd {
impl IntoInner<Fd> for FileDesc {
fn into_inner(self) -> Fd {
let fd = self.fd;
mem::forget(self);
fd
ManuallyDrop::new(self).fd
}
}

View File

@ -1,9 +1,7 @@
use core::convert::TryInto;
use crate::cmp;
use crate::ffi::CStr;
use crate::io;
use crate::mem;
use crate::mem::{self, ManuallyDrop};
use crate::num::NonZero;
use crate::ptr;
use crate::sys::os;
@ -113,21 +111,17 @@ pub fn sleep(dur: Duration) {
/// must join, because no pthread_detach supported
pub fn join(self) {
unsafe {
let ret = libc::pthread_join(self.id, ptr::null_mut());
mem::forget(self);
let id = self.into_id();
let ret = unsafe { libc::pthread_join(id, ptr::null_mut()) };
assert!(ret == 0, "failed to join thread: {}", io::Error::from_raw_os_error(ret));
}
}
pub fn id(&self) -> libc::pthread_t {
self.id
}
pub fn into_id(self) -> libc::pthread_t {
let id = self.id;
mem::forget(self);
id
ManuallyDrop::new(self).id
}
}

View File

@ -1,7 +1,7 @@
use crate::cmp;
use crate::ffi::CStr;
use crate::io;
use crate::mem;
use crate::mem::{self, ManuallyDrop};
use crate::num::NonZero;
use crate::ptr;
use crate::sys::{os, stack_overflow};
@ -268,21 +268,17 @@ pub fn sleep(dur: Duration) {
}
pub fn join(self) {
unsafe {
let ret = libc::pthread_join(self.id, ptr::null_mut());
mem::forget(self);
let id = self.into_id();
let ret = unsafe { libc::pthread_join(id, ptr::null_mut()) };
assert!(ret == 0, "failed to join thread: {}", io::Error::from_raw_os_error(ret));
}
}
pub fn id(&self) -> libc::pthread_t {
self.id
}
pub fn into_id(self) -> libc::pthread_t {
let id = self.id;
mem::forget(self);
id
ManuallyDrop::new(self).id
}
}

View File

@ -172,13 +172,11 @@ pub fn sleep(dur: Duration) {
pub fn join(self) {
cfg_if::cfg_if! {
if #[cfg(target_feature = "atomics")] {
unsafe {
let ret = libc::pthread_join(self.id, ptr::null_mut());
mem::forget(self);
let id = mem::ManuallyDrop::new(self).id;
let ret = unsafe { libc::pthread_join(id, ptr::null_mut()) };
if ret != 0 {
rtabort!("failed to join thread: {}", io::Error::from_raw_os_error(ret));
}
}
} else {
self.0
}

View File

@ -165,7 +165,7 @@
use crate::fmt;
use crate::io;
use crate::marker::PhantomData;
use crate::mem::{self, forget};
use crate::mem::{self, forget, ManuallyDrop};
use crate::num::NonZero;
use crate::panic;
use crate::panicking;
@ -514,11 +514,10 @@ fn new(x: T) -> Self {
MaybeDangling(mem::MaybeUninit::new(x))
}
fn into_inner(self) -> T {
// SAFETY: we are always initialized.
let ret = unsafe { self.0.assume_init_read() };
// Make sure we don't drop.
mem::forget(self);
ret
let this = ManuallyDrop::new(self);
// SAFETY: we are always initialized.
unsafe { this.0.assume_init_read() }
}
}
impl<T> Drop for MaybeDangling<T> {

View File

@ -10,7 +10,7 @@ LL | assert_eq!(libc::pthread_mutex_lock(lock_copy.0.get() as *mut _
error: deadlock: the evaluated program deadlocked
--> RUSTLIB/std/src/sys/pal/PLATFORM/thread.rs:LL:CC
|
LL | let ret = libc::pthread_join(self.id, ptr::null_mut());
LL | let ret = unsafe { libc::pthread_join(id, ptr::null_mut()) };
| ^ the evaluated program deadlocked
|
= note: BACKTRACE:

View File

@ -10,7 +10,7 @@ LL | assert_eq!(libc::pthread_rwlock_wrlock(lock_copy.0.get() as *mu
error: deadlock: the evaluated program deadlocked
--> RUSTLIB/std/src/sys/pal/PLATFORM/thread.rs:LL:CC
|
LL | let ret = libc::pthread_join(self.id, ptr::null_mut());
LL | let ret = unsafe { libc::pthread_join(id, ptr::null_mut()) };
| ^ the evaluated program deadlocked
|
= note: BACKTRACE:

View File

@ -10,7 +10,7 @@ LL | assert_eq!(libc::pthread_rwlock_wrlock(lock_copy.0.get() as *mu
error: deadlock: the evaluated program deadlocked
--> RUSTLIB/std/src/sys/pal/PLATFORM/thread.rs:LL:CC
|
LL | let ret = libc::pthread_join(self.id, ptr::null_mut());
LL | let ret = unsafe { libc::pthread_join(id, ptr::null_mut()) };
| ^ the evaluated program deadlocked
|
= note: BACKTRACE: