From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5A2B3CD4857 for ; Mon, 25 Sep 2023 18:52:03 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233255AbjIYSwH (ORCPT ); Mon, 25 Sep 2023 14:52:07 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46434 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229787AbjIYSwF (ORCPT ); Mon, 25 Sep 2023 14:52:05 -0400 Received: from mail-ej1-x62d.google.com (mail-ej1-x62d.google.com [IPv6:2a00:1450:4864:20::62d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0D2D2B8; Mon, 25 Sep 2023 11:51:58 -0700 (PDT) Received: by mail-ej1-x62d.google.com with SMTP id a640c23a62f3a-9ad8bf9bfabso896984666b.3; Mon, 25 Sep 2023 11:51:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1695667916; x=1696272716; darn=vger.kernel.org; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:feedback-id:from:to:cc:subject:date :message-id:reply-to; bh=SsKjzM3VWnsoW8OT4lS3fTqfMwcvnAnchQOe6+ytjKw=; b=TUL/bhVzF5aKs8aKxYG5IAsTjGwPbS41kbQTy+uDf0x9OW6SfO/u7itbv07yURMUNd oxnm3QvNuZg0arL86BOSIZmxhzR8ygnNy9y4MSMRQTZKzj8vZ+JyPJZbkZ+YBPDbtoX1 cXN9uRAxZ7AdqC9XwzVpScFumxae083pNZACmparK52bfU6z9k7k1GWnoh7fbzeT58+K WInhsp9Dwyf8haSwKZ7Jtkq/BwX4N6FIxQ1J7xCs17LLoBZ4HaPnygppZYyQLiKuYj0l Uz3Igq8M3C9dOuYV1Vkql//Ww+wSILouCca+86lyZNJkthMXQUUXWiTGzL9bv7U5E+Qf y3vQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1695667916; x=1696272716; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:feedback-id:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=SsKjzM3VWnsoW8OT4lS3fTqfMwcvnAnchQOe6+ytjKw=; b=kTqwwtvCsEdk2LVJil6xfQuP0MHRjSeqfDD6gpRCfjyecB1n7GjK7JJes4Pvxx5j08 vHub2ySeoBA2mWWfgmj/fvgKM7dzSE7jF1AWxrXgZxz2GEGHDrYqDTY4OpDIgDtEyHtq wv136tYgZ0ksep7q8IYiJBcPY8HymuvGRASBtcekzEqrV7pvVrkcI8JTR7TtDGL5ULSB L3k2frNnFPFtXFG8c82/XOGmBEFpFIFy/of3O/vT2pSPTl0mydhTXRX8nkfMjetwLiYt RudldtncFHiDTDjKf+cw5zxh4pT31fcVS514tzrbeoh1UnyPh9gXPBaMkHhuxLUvtgd9 eHGw== X-Gm-Message-State: AOJu0YxcKSmbwzgUV1LF+uP/GaGeZcJnapM/LhQ/51X3Q3zj8XLqHxQg ax9TSyNtaIFrpiUBdpDg2h8= X-Google-Smtp-Source: AGHT+IGc400/afEse+ow1fyXyoihqmAOpd+15G0wCSjS+gfKgGOcwkkDiuOkZ7L3Adg8rkM23VqXpA== X-Received: by 2002:a17:906:2189:b0:9ad:ece6:eeb with SMTP id 9-20020a170906218900b009adece60eebmr6397423eju.32.1695667916188; Mon, 25 Sep 2023 11:51:56 -0700 (PDT) Received: from auth1-smtp.messagingengine.com (auth1-smtp.messagingengine.com. [66.111.4.227]) by smtp.gmail.com with ESMTPSA id rh27-20020a17090720fb00b0099b6becb107sm6731039ejb.95.2023.09.25.11.51.54 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 25 Sep 2023 11:51:55 -0700 (PDT) Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailauth.nyi.internal (Postfix) with ESMTP id A461A27C005A; Mon, 25 Sep 2023 14:51:53 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute5.internal (MEProxy); Mon, 25 Sep 2023 14:51:53 -0400 X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedviedrudelgedguddvlecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd enucfjughrpeffhffvvefukfhfgggtuggjsehttdertddttddvnecuhfhrohhmpeeuohhq uhhnucfhvghnghcuoegsohhquhhnrdhfvghnghesghhmrghilhdrtghomheqnecuggftrf grthhtvghrnhephedugfduffffteeutddvheeuveelvdfhleelieevtdeguefhgeeuveei udffiedvnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomh epsghoqhhunhdomhgvshhmthhprghuthhhphgvrhhsohhnrghlihhthidqieelvdeghedt ieegqddujeejkeehheehvddqsghoqhhunhdrfhgvnhhgpeepghhmrghilhdrtghomhesfh higihmvgdrnhgrmhgv X-ME-Proxy: Feedback-ID: iad51458e:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Mon, 25 Sep 2023 14:51:52 -0400 (EDT) Date: Mon, 25 Sep 2023 11:51:21 -0700 From: Boqun Feng To: Benno Lossin Cc: Alice Ryhl , Wedson Almeida Filho , rust-for-linux@vger.kernel.org, Miguel Ojeda , Alex Gaynor , Gary Guo , =?iso-8859-1?Q?Bj=F6rn?= Roy Baron , Andreas Hindborg , linux-kernel@vger.kernel.org, Wedson Almeida Filho Subject: Re: [PATCH v2 2/2] rust: arc: remove `ArcBorrow` in favour of `WithRef` Message-ID: References: <20230923144938.219517-1-wedsonaf@gmail.com> <20230923144938.219517-3-wedsonaf@gmail.com> <969eab7f-ad40-0dfb-18b9-6002fc54e12b@proton.me> <14513589-cc31-8985-8ff6-a97d2882f593@proton.me> <9d6d6c94-5da6-a56d-4e85-fbf8da26a0b0@proton.me> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <9d6d6c94-5da6-a56d-4e85-fbf8da26a0b0@proton.me> Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Sep 25, 2023 at 05:00:45PM +0000, Benno Lossin wrote: > On 25.09.23 18:16, Boqun Feng wrote: > > On Mon, Sep 25, 2023 at 03:07:44PM +0000, Benno Lossin wrote: > >> ```rust > >> struct MutatingDrop { > >> value: i32, > >> } > >> > >> impl Drop for MutatingDrop { > >> fn drop(&mut self) { > >> self.value = 0; > >> } > >> } > >> > >> let arc = Arc::new(MutatingDrop { value: 42 }); > >> let wr = arc.as_with_ref(); // this creates a shared `&` reference to the MutatingDrop > >> let arc2: Arc = wr.into(); // increments the reference count to 2 > > > > More precisely, here we did a > > > > &WithRef<_> -> NonNull> > > > > conversion, and later on, we may use the `NonNull>` in > > `drop` to get a `Box>`. > > Indeed. > Can we workaround this issue by (ab)using the `UnsafeCell` inside `WithRef`? impl From<&WithRef> for Arc { fn from(b: &WithRef) -> Self { // SAFETY: The existence of the references proves that // `b.refcount.get()` is a valid pointer to `WithRef`. let ptr = unsafe { NonNull::new_unchecked(b.refcount.get().cast::>()) }; // SAFETY: see the SAFETY above `let ptr = ..` line. ManuallyDrop::new(unsafe { Arc::from_inner(ptr) }) .deref() .clone() } } This way, the raw pointer in the new Arc no longer derives from the reference of `WithRef`. Regards, Boqun > > > >> drop(arc); // this decrements the reference count to 1 > >> drop(arc2); // this decrements the reference count to 0, so it will drop it > >> ``` > >> When dropping `arc2` it will run the destructor for `MutatingDrop`, > >> which mutates `value`. This is a problem, because the mutable reference > >> supplied was derived from a `&`, that is not allowed in Rust. > >> > > > > Is this an UB? I kinda wonder what's the real damage we can get, because > > in this case, we just use a reference to carry a value of a pointer, > > i.e. > > > > ptr -> reference -> ptr > > > > I cannot think of any real damage compiler can make, but I'm happy to be > > surprised ;-) > > This is UB, so anything can happen :) > > -- > Cheers, > Benno > >