-
Notifications
You must be signed in to change notification settings - Fork 10
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Audit async-task #57
Comments
Running Clippy is a good start - it can automatically find some unsound pointer casts. |
Isn't that newish? How new a clippy does one need to catch that? |
At least one helpful lint has been around for a while - committed to git 2 years ago: https://rust-lang.github.io/rust-clippy/master/index.html#transmute_ptr_to_ptr But lints implemented based on results of safety-dance are very recent and are not included in stable releases yet, so you should run |
My point was exactly that: I only upgrade Nightly when a new Stable comes out. I just run |
We found clippy rather unhelpful there. We actually ended up sending this patch: rust-lang/rust-clippy#4257 The remaining warning is this:
in the following code: pub(crate) fn from_ptr(ptr: *const ()) -> Self {
let task_layout = Self::task_layout();
let p = ptr as *const u8;
unsafe {
Self {
header: p as *const Header,
tag: p.add(task_layout.offset_t) as *mut T,
schedule: p.add(task_layout.offset_s) as *const S,
future: p.add(task_layout.offset_f) as *mut F,
output: p.add(task_layout.offset_r) as *mut R,
}
}
} There, as we never dereference the pointer and, I see no issues with keeping this warning over making the code more complex. We need to cast to I'll try nightly. |
|
GitHub location: https://github.com/async-rs/async-task/
async-task
is the task allocator ofasync-std
. Tasks are very heavy on raw VTables, so some unsafe code is required. It's roughly 800 lines of code, but has 37 uses ofunsafe
. Many are pointer to pointer casts.It's tested and checked with valgrind.
Its only dependency is
crossbeam_utils::Backoff
, which has no use ofunsafe
.The text was updated successfully, but these errors were encountered: