Skip to content

LazyStaticType::get_or_init returns an *mut instead of a & ref#994

Merged
kngwyu merged 1 commit intoPyO3:masterfrom
scalexm:ptr
Jun 23, 2020
Merged

LazyStaticType::get_or_init returns an *mut instead of a & ref#994
kngwyu merged 1 commit intoPyO3:masterfrom
scalexm:ptr

Conversation

@scalexm
Copy link
Contributor

@scalexm scalexm commented Jun 22, 2020
edited
Loading

Previously, we were returning a &ffi::PyTypeObject. However, we were often casting this immutable reference to a *mut ffi::PyTypeObject and then passing that pointer to FFI functions.

But we don't know whether the FFI functions mutate the PyTypeObject behind our back or not, and if they do, I believe that this is Undefined Behavior because the pointer comes from a shared reference.

Unfortunately, these things are very badly documented: I'm only aware of this because I followed many Unsafe Code Guideline discussions. Best source that I could get is the following comment from @RalfJung, who is very knowledgeable on the subject. The details are probably written in the Stacked Borrows paper, to be fair.

Even if it's not UB right now because of ill-specification or because of the compiler not taking advantage of it, we'd better be safe.

@scalexm scalexm mentioned this pull request Jun 22, 2020
Merged
davidhewitt
davidhewitt approved these changes Jun 22, 2020
View reviewed changes
Copy link
Member

@davidhewitt davidhewitt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This seems like a sensible idea to me!

@davidhewitt
Copy link
Member

davidhewitt commented Jun 22, 2020

I wonder about a possible further refactoring: PyTypeInfo could be PyTypeInfo: PyTypeObject, and we could add an .as_raw() method to pyo3::types::PyType which returns *mut ffi::PyTypeObject.

@kngwyu
Copy link
Member

kngwyu commented Jun 23, 2020

I wonder about a possible further refactoring: PyTypeInfo could be PyTypeInfo: PyTypeObject, and we could add an .as_raw() method to pyo3::types::PyType which returns *mut ffi::PyTypeObject.

Since impl<T: PyTypeInfo> PyTypeObject for T uses type_object_raw, I don't think it's possible.

@kngwyu
Copy link
Member

kngwyu commented Jun 23, 2020

Thanks!

@kngwyu kngwyu merged commit f757c99 into PyO3:master Jun 23, 2020
@RalfJung
Copy link

RalfJung commented Jun 23, 2020
edited
Loading

Unfortunately, these things are very badly documented: I'm only aware of this because I followed many Unsafe Code Guideline discussions. Best source that I could get is the following comment from @RalfJung, who is very knowledgeable on the subject. The details are probably written in the Stacked Borrows paper, to be fair.

Yeah, the details of our reference rules are pretty fuzzy, and Stacked Borrows is a promising next step but it is not an official model yet.

However, this page is clear at least about some things. It is UB to do the following:

Mutating immutable data. All data inside a const item is immutable. Moreover, all data reached through a shared reference or data owned by an immutable binding is immutable, unless that data is contained within an UnsafeCell.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@davidhewitt davidhewitt davidhewitt approved these changes

@kngwyu kngwyu kngwyu approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@scalexm @davidhewitt @kngwyu @RalfJung