Rollup merge of rust-lang#80488 - CAD97:drop-weak-without-reference, r=m-ou-se

m-ou-se · web-flow · commit be6d6e4dccae · 2020-12-30T20:56:54.000Z
Do not create dangling &T in Weak<T>::drop Since at this point all strong pointers have been dropped, the wrapped `T` has also been dropped. As such, creating a `&T` to the dropped place is negligent at best (language UB at worst). Since we have `Layout::for_value_raw` now, use that instead of `Layout::for_value` to avoid creating the `&T`. This does have implications for custom (potentially thin) DSTs, though much less severe than those discussed in rust-lang#80407. Specifically, one of two things has to be true: - It has to be possible to use a `*const T` to a dropped (potentially custom, potentially thin) unsized tailed object to determine the layout (size/align) of the object. This is what is currently implemented (though with `&T` instead of `&T`). The validity of reading some location after it has been dropped is an open question IIUC (rust-lang/unsafe-code-guidelines#188) (except when the whole type is `Copy`, per `drop_in_place`'s docs). In this design, custom DSTs would get a `*mut T` and use that to return layout, and must be able to do so while in the "zombie" (post-drop, pre-free) state. - `RcBox`/`ArcInner` compute and store layout eagerly, so that they don't have to ask the type for its layout after dropping it. Importantly, this is already true today, as you can construct `Rc<DST>`, create a `Weak<DST>`, and drop the `Rc` before the `Weak`. This PR is a strict improvement over the status quo, and the above question about potentially thin DSTs will need to be resolved by any custom DST proposal.
diff --git a/alloc/src/rc.rs b/alloc/src/rc.rs
@@ -2042,7 +2042,7 @@ impl<T: ?Sized> Drop for Weak<T> {
         // the strong pointers have disappeared.
         if inner.weak() == 0 {
             unsafe {
-                Global.deallocate(self.ptr.cast(), Layout::for_value(self.ptr.as_ref()));
+                Global.deallocate(self.ptr.cast(), Layout::for_value_raw(self.ptr.as_ptr()));
             }
         }
     }
diff --git a/alloc/src/sync.rs b/alloc/src/sync.rs
@@ -1927,7 +1927,7 @@ impl<T: ?Sized> Drop for Weak<T> {
 
         if inner.weak.fetch_sub(1, Release) == 1 {
             acquire!(inner.weak);
-            unsafe { Global.deallocate(self.ptr.cast(), Layout::for_value(self.ptr.as_ref())) }
+            unsafe { Global.deallocate(self.ptr.cast(), Layout::for_value_raw(self.ptr.as_ptr())) }
         }
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -2042,7 +2042,7 @@ impl<T: ?Sized> Drop for Weak<T> {`
`2042`	`2042`	`// the strong pointers have disappeared.`
`2043`	`2043`	`if inner.weak() == 0 {`
`2044`	`2044`	`unsafe {`
`2045`		`- Global.deallocate(self.ptr.cast(), Layout::for_value(self.ptr.as_ref()));`
	`2045`	`+ Global.deallocate(self.ptr.cast(), Layout::for_value_raw(self.ptr.as_ptr()));`
`2046`	`2046`	`}`
`2047`	`2047`	`}`
`2048`	`2048`	`}`
Original file line number	Diff line number	Diff line change
`@@ -1927,7 +1927,7 @@ impl<T: ?Sized> Drop for Weak<T> {`
`1927`	`1927`
`1928`	`1928`	`if inner.weak.fetch_sub(1, Release) == 1 {`
`1929`	`1929`	`acquire!(inner.weak);`
`1930`		`- unsafe { Global.deallocate(self.ptr.cast(), Layout::for_value(self.ptr.as_ref())) }`
	`1930`	`+ unsafe { Global.deallocate(self.ptr.cast(), Layout::for_value_raw(self.ptr.as_ptr())) }`
`1931`	`1931`	`}`
`1932`	`1932`	`}`
`1933`	`1933`	`}`