extreme icon indicating copy to clipboard operation
extreme copied to clipboard
verified publisher icon spacejam

Mark run function as unsafe

Open kitcatier opened this issue 2 years ago • 1 comments

https://github.com/spacejam/extreme/blob/74e2505a63c0e735fb2c03ad779c22f8267e71cf/src/lib.rs#L24-L44 Hi, the unsafe function(new_unchecked) called needs to ensure that the parameter must be: https://doc.rust-lang.org/std/pin/struct.Pin.html#method.new_unchecked

  • This constructor is unsafe because we cannot guarantee that the data pointed to by pointer is pinned, meaning that the data will not be moved or its storage invalidated until it gets dropped. If the constructed Pin<P> does not guarantee that the data P points to is pinned, that is a violation of the API contract and may lead to undefined behavior in later (safe) operations.

and the developer who calls the run function may not notice this safety requirement. Marking them unsafe also means that callers must make sure they know what they're doing.

kitcatier avatar Mar 18 '23 09:03 kitcatier

we cannot guarantee that the data pointed to by pointer is pinned

before being polled, future is not necessary to be pinned.

binary-bruce avatar May 26 '24 11:05 binary-bruce