Show More
@@ -21,7 +21,7 b' pub struct OwningDirstateMap {' | |||
|
21 | 21 | /// language cannot represent a lifetime referencing a sibling field. |
|
22 | 22 | /// This is not quite a self-referencial struct (moving this struct is not |
|
23 | 23 | /// a problem as it doesn’t change the address of the bytes buffer owned |
|
24 |
/// by ` |
|
|
24 | /// by `on_disk`) but touches similar borrow-checker limitations. | |
|
25 | 25 | ptr: *mut (), |
|
26 | 26 | } |
|
27 | 27 | |
@@ -50,13 +50,13 b' impl OwningDirstateMap {' | |||
|
50 | 50 | // SAFETY: We cast the type-erased pointer back to the same type it had |
|
51 | 51 | // in `new`, except with a different lifetime parameter. This time we |
|
52 | 52 | // connect the lifetime to that of `self`. This cast is valid because |
|
53 |
// `self` owns the same ` |
|
|
54 |
// references. That buffer has a stable memory address because |
|
|
55 | // string value of a `PyBytes` is immutable. | |
|
53 | // `self` owns the same `on_disk` whose buffer `DirstateMap` | |
|
54 | // references. That buffer has a stable memory address because our | |
|
55 | // `Self::new_empty` counstructor requires `StableDeref`. | |
|
56 | 56 | let ptr: *mut DirstateMap<'a> = self.ptr.cast(); |
|
57 | 57 | // SAFETY: we dereference that pointer, connecting the lifetime of the |
|
58 |
// new |
|
|
59 |
// raw pointer is |
|
|
58 | // new `&mut` to that of `self`. This is valid because the | |
|
59 | // raw pointer is to a boxed value, and `self` owns that box. | |
|
60 | 60 | (&self.on_disk, unsafe { &mut *ptr }) |
|
61 | 61 | } |
|
62 | 62 | |
@@ -65,7 +65,7 b' impl OwningDirstateMap {' | |||
|
65 | 65 | } |
|
66 | 66 | |
|
67 | 67 | pub fn get_map<'a>(&'a self) -> &'a DirstateMap<'a> { |
|
68 | // SAFETY: same reasoning as in `get_mut` above. | |
|
68 | // SAFETY: same reasoning as in `get_pair_mut` above. | |
|
69 | 69 | let ptr: *mut DirstateMap<'a> = self.ptr.cast(); |
|
70 | 70 | unsafe { &*ptr } |
|
71 | 71 | } |
@@ -79,13 +79,13 b' impl Drop for OwningDirstateMap {' | |||
|
79 | 79 | fn drop(&mut self) { |
|
80 | 80 | // Silence a "field is never read" warning, and demonstrate that this |
|
81 | 81 | // value is still alive. |
|
82 | let _ = &self.on_disk; | |
|
82 | let _: &Box<dyn Deref<Target = [u8]> + Send> = &self.on_disk; | |
|
83 | 83 | // SAFETY: this cast is the same as in `get_mut`, and is valid for the |
|
84 | 84 | // same reason. `self.on_disk` still exists at this point, drop glue |
|
85 | 85 | // will drop it implicitly after this `drop` method returns. |
|
86 | 86 | let ptr: *mut DirstateMap<'_> = self.ptr.cast(); |
|
87 | 87 | // SAFETY: `Box::from_raw` takes ownership of the box away from `self`. |
|
88 | // This is fine because drop glue does nothig for `*mut ()` and we’re | |
|
88 | // This is fine because drop glue does nothing for `*mut ()` and we’re | |
|
89 | 89 | // in `drop`, so `get` and `get_mut` cannot be called again. |
|
90 | 90 | unsafe { drop(Box::from_raw(ptr)) } |
|
91 | 91 | } |
General Comments 0
You need to be logged in to leave comments.
Login now