Skip to main content

MaybeDangling

rama::crypto::dep::x509_parser::prelude::asn1_rs::nom::lib::std::mem

Struct MaybeDangling 

Source 
pub struct MaybeDangling<P>(/* private fields */)
where
    P: ?Sized;
🔬This is a nightly-only experimental API. (maybe_dangling)
Available on crate features crypto and std only.
Expand description

Allows wrapped references and boxes to dangle.

That is, if a reference (or a Box) is wrapped in MaybeDangling (including when in a (nested) field of a compound type wrapped in MaybeDangling), it does not have to follow pointer aliasing rules or be dereferenceable.

This can be useful when the value can become dangling while the function holding it is still executing (particularly in concurrent code). As a somewhat absurd example, consider this code:

#![feature(box_as_ptr)]

let mut boxed = Box::new(0_u32);
let ptr = Box::as_mut_ptr(&mut boxed);

// Safety: the pointer comes from a box and thus was allocated before; `box` is not used afterwards
unsafe { dealloc(ptr.cast(), Layout::new::<u32>()) };

mem::forget(boxed); // <-- this is UB!

Even though the Box’s destructor is not run (and thus we don’t have a double free bug), this code is still UB. This is because when moving boxed into forget, its validity invariants are asserted, causing UB since the Box is dangling. The safety comment is as such wrong, as moving the boxed variable as part of the forget call is a use.

To fix this we could use MaybeDangling:

#![feature(maybe_dangling, box_as_ptr)]

let mut boxed = MaybeDangling::new(Box::new(0_u32));
let ptr = Box::as_mut_ptr(boxed.as_mut());

// Safety: the pointer comes from a box and thus was allocated before; `box` is not used afterwards
unsafe { dealloc(ptr.cast(), Layout::new::<u32>()) };

mem::forget(boxed); // <-- this is OK!

Note that the bit pattern must still be valid for the wrapped type. That is, references (and boxes) still must be aligned and non-null.

Additionally note that safe code can still assume that the inner value in a MaybeDangling is not dangling – functions like as_ref and into_inner are safe. It is not sound to return a dangling reference in a MaybeDangling to safe code. However, it is sound to hold such values internally inside your code – and there’s no way to do that without this type. Note that other types can use this type and thus get the same effect; in particular, ManuallyDrop will use MaybeDangling.

Note that MaybeDangling doesn’t prevent drops from being run, which can lead to UB if the drop observes a dangling value. If you need to prevent drops from being run use ManuallyDrop instead.

Implementations§

Source§

impl<P> MaybeDangling<P>
where P: ?Sized,

Source

pub const fn new(x: P) -> MaybeDangling<P>

🔬This is a nightly-only experimental API. (maybe_dangling)
Available on crate feature rustls only.

Wraps a value in a MaybeDangling, allowing it to dangle.

Source

pub const fn as_ref(&self) -> &P

🔬This is a nightly-only experimental API. (maybe_dangling)
Available on crate feature rustls only.

Returns a reference to the inner value.

Note that this is UB if the inner value is currently dangling.

Source

pub const fn as_mut(&mut self) -> &mut P

🔬This is a nightly-only experimental API. (maybe_dangling)
Available on crate feature rustls only.

Returns a mutable reference to the inner value.

Note that this is UB if the inner value is currently dangling.

Source

pub const fn into_inner(self) -> P

🔬This is a nightly-only experimental API. (maybe_dangling)
Available on crate feature rustls only.

Extracts the value from the MaybeDangling container.

Note that this is UB if the inner value is currently dangling.

Trait Implementations§

Source§

impl<P> Clone for MaybeDangling<P>
where P: Clone + ?Sized,

Source§

fn clone(&self) -> MaybeDangling<P>

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl<P> Debug for MaybeDangling<P>
where P: Debug + ?Sized,

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error>

Formats the value using the given formatter. Read more
Source§

impl<P> Default for MaybeDangling<P>
where P: Default + ?Sized,

Source§

fn default() -> MaybeDangling<P>

Returns the “default value” for a type. Read more
Source§

impl<P> Copy for MaybeDangling<P>
where P: Copy + ?Sized,

Source§

impl<T> StructuralPartialEq for MaybeDangling<T>
where T: ?Sized,

Auto Trait Implementations§

§

impl<P> Freeze for MaybeDangling<P>
where P: Freeze + ?Sized,

§

impl<P> RefUnwindSafe for MaybeDangling<P>
where P: RefUnwindSafe + ?Sized,

§

impl<P> Send for MaybeDangling<P>
where P: Send + ?Sized,

§

impl<P> Sync for MaybeDangling<P>
where P: Sync + ?Sized,

§

impl<P> Unpin for MaybeDangling<P>
where P: Unpin + ?Sized,

§

impl<P> UnsafeUnpin for MaybeDangling<P>
where P: UnsafeUnpin + ?Sized,

§

impl<P> UnwindSafe for MaybeDangling<P>
where P: UnwindSafe + ?Sized,

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
§

impl<'a, T, E> AsTaggedExplicit<'a, E> for T
where T: 'a,

§

fn explicit(self, class: Class, tag: u32) -> TaggedParser<'a, Explicit, Self, E>

§

impl<'a, T, E> AsTaggedImplicit<'a, E> for T
where T: 'a,

§

fn implicit( self, class: Class, constructed: bool, tag: u32, ) -> TaggedParser<'a, Implicit, Self, E>

Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

§

impl<T> FromRef<T> for T
where T: Clone,

§

fn from_ref(input: &T) -> T

Converts to this type from a reference to the input type.
§

impl<T> FutureExt for T

§

fn with_context(self, otel_cx: Context) -> WithContext<Self>

Attaches the provided Context to this type, returning a WithContext wrapper. Read more
§

fn with_current_context(self) -> WithContext<Self>

Attaches the current Context to this type, returning a WithContext wrapper. Read more
§

impl<T> Instrument for T

§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
§

impl<T> IntoRequest<T> for T

§

fn into_request(self) -> Request<T>

Wrap the input message T in a rama_grpc::Request
§

impl<L> LayerExt<L> for L

§

fn named_layer<S>(&self, service: S) -> Layered<<L as Layer<S>>::Service, S>
where L: Layer<S>,

Applies the layer to a service and wraps it in Layered.
§

impl<T> Pointable for T

§

const ALIGN: usize

The alignment of pointer.
§

type Init = T

The type for initializers.
§

unsafe fn init(init: <T as Pointable>::Init) -> usize

Initializes a with the given initializer. Read more
§

unsafe fn deref<'a>(ptr: usize) -> &'a T

Dereferences the given pointer. Read more
§

unsafe fn deref_mut<'a>(ptr: usize) -> &'a mut T

Mutably dereferences the given pointer. Read more
§

unsafe fn drop(ptr: usize)

Drops the object pointed to by the given pointer. Read more
§

impl<T> PolicyExt for T
where T: ?Sized,

§

fn and<P, B, E>(self, other: P) -> And<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow only if self and other return Action::Follow. Read more
§

fn or<P, B, E>(self, other: P) -> Or<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow if either self or other returns Action::Follow. Read more
§

impl<T, U> RamaFrom<T> for U
where U: From<T>,

§

fn rama_from(value: T) -> U

§

impl<T, U, CrateMarker> RamaInto<U, CrateMarker> for T
where U: RamaFrom<T, CrateMarker>,

§

fn rama_into(self) -> U

§

impl<T, U> RamaTryFrom<T> for U
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

§

fn rama_try_from(value: T) -> Result<U, <U as RamaTryFrom<T>>::Error>

§

impl<T, U, CrateMarker> RamaTryInto<U, CrateMarker> for T
where U: RamaTryFrom<T, CrateMarker>,

§

type Error = <U as RamaTryFrom<T, CrateMarker>>::Error

§

fn rama_try_into(self) -> Result<U, <U as RamaTryFrom<T, CrateMarker>>::Error>

Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

§

fn vzip(self) -> V

§

impl<T> WithSubscriber for T

§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more