[PATCH 4 of 4] rust-cpython: mark unsafe functions as such

Yuya Nishihara yuya at tcha.org
Sun Sep 8 06:09:47 EDT 2019


On Sun, 1 Sep 2019 20:46:07 +0200, Raphaël Gomès wrote:
> > It wasn't trivial to fix leak_immutable() to be safe since we have to
> > allow immutable operations (e.g. iter()) on the leaked reference. So
> > let's mark it unsafe for now. Callers must take care of the returned
> > object to guarantee the memory safety.
> >
> > I'll revisit this later. I think $leaked<T: 'static> could have a function
> > that converts itself into $leaked<U: 'static> with a given FnOnce(&T) -> &U,
> > where T is $inner_struct, and U is $iterator_type for example.
> I like your idea for your next series on this issue, I think it's 
> possible to reduce the unsafety to a minimum.

Confirmed that it's doable with PoC-level code. I'll send a set of patches
maybe next weekend. For reference, the lambda function should be
FnOnce(&'static T) -> U, where U is Iter<'static, ..> for instance.


More information about the Mercurial-devel mailing list