Unsafety of pinned buffer?
alercah opened this issue · 3 comments
According to the docs, the runtime will pin
the buffer of an IoBufMut
. But doesn't this mean that the impl of AsyncReadRent
for [u8; N]
is unsound because it returns the buffer by move, which violates the pinning guarantees?
The [u8; N] will be moved to heap when calling IoBufMut. So it is safe to do so.
https://github.com/bytedance/monoio/blob/master/monoio/src/driver/uring/mod.rs#L329
But here you remove the Pin
typing from the data with into_inner_unchecked
, and then move it out with into_inner
:
https://github.com/bytedance/monoio/blob/master/monoio/src/driver/op.rs#L95
This is UB; you can't move the buffer again once it is pinned.
Here maybe the code can be rewritten to Box::into_inner(Pin::into_inner(pinned_data))
because there is a Unpin restriction on T.
But yes, Box
by default may cause overhead, I will remove it and let user do this.