mirror of
https://github.com/facebook/rocksdb.git
synced 2024-11-30 22:41:48 +00:00
54cb9c77d9
Summary: The following are risks associated with pointer-to-pointer reinterpret_cast: * Can produce the "wrong result" (crash or memory corruption). IIRC, in theory this can happen for any up-cast or down-cast for a non-standard-layout type, though in practice would only happen for multiple inheritance cases (where the base class pointer might be "inside" the derived object). We don't use multiple inheritance a lot, but we do. * Can mask useful compiler errors upon code change, including converting between unrelated pointer types that you are expecting to be related, and converting between pointer and scalar types unintentionally. I can only think of some obscure cases where static_cast could be troublesome when it compiles as a replacement: * Going through `void*` could plausibly cause unnecessary or broken pointer arithmetic. Suppose we have `struct Derived: public Base1, public Base2`. If we have `Derived*` -> `void*` -> `Base2*` -> `Derived*` through reinterpret casts, this could plausibly work (though technical UB) assuming the `Base2*` is not dereferenced. Changing to static cast could introduce breaking pointer arithmetic. * Unnecessary (but safe) pointer arithmetic could arise in a case like `Derived*` -> `Base2*` -> `Derived*` where before the Base2 pointer might not have been dereferenced. This could potentially affect performance. With some light scripting, I tried replacing pointer-to-pointer reinterpret_casts with static_cast and kept the cases that still compile. Most occurrences of reinterpret_cast have successfully been changed (except for java/ and third-party/). 294 changed, 257 remain. A couple of related interventions included here: * Previously Cache::Handle was not actually derived from in the implementations and just used as a `void*` stand-in with reinterpret_cast. Now there is a relationship to allow static_cast. In theory, this could introduce pointer arithmetic (as described above) but is unlikely without multiple inheritance AND non-empty Cache::Handle. * Remove some unnecessary casts to void* as this is allowed to be implicit (for better or worse). Most of the remaining reinterpret_casts are for converting to/from raw bytes of objects. We could consider better idioms for these patterns in follow-up work. I wish there were a way to implement a template variant of static_cast that would only compile if no pointer arithmetic is generated, but best I can tell, this is not possible. AFAIK the best you could do is a dynamic check that the void* conversion after the static cast is unchanged. Pull Request resolved: https://github.com/facebook/rocksdb/pull/12308 Test Plan: existing tests, CI Reviewed By: ltamasi Differential Revision: D53204947 Pulled By: pdillinger fbshipit-source-id: 9de23e618263b0d5b9820f4e15966876888a16e2
93 lines
2.7 KiB
C++
93 lines
2.7 KiB
C++
// Copyright (c) 2011-present, Facebook, Inc. All rights reserved.
|
|
// This source code is licensed under both the GPLv2 (found in the
|
|
// COPYING file in the root directory) and Apache 2.0 License
|
|
// (found in the LICENSE.Apache file in the root directory).
|
|
//
|
|
#pragma once
|
|
#include <algorithm>
|
|
#include <memory>
|
|
#include <utility>
|
|
#include <vector>
|
|
|
|
#include "table/internal_iterator.h"
|
|
|
|
namespace ROCKSDB_NAMESPACE {
|
|
|
|
// PinnedIteratorsManager will be notified whenever we need to pin an Iterator
|
|
// and it will be responsible for deleting pinned Iterators when they are
|
|
// not needed anymore.
|
|
class PinnedIteratorsManager : public Cleanable {
|
|
public:
|
|
PinnedIteratorsManager() : pinning_enabled(false) {}
|
|
~PinnedIteratorsManager() {
|
|
if (pinning_enabled) {
|
|
ReleasePinnedData();
|
|
}
|
|
}
|
|
|
|
// Move constructor and move assignment is allowed.
|
|
PinnedIteratorsManager(PinnedIteratorsManager&& other) noexcept = default;
|
|
PinnedIteratorsManager& operator=(PinnedIteratorsManager&& other) noexcept =
|
|
default;
|
|
|
|
// Enable Iterators pinning
|
|
void StartPinning() {
|
|
assert(pinning_enabled == false);
|
|
pinning_enabled = true;
|
|
}
|
|
|
|
// Is pinning enabled ?
|
|
bool PinningEnabled() { return pinning_enabled; }
|
|
|
|
// Take ownership of iter and delete it when ReleasePinnedData() is called
|
|
void PinIterator(InternalIterator* iter, bool arena = false) {
|
|
if (arena) {
|
|
PinPtr(iter, &PinnedIteratorsManager::ReleaseArenaInternalIterator);
|
|
} else {
|
|
PinPtr(iter, &PinnedIteratorsManager::ReleaseInternalIterator);
|
|
}
|
|
}
|
|
|
|
using ReleaseFunction = void (*)(void* arg1);
|
|
void PinPtr(void* ptr, ReleaseFunction release_func) {
|
|
assert(pinning_enabled);
|
|
if (ptr == nullptr) {
|
|
return;
|
|
}
|
|
pinned_ptrs_.emplace_back(ptr, release_func);
|
|
}
|
|
|
|
// Release pinned Iterators
|
|
inline void ReleasePinnedData() {
|
|
assert(pinning_enabled == true);
|
|
pinning_enabled = false;
|
|
|
|
// Remove duplicate pointers
|
|
std::sort(pinned_ptrs_.begin(), pinned_ptrs_.end());
|
|
auto unique_end = std::unique(pinned_ptrs_.begin(), pinned_ptrs_.end());
|
|
|
|
for (auto i = pinned_ptrs_.begin(); i != unique_end; ++i) {
|
|
void* ptr = i->first;
|
|
ReleaseFunction release_func = i->second;
|
|
release_func(ptr);
|
|
}
|
|
pinned_ptrs_.clear();
|
|
// Also do cleanups from the base Cleanable
|
|
Cleanable::Reset();
|
|
}
|
|
|
|
private:
|
|
static void ReleaseInternalIterator(void* ptr) {
|
|
delete static_cast<InternalIterator*>(ptr);
|
|
}
|
|
|
|
static void ReleaseArenaInternalIterator(void* ptr) {
|
|
static_cast<InternalIterator*>(ptr)->~InternalIterator();
|
|
}
|
|
|
|
bool pinning_enabled;
|
|
std::vector<std::pair<void*, ReleaseFunction>> pinned_ptrs_;
|
|
};
|
|
|
|
} // namespace ROCKSDB_NAMESPACE
|