Lib.rs

tokio-current-thread › Reviews

These reviews are from Crev, a distributed system for code reviews. To add your review, set up cargo-crev.

0.2.0-alpha.1 (current) Rating: Negative Thoroughness: Medium Understanding: Medium

by HeroicKatora on 2020-01-12

Best summarized as a flood of unsafe blocks.

The src/lib.rs already looks somewhat suspicious. We have a thread local containing a pointer that is unsafely accessed. It is set by transmuting a local reference to a dynamic trait object which has its lifetime erased. This particular portion might be fine if no code that uses the trait depends on that lifetime. However, all of this is worryingly done without any statement of purpose, any reference to the overall structure, and little to no comments.

Then we look into src/scheduler.rs and find our worst nightmares come to life. Here's a short list of unexplained stuff:

  • uncommented impls of Sync and Send

  • an adhoc implementation of an intrusive queue/linked-list, giving a blog post about C (!) as the source. Maybe one of the better sources, I do not know, but it appears somewhat unmotivated and is intertwined with the rest of the code.

  • several different UnsafeCell that have been encapsulated with telepathy, apparently, since there are no comments explaining them nor their access.

  • unsafe blocks spanning ~70 lines

  • and the amazing unsafe fn ptr2arc(ptr: *const T) -> Arc containing

    let anchor = mem::transmute::<usize, Arc<T>>(0x10);

    without further explanation. Note that T is a type parameter that is exposed to the user through the type parameter P of CurrrentThread. This is restricted to tokio-executor::park::Park and provides an associated type which is later used as the T in question. Note that a public constructor exists.

    This is slightly unsound at best, if the node must be aligned to more than that function guarantees, and horrible with regards to how the pointer is used as a manual memoffset calculation afterwards.

  • The part where Node is used to ignore the lifetime of a contained object and only its Drop implementation double panicking protects against using and dropping the object out of its own lifetime is the least worrying here. Also, since the comment refers to some type parameter T that doesn't exist in the impl.

The current version of tokio-current-thread is 0.2.0-alpha.1.

0.1.6 (older version) Rating: Positive Thoroughness: Low Understanding: None

Approved without comment by kornelski on 2019-07-22

This review is from cargo-vet. To add your review, set up cargo-vet and submit your URL to its registry.

The current version of tokio-current-thread is 0.2.0-alpha.1.

cargo-vet does not verify reviewers' identity. You have to fully trust the source the audits are from.

unknown

May have been packaged automatically without a review

Lib.rs has been able to verify that all files in the crate's tarball are in the crate's repository with a git tag matching the version. Please note that this check is still in beta, and absence of this confirmation does not mean that the files don't match.

Crates in the crates.io registry are tarball snapshots uploaded by crates' publishers. The registry is not using crates' git repositories, so there is a possibility that published crates have a misleading repository URL, or contain different code from the code in the repository.

To review the actual code of the crate, it's best to use cargo crev open tokio-current-thread. Alternatively, you can download the tarball of tokio-current-thread v0.2.0-alpha.1 or view the source online.