Abstraction for making a field sync by making shared reference to it useless

timotree3 · October 23, 2019, 11:47pm

I have a struct which contains two fields, one of them a trait object

struct NeverSync {
    sync_field: usize,
    never_sync_field: Box<dyn FnMut()>,
}

Because I only ever access the trait object in methods that take &mut self, an &self does not allow access to that field. For this reason, I believe it would be sound to write an unsafe impl Send for my type.

Since it occurs to me that that is probably a common phenomenon and I want to minimize the scope of my unsafe code, I want to make an abstraction for it.

Does this attempt at it seem sound?

#[derive(Default)]
pub struct SyncMaker<T>(T);

impl<T> From<T> for SyncMaker<T> {
    fn from(inner: T) -> Self {
        Self(inner)
    }
}

impl<T> AsMut<T> for SyncMaker<T> {
    fn as_mut(&mut self) -> &mut T {
        &mut self.0
    }
}

impl<T> SyncMaker<T> {
    pub fn into_inner(self) -> T {
        self.0
    }
}

unsafe impl<T> Sync for SyncMaker<T> {}

RustyYato · October 24, 2019, 2:40am

This looks fine, this is kind of like how mutex is sync even if it's contents aren't.

Nemo157 · October 24, 2019, 6:14am

Yep that looks sound, I’m using a very similar construct here:

github.com

Nemo157/async-compression/blob/prīmum/src/unshared.rs

#![allow(dead_code)] // unused without any features

use core::fmt::{self, Debug};

/// Wraps a type and only allows unique borrowing, the main usecase is to wrap a `!Sync` type and
/// implement `Sync` for it as this type blocks having multiple shared references to the inner
/// value.
///
/// # Safety
///
/// We must be careful when accessing `inner`, there must be no way to create a shared reference to
/// it from a shared reference to an `Unshared`, as that would allow creating shared references on
/// multiple threads.
///
/// As an example deriving or implementing `Clone` is impossible, two threads could attempt to
/// clone a shared `Unshared<T>` reference which would result in accessing the same inner value
/// concurrently.
pub struct Unshared<T> {
    inner: T,
}

This file has been truncated. show original

One suggestion is to document the safety requirement well. It feels very easy to want to add something like derive(Debug) or Clone, but those would be unsound.

timotree3 · October 28, 2019, 4:08pm

Thank you both for the verification! I wonder how common mutable only fields are in practice. Do you think this abstraction warrants inclusion in the standard library?

RustyYato · October 28, 2019, 4:10pm

Well, it's not mutable only values, it's unique only values (as opposed to sharable values). I would expect them to be somewhat uncommon.

system · January 26, 2020, 4:10pm

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Sharing a struct with a `dyn` field between threads help	8	1450	January 15, 2021
Share Access to a field in the outer struct help	9	679	August 23, 2022
"Locking" structure field for function duration help	6	515	November 6, 2021
Is structure without methods which take mutable reference sync and send? help	5	715	January 12, 2023
Trait object can not be shared between threads safely	3	3855	March 27, 2023

Abstraction for making a field sync by making shared reference to it useless

Related Topics