Replace OwnedApp Deref with explicit 'borrowed' method

lann · lann · commit 6b1bcebfa7e9 · 2022-09-15T08:34:13.000-04:00
The Deref impl used a scary unsafe lifetype cast which was hard to
reason about and unsound for use within the spin-app crate.

Signed-off-by: Lann Martin &lt;lann.martin@fermyon.com&gt;
diff --git a/crates/app/src/lib.rs b/crates/app/src/lib.rs
@@ -87,14 +87,9 @@ pub struct OwnedApp {
     app: App<'this>,
 }
 
-impl std::ops::Deref for OwnedApp {
-    type Target = App<'static>;
-
-    fn deref(&self) -> &Self::Target {
-        unsafe {
-            // We know that App's lifetime param is for AppLoader, which is owned by self here.
-            std::mem::transmute::<&App, &App<'static>>(self.borrow_app())
-        }
+impl OwnedApp {
+    pub fn borrowed(&self) -> &App {
+        self.borrow_app()
     }
 }
 
diff --git a/crates/trigger/src/lib.rs b/crates/trigger/src/lib.rs
@@ -110,7 +110,7 @@ impl<Executor: TriggerExecutor> TriggerExecutorBuilder<Executor> {
         };
 
         let app = self.loader.load_owned_app(app_uri).await?;
-        let app_name = app.require_metadata("name")?;
+        let app_name = app.borrowed().require_metadata("name")?;
 
         let log_dir = {
             let sanitized_app = sanitize_filename::sanitize(&app_name);
@@ -176,6 +176,7 @@ impl<Executor: TriggerExecutor> TriggerAppEngine<Executor> {
         <Executor as TriggerExecutor>::TriggerConfig: DeserializeOwned,
     {
         let trigger_configs = app
+            .borrowed()
             .triggers_with_type(Executor::TRIGGER_TYPE)
             .map(|trigger| {
                 trigger.typed_config().with_context(|| {
@@ -185,7 +186,7 @@ impl<Executor: TriggerExecutor> TriggerAppEngine<Executor> {
             .collect::<Result<_>>()?;
 
         let mut component_instance_pres = HashMap::default();
-        for component in app.components() {
+        for component in app.borrowed().components() {
             let module = component.load_module(&engine).await?;
             let instance_pre = engine.instantiate_pre(&module)?;
             component_instance_pres.insert(component.id().to_string(), instance_pre);
@@ -204,12 +205,12 @@ impl<Executor: TriggerExecutor> TriggerAppEngine<Executor> {
 
     /// Returns a reference to the App.
     pub fn app(&self) -> &App {
-        &self.app
+        self.app.borrowed()
     }
 
     /// Returns AppTriggers and typed TriggerConfigs for this executor type.
     pub fn trigger_configs(&self) -> impl Iterator<Item = (AppTrigger, &Executor::TriggerConfig)> {
-        self.app
+        self.app()
             .triggers_with_type(Executor::TRIGGER_TYPE)
             .zip(&self.trigger_configs)
     }
@@ -257,7 +258,7 @@ impl<Executor: TriggerExecutor> TriggerAppEngine<Executor> {
         mut store_builder: StoreBuilder,
     ) -> Result<(Instance, Store<Executor::RuntimeData>)> {
         // Look up AppComponent
-        let component = self.app.get_component(component_id).with_context(|| {
+        let component = self.app().get_component(component_id).with_context(|| {
             format!(
                 "app {:?} has no component {:?}",
                 self.app_name, component_id

Original file line number	Diff line number	Diff line change
`@@ -87,14 +87,9 @@ pub struct OwnedApp {`
`87`	`87`	`app: App<'this>,`
`88`	`88`	`}`
`89`	`89`
`90`		`-impl std::ops::Deref for OwnedApp {`
`91`		`- type Target = App<'static>;`
`92`		`-`
`93`		`- fn deref(&self) -> &Self::Target {`
`94`		`- unsafe {`
`95`		`- // We know that App's lifetime param is for AppLoader, which is owned by self here.`
`96`		`- std::mem::transmute::<&App, &App<'static>>(self.borrow_app())`
`97`		`- }`
	`90`	`+impl OwnedApp {`
	`91`	`+ pub fn borrowed(&self) -> &App {`
	`92`	`+ self.borrow_app()`
`98`	`93`	`}`
`99`	`94`	`}`
`100`	`95`