Fix UB reported by miri in AtomicBitSet #61
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* Also modify some spots that have `&mut self` to use `get_mut` instead of atomic ops. Miri reports UB for `atom::AtomSetOnce::get` (used internally in `AtomicBitSet`) since it gets a pointer from a Box via dereference and then `mem::forget`s the Box which moves the Box (invalidating the pointer since the Box pointer is "unique"). Since we aren't using anything else from the `atom` crate (and it has several other open soundness issues) it is far simpler to provide a minimal implementation of what we need here. `once_cell::race::OnceBox` is close to what we need here but doesn't provide `get_mut` and due to its current MSRV has stronger than necessary ordering for the compare_exchange failure case.
Contributor
|
Thanks! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
&mut selfto useget_mutinstead of atomic ops.Miri reports UB for
atom::AtomSetOnce::get(used internally inAtomicBitSet) since it gets a pointer from a Box via dereference and thenmem::forgets the Box which moves the Box (invalidating the pointer since the Box pointer is "unique").Since we aren't using anything else from the
atomcrate (and it has several other open soundness issues) it is far simpler to provide a minimal implementation of what we need here.once_cell::race::OnceBoxis close to what we need here but doesn't provideget_mutand due to its current MSRV has stronger than necessary ordering for the compare_exchange failure case.