tylerhawkes / maligned Goto Github PK

View Code? Open in Web Editor NEW

1.0 1.0 3.0 24 KB

Rust 100.00%

maligned's People

Contributors

Stargazers

Forkers

jdonaldson40505 thomstewart nugine

maligned's Issues

Memory leak

If align_first is called with a capacity that doesn't end up being a multiple of size_of(A) then memory is leaked at https://github.com/tylerhawkes/maligned/blob/v0.1.0/src/heap.rs#L26.

Denying clippy lints needs to be feature gated

If new clippy lints come out then this can fail to build for anyone who doesn't use the published crates.io version. https://github.com/tylerhawkes/maligned/blob/v0.1.0/src/lib.rs#L69 needs to have the clippy lints feature gated.

Padding bytes UB

I should warn anyone interested in this crate that transmuting Rust type to a byte slice may result in UB depending on the representation of the type. Consider the following structure in Rust:

#[repr(C)]
struct Foo {
    a: i16,
    b: i32,
}

This structure will be laid out in memory as (2ytes + 2byte(padding) + 4 bytes). Since padding bytes cannot be assumed(especially for repr(c)) to have any valid value(they can be considered uninitialized) creating a byte slice is UB. This is because in a valid Rust program all values must be initialized and creating uninitialized values is immediate UB.

The same would be true for repr(rust)(the default representation):

struct Foo {
    a: i16,
    b: i32,
}

which would most likely be laid out in memory as (4bytes + 2bytes + 2bytes(padding)). Again, if padding bytes are present you can consider the transformation into byte slice an UB.

Unsoundness in heap allocation

https://doc.rust-lang.org/std/alloc/trait.GlobalAlloc.html#tymethod.dealloc

Layout must be the same layout that was used to allocate that block of memory.

Box and Vec may not respect the specified alignment of a raw pointer and can cause undefind behavior.

The code below triggers UB.

use maligned::{align_first, A256};

fn main() {
    let v: Vec<u8> = align_first::<u8, A256>(1009);
    assert_eq!(v.as_ptr() as usize % 256, 0);
    assert_eq!(v.capacity(), 1009);
    drop(v);
}

Run MIRI:

cargo +nightly miri run

Then MIRI complains:

error: Undefined Behavior: incorrect layout on deallocation: alloc1367 has size 1009 and alignment 256, but gave size 1009 and alignment 1
   --> /home/nugine/.rustup/toolchains/nightly-x86_64-unknown-linux-gnu/lib/rustlib/src/rust/library/alloc/src/alloc.rs:104:14
    |
104 |     unsafe { __rust_dealloc(ptr, layout.size(), layout.align()) }
    |              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ incorrect layout on deallocation: alloc1367 has size 1009 and alignment 256, but gave size 1009 and alignment 1
    |
    = help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
    = help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information
            
    = note: inside `std::alloc::dealloc` at /home/nugine/.rustup/toolchains/nightly-x86_64-unknown-linux-gnu/lib/rustlib/src/rust/library/alloc/src/alloc.rs:104:14
    = note: inside `<std::alloc::Global as std::alloc::Allocator>::deallocate` at /home/nugine/.rustup/toolchains/nightly-x86_64-unknown-linux-gnu/lib/rustlib/src/rust/library/alloc/src/alloc.rs:239:22
    = note: inside `<alloc::raw_vec::RawVec<u8> as std::ops::Drop>::drop` at /home/nugine/.rustup/toolchains/nightly-x86_64-unknown-linux-gnu/lib/rustlib/src/rust/library/alloc/src/raw_vec.rs:500:22
    = note: inside `std::intrinsics::drop_in_place::<alloc::raw_vec::RawVec<u8>> - shim(Some(alloc::raw_vec::RawVec<u8>))` at /home/nugine/.rustup/toolchains/nightly-x86_64-unknown-linux-gnu/lib/rustlib/src/rust/library/core/src/ptr/mod.rs:179:1
    = note: inside `std::intrinsics::drop_in_place::<std::vec::Vec<u8>> - shim(Some(std::vec::Vec<u8>))` at /home/nugine/.rustup/toolchains/nightly-x86_64-unknown-linux-gnu/lib/rustlib/src/rust/library/core/src/ptr/mod.rs:179:1
    = note: inside `std::mem::drop::<std::vec::Vec<u8>>` at /home/nugine/.rustup/toolchains/nightly-x86_64-unknown-linux-gnu/lib/rustlib/src/rust/library/core/src/mem/mod.rs:882:24
note: inside `main` at src/main.rs:7:5
   --> src/main.rs:7:5
    |
7   |     drop(v);
    |     ^^^^^^^
    = note: inside `<fn() as std::ops::FnOnce<()>>::call_once - shim(fn())` at /home/nugine/.rustup/toolchains/nightly-x86_64-unknown-linux-gnu/lib/rustlib/src/rust/library/core/src/ops/function.rs:227:5
    = note: inside `std::sys_common::backtrace::__rust_begin_short_backtrace::<fn(), ()>` at /home/nugine/.rustup/toolchains/nightly-x86_64-unknown-linux-gnu/lib/rustlib/src/rust/library/std/src/sys_common/backtrace.rs:125:18
    = note: inside closure at /home/nugine/.rustup/toolchains/nightly-x86_64-unknown-linux-gnu/lib/rustlib/src/rust/library/std/src/rt.rs:66:18
    = note: inside `std::ops::function::impls::<impl std::ops::FnOnce<()> for &dyn std::ops::Fn() -> i32 + std::marker::Sync + std::panic::RefUnwindSafe>::call_once` at /home/nugine/.rustup/toolchains/nightly-x86_64-unknown-linux-gnu/lib/rustlib/src/rust/library/core/src/ops/function.rs:259:13
    = note: inside `std::panicking::r#try::do_call::<&dyn std::ops::Fn() -> i32 + std::marker::Sync + std::panic::RefUnwindSafe, i32>` at /home/nugine/.rustup/toolchains/nightly-x86_64-unknown-linux-gnu/lib/rustlib/src/rust/library/std/src/panicking.rs:379:40
    = note: inside `std::panicking::r#try::<i32, &dyn std::ops::Fn() -> i32 + std::marker::Sync + std::panic::RefUnwindSafe>` at /home/nugine/.rustup/toolchains/nightly-x86_64-unknown-linux-gnu/lib/rustlib/src/rust/library/std/src/panicking.rs:343:19
    = note: inside `std::panic::catch_unwind::<&dyn std::ops::Fn() -> i32 + std::marker::Sync + std::panic::RefUnwindSafe, i32>` at /home/nugine/.rustup/toolchains/nightly-x86_64-unknown-linux-gnu/lib/rustlib/src/rust/library/std/src/panic.rs:396:14
    = note: inside `std::rt::lang_start_internal` at /home/nugine/.rustup/toolchains/nightly-x86_64-unknown-linux-gnu/lib/rustlib/src/rust/library/std/src/rt.rs:51:25
    = note: inside `std::rt::lang_start::<()>` at /home/nugine/.rustup/toolchains/nightly-x86_64-unknown-linux-gnu/lib/rustlib/src/rust/library/std/src/rt.rs:65:5

I'm sorry but you may have to yank the previous versions and reconsider the design.

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.

Jobs

Jooble