You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I think this should only be when T: Sized + Sync and T: Sized + Send respectively. Otherwise, this makes it possible to send across types that aren't safe to use across threads such as Cells. Here's a demonstration that causes a data-race:
#![forbid(unsafe_code)]use abox::AtomicBox;use std::cell::Cell;use crossbeam_utils::thread;#[derive(Debug,Clone,Copy)]enumRefOrInt<'a>{Ref(&'au64),Int(u64)}staticSOME_INT:u64 = 123;fnmain(){let cell = Cell::new(RefOrInt::Ref(&SOME_INT));let atomic_box = AtomicBox::new(&cell);
thread::scope(|s| {
s.spawn(move |_| {let smuggled_cell = atomic_box.get();loop{// Repeatedly write Ref(&addr) and Int(0xdeadbeef) into the cell.
smuggled_cell.set(RefOrInt::Ref(&SOME_INT));
smuggled_cell.set(RefOrInt::Int(0xdeadbeef));}});loop{ifletRefOrInt::Ref(addr) = cell.get(){// Hope that between the time we pattern match the object as a// `Ref`, it gets written to by the other thread.if addr as*constu64 == &SOME_INTas*constu64{continue;}// Due to the data race, obtaining Ref(0xdeadbeef) is possibleprintln!("Pointer is now: {:p}", addr);println!("Dereferencing addr will now segfault: {}",*addr);}}});}
This outputs:
Pointer is now: 0xdeadbeef
Return Code: -11 (SIGSEGV)
Currently
AtomicBox
implements the Sync/Send traits unconditionally:abox/src/lib.rs
Lines 92 to 93 in 5abe752
I think this should only be when
T: Sized + Sync
andT: Sized + Send
respectively. Otherwise, this makes it possible to send across types that aren't safe to use across threads such asCell
s. Here's a demonstration that causes a data-race:This outputs:
(Issue found by @sslab-gatech's Rust group)
The text was updated successfully, but these errors were encountered: