Replace transmuted references with explicit pointer type casts #308
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This commit replaces all usages of `std::mem::transmute` on references in the codebase with explicit pointer type casts. This is done to prevent undefined behavior caused by transmuting integer types to references, and subsequently dereferencing them.
nickbeth
force-pushed
the
transmute-ub
branch
from
04c68b6 to
f7e348b
Compare
|
May be some overlap in this PR: #250 |
|
Thanks @JPHutchins. It doesn't look like there should be any overlaps between the two PRs, as the changes are on different files. Also the impact of the other PR is none apart from code style changes. |
JPHutchins
approved these changes
Nov 11, 2024
|
Fixes #310. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Rust docs about
std::mem::transmuteread:Source: https://doc.rust-lang.org/std/mem/fn.transmute.html#transmutation-between-pointers-and-integers
Although this library mostly transmutes to reference
Dsttypes and not pointers, from my understanding the same rules apply for references as well. Additionally, code in the library sometimes transmutes to mutable references, which is even worse because strict aliasing rules may not be respected in that case.Motivation
An issue was opened for my app, a Win32 GUI for WSL USB device management, reporting that release builds would crash at startup, with a
STATUS_ILLEGAL_INSTRUCTIONreturn code.Upon further inspection, the issue boiled down to these transmutes [1] [2] in the tabs code. In that specific instance, UB was introduced, and for any
opt-level > 0the generated code wouldcallqinto a panic handler without a conditional jump before it, return from the handler and execute anud2instruction.This was tested on Windows 11, Rust 1.82.0.
Change proposal
std::mem::transmuteinstances that would introduce UB are removed in favor of explicit type casts, and references are changed to pointers. There's many instances ofstd::mem::transmutebeing used incorrectly, this PR fixes all offending instances.