New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Memory unsafety: data races in darwin.c #106

Open

tmfink opened this issue Apr 21, 2022 · 0 comments

tmfink commented Apr 21, 2022 •

edited

Loading

I've found the following data races in darwin.c:

The static unsigned long long size is a mutable global that is read/modified without any synchronization.
- sys-info-rs/c/darwin.c
  
  Line 109 in 1c119b3
  
  static unsigned long long size = 0;
- It looks like this is meant to be an optimization but it is unsound since it is called directly from the public Rust function mem_info(). Multiple Rust threads could racily write to the global variable size.
static int skipvfs is mutable global that is racily initizialized in makevfslist().
- sys-info-rs/c/darwin.c
  
  Line 20 in 1c119b3
  
  static int skipvfs;
- disk_info() is a public Rust function that can be directly called from safe Rust code

The text was updated successfully, but these errors were encountered:

tmfink changed the title ~~Data race in darwin.c get_mem_info()~~ Memory unsoundness: data races in darwin.c

tmfink changed the title ~~Memory unsoundness: data races in darwin.c~~ Memory unsafety: data races in darwin.c

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment