Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unregistering a port obtained from Port::clone_unowned is unsound #216

Open
SludgePhD opened this issue Dec 11, 2024 · 1 comment
Open

Unregistering a port obtained from Port::clone_unowned is unsound #216

SludgePhD opened this issue Dec 11, 2024 · 1 comment

Comments

@SludgePhD
Copy link

Applying this patch to the sine.rs example causes memory unsafety:

diff --git a/examples/sine.rs b/examples/sine.rs
index cee0003..030beb7 100644
--- a/examples/sine.rs
+++ b/examples/sine.rs
@@ -15,6 +15,8 @@ fn main() {
         .register_port("sine_out", jack::AudioOut::default())
         .unwrap();
 
+    let p = out_port.clone_unowned();
+
     // 3. define process callback handler
     let (tx, rx) = bounded(1_000_000);
     struct State {
@@ -68,6 +70,8 @@ fn main() {
         .unwrap();
     // processing starts here
 
+    active_client.as_client().unregister_port(p).unwrap();
+
     // 5. wait or do some processing while your handler is running in real time.
     println!("Enter an integer value to change the frequency of the sine wave.");
     while let Some(f) = read_freq() {

Result:

thread '<unnamed>' panicked at core/src/panicking.rs:221:5:
unsafe precondition(s) violated: slice::from_raw_parts_mut requires the pointer to be aligned and non-null, and the total size of the slice not to exceed `isize::MAX`
stack backtrace:
   0: rust_begin_unwind
             at /rustc/90b35a6239c3d8bdabc530a6a0816f7ff89a0aaf/library/std/src/panicking.rs:665:5
   1: core::panicking::panic_nounwind_fmt::runtime
             at /rustc/90b35a6239c3d8bdabc530a6a0816f7ff89a0aaf/library/core/src/panicking.rs:112:18
   2: core::panicking::panic_nounwind_fmt
             at /rustc/90b35a6239c3d8bdabc530a6a0816f7ff89a0aaf/library/core/src/panicking.rs:122:5
   3: core::panicking::panic_nounwind
             at /rustc/90b35a6239c3d8bdabc530a6a0816f7ff89a0aaf/library/core/src/panicking.rs:221:5
   4: core::slice::raw::from_raw_parts_mut::precondition_check
             at /home/sludge/.rustup/toolchains/stable-x86_64-unknown-linux-gnu/lib/rustlib/src/rust/library/core/src/ub_checks.rs:70:21
   5: core::slice::raw::from_raw_parts_mut
             at /home/sludge/.rustup/toolchains/stable-x86_64-unknown-linux-gnu/lib/rustlib/src/rust/library/core/src/ub_checks.rs:77:17
   6: jack::port::audio::<impl jack::port::port_impl::Port<jack::port::audio::AudioOut>>::as_mut_slice
             at ./src/port/audio.rs:92:13

Sounds like accessing the buffer of an unregistered port results in a NULL pointer?
@SludgePhD
Copy link
Author

Client::port_by_id also allows someone to obtain an aliasing Port<Unowned>. Maybe Client::unregister_port should be restricted to PortSpecs that are not Unowned, or it should fail at runtime if passed an Unowned port?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@SludgePhD