Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Wrong ptr dereferencing in Alloc::alloc_one #42827

Closed
lseugene opened this issue Jun 22, 2017 · 6 comments
Closed

Wrong ptr dereferencing in Alloc::alloc_one #42827

lseugene opened this issue Jun 22, 2017 · 6 comments
Labels
T-libs-api Relevant to the library API team, which will review and decide on the PR/issue.

Comments

@lseugene
Copy link

lseugene commented Jun 22, 2017
edited
Loading 

    fn alloc_one<T>(&mut self) -> Result<Unique<T>, AllocErr>
        where Self: Sized
    {
        let k = Layout::new::<T>();
        if k.size() > 0 {
            unsafe { self.alloc(k).map(|p|Unique::new(*p as *mut T)) }
        } else {
            Err(AllocErr::invalid_input("zero-sized type invalid for alloc_one"))
        }
    }

@pnkfelix
@Mark-Simulacrum
Copy link
Member

For context:

rust/src/liballoc/allocator.rs

Lines 871 to 880 in 74fa279

fn alloc_one<T>(&mut self) -> Result<Unique<T>, AllocErr>
where Self: Sized
{
let k = Layout::new::<T>();
if k.size() > 0 {
unsafe { self.alloc(k).map(|p|Unique::new(*p as *mut T)) }
} else {
Err(AllocErr::invalid_input("zero-sized type invalid for alloc_one"))
}
}
.

@Mark-Simulacrum Mark-Simulacrum added the T-libs-api Relevant to the library API team, which will review and decide on the PR/issue. label Jun 23, 2017
@sfackler
Copy link
Member

Could you clarify what specifically is the problem with that implementation?

@lseugene
Copy link
Author

I guess it's just typo.
We don't need to deref raw pointer p before cast it in Unique::new(*p as *mut T)

@sfackler
Copy link
Member

p isn't a raw pointer - it's a Unique<T>.

@lseugene
Copy link
Author

Underlying alloc:

rust/src/liballoc/allocator.rs

Line 481 in 74fa279

unsafe fn alloc(&mut self, layout: Layout) -> Result<*mut u8, AllocErr>;

returns raw pointer *mut u8. alloc_one should just cast it to *mut T and wrap in Unique.
Please see correct implementation in alloc_array:

rust/src/liballoc/allocator.rs

Line 947 in 74fa279

Unique::new(p as *mut T)

the diff and bug is in Unique::new(*p as *mut T) vs Unique::new(p as *mut T)

@sfackler
Copy link
Member

Oh no, casts u8 to *mut T strike again! :(

@alexcrichton alexcrichton mentioned this issue Jun 25, 2017
Merged
alexcrichton added a commit to alexcrichton/rust that referenced this issue Jun 25, 2017
@alexcrichton
std: Fix implementation of Alloc::alloc_one
d24d408 
This had an accidental `u8 as *mut T` where it was intended to have just a
normal pointer-to-pointer cast.

Closes rust-lang#42827
@mattico mattico mentioned this issue Jun 26, 2017
Open
Mark-Simulacrum added a commit to Mark-Simulacrum/rust that referenced this issue Jun 28, 2017
@Mark-Simulacrum
Rollup merge of rust-lang#42901 - alexcrichton:alloc-one, r=sfackler
0ee78c8 
std: Fix implementation of `Alloc::alloc_one`

This had an accidental `u8 as *mut T` where it was intended to have just a
normal pointer-to-pointer cast.

Closes rust-lang#42827
frewsxcv added a commit to frewsxcv/rust that referenced this issue Jun 29, 2017
@frewsxcv
Rollup merge of rust-lang#42901 - alexcrichton:alloc-one, r=sfackler
110fda6 
std: Fix implementation of `Alloc::alloc_one`

This had an accidental `u8 as *mut T` where it was intended to have just a
normal pointer-to-pointer cast.

Closes rust-lang#42827
arielb1 pushed a commit to arielb1/rust that referenced this issue Jun 29, 2017
Rollup merge of rust-lang#42901 - alexcrichton:alloc-one, r=sfackler
ea762f2 
std: Fix implementation of `Alloc::alloc_one`

This had an accidental `u8 as *mut T` where it was intended to have just a
normal pointer-to-pointer cast.

Closes rust-lang#42827
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
T-libs-api Relevant to the library API team, which will review and decide on the PR/issue.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@sfackler @lseugene @Mark-Simulacrum