Skip to content

reallocate might be broken for overaligned data on Windows #42025

New issue
New issue
Closed
Closed
reallocate might be broken for overaligned data on Windows#42025
Assignees
retep998
Labels
A-allocatorsArea: Custom and system allocatorsI-unsoundIssue: A soundness hole (worst kind of bug), see: https://en.wikipedia.org/wiki/SoundnessO-windowsOperating system: Windows
@retep998

Description

@retep998
retep998
opened on May 16, 2017

https://github.com/rust-lang/rust/blob/master/src/liballoc_system/lib.rs#L231-L241

When reallocating, it calculates the new aligned pointer which may have a different offset than the old allocation, which means the pointer might not point to the same point in the allocation anymore, which is bad. Should probably be changed to just do a completely new allocation and manually copy over the data.

Note that as long as there is no stable way to specify an alignment higher than 8 or 16 bytes (for x86 and x86_64 respectively) this bug cannot be encountered in stable Rust, however it is still important to fix.

Example that reproduces the issue:

#![feature(attr_literals, repr_align)]

#[repr(align(256))]
struct Foo(usize);

fn main() {
    let mut foo = vec![Foo(273)];
    for i in 0..0x1000 {
        foo.reserve_exact(i);
        assert!(foo[0].0 == 273);
        assert!(foo.as_ptr() as usize & 0xff == 0);
        foo.shrink_to_fit();
        assert!(foo[0].0 == 273);
        assert!(foo.as_ptr() as usize & 0xff == 0);
    }
}

Metadata

Metadata

Assignees

Labels

A-allocatorsArea: Custom and system allocatorsI-unsoundIssue: A soundness hole (worst kind of bug), see: https://en.wikipedia.org/wiki/SoundnessO-windowsOperating system: Windows

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions