Skip to content

API soundness issue in raw_slice and raw_slice_mut #201

@Qwaz

Description

@Qwaz

The current definition of raw_slice and raw_slice_mut creates 'a bounded reference from &self. Since the returned slice is created from a stored pointer in &self, it should be bounded by 'self lifetime instead of 'a.

With the current definitions of those methods, it is possible to cause data race with safe Rust code.

use rulinalg::matrix;
use rulinalg::matrix::BaseMatrixMut;

fn main() {
    let mut mat = matrix![0];

    let mut row = mat.row_mut(0);

    // this creates mutable aliases to the same location
    let raw_slice1 = row.raw_slice_mut();
    let raw_slice2 = row.raw_slice_mut();

    assert_eq!(raw_slice1[0], 0);
    raw_slice2[0] = 1;
    assert_eq!(raw_slice1[0], 0);
}

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions