-
Notifications
You must be signed in to change notification settings - Fork 9
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Not safe: Performs unaligned memory accesses #35
Comments
Thank you for your insights, @RalfJung, they are much appreciated! This concern has been pointed out in #22 (which probably shouldn't have been closed). While we understand that these methods are prone to unaligned memory access, we noticed that this doesn't affect general usage, and we are still thinking of ways to make the conversion safer while retaining efficiency. We left a notice in the documentation, but I understand that this isn't ideal. @nabijaczleweli Personally, I wouldn't mind marking the affected functions as |
Generally, the expectation in Rust is that if your function is not marked You could, in principle, check for alignment at run-time, before creating a reference. Alternatively, if you don't want your users to have to worry about alignment, you could use raw pointers and |
I feel that the former leaves more room for efficient implementations, by thinking a priori. In particular, We can't make This will also make #9 harder to solve, but we ought to address safety first. |
The following code:
Creates an unaligned reference, and, worse, accesses memory through it. Both of these (even just the creation!) are undefined behavior. In other words, this crate exports functions safe that are not safe to use.
Generally, the entire safe API of this crate seems to be built ignoring alignment constraints. I am afraid that's not safe.
FWIW, miri finds this error and shows
The text was updated successfully, but these errors were encountered: