Reviewing this crate's use of unsafe identified a few issues:
|
return NonNull::from(&mut **entry); |
|
let entry_ptr: *mut Entry = &mut **entry_ptr; |
These construct a &mut Entry that may exist concurrently with the &Entry references unsafely constructed by many methods on Atom. These should use the new ptr::addr_of_mut helper which avoids the hazard.
|
current = unsafe { &mut (*entry_ptr).next_in_bucket }; |
This similarly constructs a unique reference to a field, which may actually get written while an aliasing &Entry is live elsewhere. This probably needs an UnsafeCell.
|
let buffer = unsafe { &mut *buffer.as_mut_ptr() }; |
This constructs a reference to uninitialized memory. Raw pointer writes should be used instead.
Reviewing this crate's use of unsafe identified a few issues:
string-cache/src/dynamic_set.rs
Line 63 in 34f914c
string-cache/src/dynamic_set.rs
Line 98 in 34f914c
These construct a
&mut Entrythat may exist concurrently with the&Entryreferences unsafely constructed by many methods onAtom. These should use the newptr::addr_of_muthelper which avoids the hazard.string-cache/src/dynamic_set.rs
Line 105 in 34f914c
This similarly constructs a unique reference to a field, which may actually get written while an aliasing
&Entryis live elsewhere. This probably needs anUnsafeCell.string-cache/src/atom.rs
Line 309 in 34f914c
This constructs a reference to uninitialized memory. Raw pointer writes should be used instead.