mem::uninitialized is nearly always UB, switch to MaybeUninitialized or something else

Question

mem::uninitialized is nearly always UB, switch to MaybeUninitialized or something else

Closed this issue 5 years ago · 9 comments

mem::uninitialized is deprecated because it's basically impossible to use correctly:

From mem::uninitialized's docs:

The reason for deprecation is that the function basically cannot be used
correctly: the Rust compiler assumes that values are properly initialized.
As a consequence, calling e.g. mem::uninitialized::<bool>() causes immediate
undefined behavior for returning a bool that is not definitely either true
or false. Worse, truly uninitialized memory like what gets returned here
is special in that the compiler knows that it does not have a fixed value.
This makes it undefined behavior to have uninitialized data in a variable even
if that variable has an integer type.
(Notice that the rules around uninitialized integers are not finalized yet, but
until they are, it is advisable to avoid them.)

Answer 1 · 2020-01-23T23:56:17.000Z

I've been meaning to do this, and will try to get to it soon. Thanks for reminding me.

Answer 2 · 2020-01-24T06:51:19.000Z

Ugh, I hadn't touched the repo in a few months and wasn't paying attention to which remote I was pushing to, so now the initial implementation with MaybeUninit is at 289ee56. Oh well.

@fizyk20 Do you have any feedback for this implementation?

A few things of note:

I messed with the private transmute implementation to use ManuallyDrop rather than mem::forget. With any opt level >0 it compiles to the same machine code, and is slightly more efficient with no optimizations.
Similar to 1, I rewrote the sequence traits using MaybeUnint and ManuallyDrop instead of mem::forget
Replaced N::to_usize() with N::USIZE

Technically these are not breaking changes, and do not affect the external API.

Answer 3 · 2020-03-24T19:31:20.000Z

From what I can tell this has already been fixed and merged to master so we could technically close this, right?

Answer 4 · 2020-03-24T20:10:19.000Z

I was waiting on @fizyk20 's response, but they don't seem active on this repo anymore. I'll see about double-checking the code and pushing a version update when I have time in the next few days.

Answer 5 · 2020-03-24T20:33:45.000Z

When @fizyk20 is no longer active on the repo, how can we effectively update the crate on crates.io?

Answer 6 · 2020-03-24T20:34:39.000Z

I have the permissions to do that, so no worries.

Answer 7 · 2020-03-24T20:37:13.000Z

That's good to hear because it would be really bad for this amazing crate!

Answer 8 · 2020-04-11T01:39:55.000Z

This should be fixed in the 0.14.0 release. Please reopen if issues persist.

Answer 9 · 2020-05-03T21:22:19.000Z

Is there any chance of a 0.13.x (semver-compatible) release with the fix? This bug breaks e.g. https://crates.io/crates/async-local-bounded-channel, and with rust-lang/rust#71274 the silent UB will turn into a loud panic.