You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Entity::set seems to be creating a &mut T reference to either uninitialized or zeroed memory (both UB if done for an arbitrary type like Box or String) and writes a T to it (which means dropping the "old" T at that memory location, which never existed in the first place)
World::get and Entity::get allow to get a &T to some component, but don't prevent any other method that mutate that component (like World::set, Entity::set or Entity::remove) from running. The methods that mutate or remove the components should likely take a &mut, though that's probably not enough (see the next point).
Entity is Copy, so the &mut self requirement on the get_mut doesn't really prevent it from being called multiple times on the same entity. Moreover even if Entity was not Copy/Clone you could still create an aliased one by using World::lookup or World::find_entity.
I suspect there are a lot more functions or ways to generate UB in this crate. Ideally most if not all functions would be marked as unsafe, but if this is unwanted for ergonomic reasons at least put a big disclaimer in the README and the documentation that this crate is unsound and can easily run into UB by using safe functions.
The text was updated successfully, but these errors were encountered:
Just a few examples I found very quickly.
Entity::setseems to be creating a&mut Treference to either uninitialized or zeroed memory (both UB if done for an arbitrary type likeBoxorString) and writes aTto it (which means dropping the "old"Tat that memory location, which never existed in the first place)World::getandEntity::getallow to get a&Tto some component, but don't prevent any other method that mutate that component (likeWorld::set,Entity::setorEntity::remove) from running. The methods that mutate or remove the components should likely take a&mut, though that's probably not enough (see the next point).EntityisCopy, so the&mut selfrequirement on theget_mutdoesn't really prevent it from being called multiple times on the same entity. Moreover even ifEntitywas notCopy/Cloneyou could still create an aliased one by usingWorld::lookuporWorld::find_entity.I suspect there are a lot more functions or ways to generate UB in this crate. Ideally most if not all functions would be marked as
unsafe, but if this is unwanted for ergonomic reasons at least put a big disclaimer in theREADMEand the documentation that this crate is unsound and can easily run into UB by using safe functions.The text was updated successfully, but these errors were encountered: