Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix soundness of UnsafeWorldCell usage example #10941

Merged
merged 1 commit into from Dec 13, 2023
Merged

Fix soundness of UnsafeWorldCell usage example #10941

merged 1 commit into from Dec 13, 2023

Conversation

SludgePhD
Copy link
Contributor

Objective

  • The example in the docs is unsound.

Demo:

#[derive(Resource)]
struct MyRes(u32);

fn main() {
    let mut w = World::new();
    w.insert_resource(MyRes(0));

    let (mut res, comp) = split_world_access(&mut w);
    let mut r1 = res.get_resource_mut::<MyRes>().unwrap();
    let mut r2 = res.get_resource_mut::<MyRes>().unwrap();

    *r1 = MyRes(1);
    *r2 = MyRes(2);
}

The API in the example allows aliasing mutable references to the same resource. Miri also complains when running this.

Solution

  • Change the example API to make the returned Mut borrow from the OnlyResourceAccessWorld instead of borrowing from the world via 'w. This prevents obtaining more than one Mut at the same time from it.

@Nilirad Nilirad added A-ECS Entities, components, systems, and events P-Unsound A bug that results in undefined compiler behavior labels Dec 12, 2023
@alice-i-cecile alice-i-cecile added the C-Docs An addition or correction to our documentation label Dec 12, 2023
@alice-i-cecile
Copy link
Member

Great catch, thank you.

@james7132 james7132 added this pull request to the merge queue Dec 13, 2023
Merged via the queue into bevyengine:main with commit 41db723 Dec 13, 2023
26 checks passed
@SludgePhD SludgePhD deleted the fix-unsafeworldcell-example branch December 13, 2023 01:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@james7132 james7132 james7132 approved these changes

@alice-i-cecile alice-i-cecile alice-i-cecile approved these changes

Assignees
No one assigned
Labels
A-ECS Entities, components, systems, and events C-Docs An addition or correction to our documentation P-Unsound A bug that results in undefined compiler behavior
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@SludgePhD @alice-i-cecile @james7132 @Nilirad