[Merged by Bors] - Fix unsoundnes in insert remove and despawn
#7805
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
BoxyUwU
added
A-ECS
james7132
approved these changes
Feb 24, 2023
Comment on lines
+379
to
+382
| archetype_id: swapped_location.archetype_id, | ||
| archetype_row: old_location.archetype_row, | ||
| table_id: swapped_location.table_id, | ||
| table_row: swapped_location.table_row, |
There was a problem hiding this comment.
Suggested change
| archetype_id: swapped_location.archetype_id, | |
| archetype_row: old_location.archetype_row, | |
| table_id: swapped_location.table_id, | |
| table_row: swapped_location.table_row, | |
| archetype_row: old_location.archetype_row, | |
| ..swapped_location |
Alternatively, we should consider exposing a pub(crate) get_mut from Entities or just mutate swapped_location with the archetype row.
There was a problem hiding this comment.
I specifically chose to construct a whole new struct here so that if we change the fields we'll get a compile error rather than it continuing to compile
There was a problem hiding this comment.
That makes sense to me. Not sure if the compiler will optimize that down though. Probably worth investigating separately.
Not sure if this is worth leaving a comment so others don't try to make that change.
Comment on lines
+414
to
+417
| archetype_id: swapped_location.archetype_id, | ||
| archetype_row: swapped_location.archetype_row, | ||
| table_id: swapped_location.table_id, | ||
| table_row: old_location.table_row, |
There was a problem hiding this comment.
Suggested change
| archetype_id: swapped_location.archetype_id, | |
| archetype_row: swapped_location.archetype_row, | |
| table_id: swapped_location.table_id, | |
| table_row: old_location.table_row, | |
| table_row: old_location.table_row, | |
| ..swapped_location |
Alternatively just mutate the table_row on swapped_location.
|
Insertion has the same UB, I think. Overwrites table row. bevy/crates/bevy_ecs/src/bundle.rs Lines 556 to 559 in d1a1f90 bevy/crates/bevy_ecs/src/bundle.rs Lines 584 to 587 in d1a1f90 Does not update table row on bevy/crates/bevy_ecs/src/bundle.rs Lines 597 to 613 in d1a1f90 |
BoxyUwU
force-pushed
the
ub_from_remove_component
branch
from
8207654
to
9e76c86
Compare
maniwani
approved these changes
Feb 24, 2023
BoxyUwU
changed the title
EntityMut::move_entity_from_removeinsert remove and despawn
BoxyUwU
force-pushed
the
ub_from_remove_component
branch
from
d81cd26
to
8795aae
Compare
BoxyUwU
force-pushed
the
ub_from_remove_component
branch
from
8795aae
to
884b4d4
Compare
james7132
added
the
S-Ready-For-Final-Review
|
bors r+ |
bors bot
pushed a commit
that referenced
this pull request
Feb 27, 2023
`EntityMut::move_entity_from_remove` had two soundness bugs: - When removing the entity from the archetype, the swapped entity had its table row updated to the same as the removed entity's - When removing the entity from the table, the swapped entity did not have its table row updated `BundleInsert::insert` had two/three soundness bugs - When moving an entity to a new archetype from an `insert`, the swapped entity had its table row set to a different entities - When moving an entity to a new table from an `insert`, the swapped entity did not have its table row updated See added tests for examples that trigger those bugs `EntityMut::despawn` had two soundness bugs - When despawning an entity, the swapped entity had its table row set to a different entities even if the table didnt change - When despawning an entity, the swapped entity did not have its table row updated
|
Pull request successfully merged into main. Build succeeded:
|
bors
bot
changed the title
insert remove and despawninsert remove and despawn
Shfty
pushed a commit
to shfty-rust/bevy
that referenced
this pull request
Mar 19, 2023
`EntityMut::move_entity_from_remove` had two soundness bugs: - When removing the entity from the archetype, the swapped entity had its table row updated to the same as the removed entity's - When removing the entity from the table, the swapped entity did not have its table row updated `BundleInsert::insert` had two/three soundness bugs - When moving an entity to a new archetype from an `insert`, the swapped entity had its table row set to a different entities - When moving an entity to a new table from an `insert`, the swapped entity did not have its table row updated See added tests for examples that trigger those bugs `EntityMut::despawn` had two soundness bugs - When despawning an entity, the swapped entity had its table row set to a different entities even if the table didnt change - When despawning an entity, the swapped entity did not have its table row updated
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
EntityMut::move_entity_from_removehad two soundness bugs:BundleInsert::inserthad two/three soundness bugsinsert, the swapped entity had its table row set to a different entitiesinsert, the swapped entity did not have its table row updatedSee added tests for examples that trigger those bugs
EntityMut::despawnhad two soundness bugs