Audit spin
Shnatsel opened this issue · comments
spin
crate provides no_std
spinlocks. It has 6000 downloads/day on crates.io and is a transitive dependency of lazy_static!
in no_std
mode.
@64 has audited the RwLock implementation and discovered issues: mvdnes/spin-rs#65
This is now a RustSec advisory: rustsec/advisory-db#132
They have also rewritten it based on Folly to fix those issues: mvdnes/spin-rs#66
The new implementation has been reviewed by @xacrimon.
FWIW, I had a quick look over the other parts of spin and didn't see any glaring issues. If someone is going to take a proper look I'd recommend auditing Once
because that's what lazy_static uses.
Conversion of Once
to MaybeUninit<T>
is outstanding: mvdnes/spin-rs#68
The rest of Once could still use a soundness audit.
I've looked through and tested Once
as rigourusly as my knowledge allows and I have found no issues.
Great! If the code isn't extensively commented already, it would be nice to add comments in the form of "This is sound because..."