Add missing unsafe to some internal std functions
#123879
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…d::min_stack_size`
|
rustbot has assigned @Mark-Simulacrum. Use |
rustbot
added
O-unix
This comment has been minimized.
This comment has been minimized.
beetrees
force-pushed
the
missing-unsafe
branch
from
8baded9
to
126c762
Compare
|
@bors r+ |
bors
added
S-waiting-on-bors
matthiaskrgr
added a commit
to matthiaskrgr/rust
that referenced
this pull request
Apr 14, 2024
…mulacrum Add missing `unsafe` to some internal `std` functions Adds `unsafe` to a few internal functions that have safety requirements but were previously not marked as `unsafe`. Specifically: - `std::sys::pal::unix::thread::min_stack_size` needs to be `unsafe` as `__pthread_get_minstack` might dereference the passed pointer. All callers currently pass a valid initialised `libc::pthread_attr_t`. - `std::thread::Thread::new` (and `new_inner`) need to be `unsafe` as it requires the passed thread name to be valid UTF-8, otherwise `Thread::name` will trigger undefined behaviour. I've taken the opportunity to split out the unnamed thread case into a separate `new_unnamed` function to make the safety requirement clearer. All callers meet the safety requirement now that rust-lang#123505 has been merged.
bors
added a commit
to rust-lang-ci/rust
that referenced
this pull request
Apr 14, 2024
…iaskrgr Rollup of 9 pull requests Successful merges: - rust-lang#123651 (Thread local updates for idiomatic examples) - rust-lang#123699 (run-make-support: tidy up support library) - rust-lang#123779 (OpenBSD fix long socket addresses) - rust-lang#123803 (Fix `VecDeque::shrink_to` UB when `handle_alloc_error` unwinds.) - rust-lang#123875 (Doc: replace x with y for hexa-decimal fmt) - rust-lang#123879 (Add missing `unsafe` to some internal `std` functions) - rust-lang#123889 (reduce tidy overheads in run-make checks) - rust-lang#123898 (Generic associated consts: Check regions earlier when comparing impl with trait item def) - rust-lang#123902 (compiletest: Update rustfix to 0.8.1) r? `@ghost` `@rustbot` modify labels: rollup
bors
added a commit
to rust-lang-ci/rust
that referenced
this pull request
Apr 14, 2024
…iaskrgr Rollup of 8 pull requests Successful merges: - rust-lang#123651 (Thread local updates for idiomatic examples) - rust-lang#123699 (run-make-support: tidy up support library) - rust-lang#123779 (OpenBSD fix long socket addresses) - rust-lang#123875 (Doc: replace x with y for hexa-decimal fmt) - rust-lang#123879 (Add missing `unsafe` to some internal `std` functions) - rust-lang#123889 (reduce tidy overheads in run-make checks) - rust-lang#123898 (Generic associated consts: Check regions earlier when comparing impl with trait item def) - rust-lang#123902 (compiletest: Update rustfix to 0.8.1) r? `@ghost` `@rustbot` modify labels: rollup
rust-timer
added a commit
to rust-lang-ci/rust
that referenced
this pull request
Apr 14, 2024
Rollup merge of rust-lang#123879 - beetrees:missing-unsafe, r=Mark-Simulacrum Add missing `unsafe` to some internal `std` functions Adds `unsafe` to a few internal functions that have safety requirements but were previously not marked as `unsafe`. Specifically: - `std::sys::pal::unix::thread::min_stack_size` needs to be `unsafe` as `__pthread_get_minstack` might dereference the passed pointer. All callers currently pass a valid initialised `libc::pthread_attr_t`. - `std::thread::Thread::new` (and `new_inner`) need to be `unsafe` as it requires the passed thread name to be valid UTF-8, otherwise `Thread::name` will trigger undefined behaviour. I've taken the opportunity to split out the unnamed thread case into a separate `new_unnamed` function to make the safety requirement clearer. All callers meet the safety requirement now that rust-lang#123505 has been merged.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Adds
unsafeto a few internal functions that have safety requirements but were previously not marked asunsafe. Specifically:std::sys::pal::unix::thread::min_stack_sizeneeds to beunsafeas__pthread_get_minstackmight dereference the passed pointer. All callers currently pass a valid initialisedlibc::pthread_attr_t.std::thread::Thread::new(andnew_inner) need to beunsafeas it requires the passed thread name to be valid UTF-8, otherwiseThread::namewill trigger undefined behaviour. I've taken the opportunity to split out the unnamed thread case into a separatenew_unnamedfunction to make the safety requirement clearer. All callers meet the safety requirement now that Revert "Use OS thread name by default" #123505 has been merged.