Skip to content

Add missing unsafe to some internal std functions #123879

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Apr 14, 2024
Merged

Add missing unsafe to some internal std functions #123879

merged 2 commits into from
Apr 14, 2024

Conversation

beetrees
Copy link
Contributor

Adds unsafe to a few internal functions that have safety requirements but were previously not marked as unsafe. Specifically:

  • std::sys::pal::unix::thread::min_stack_size needs to be unsafe as __pthread_get_minstack might dereference the passed pointer. All callers currently pass a valid initialised libc::pthread_attr_t.
  • std::thread::Thread::new (and new_inner) need to be unsafe as it requires the passed thread name to be valid UTF-8, otherwise Thread::name will trigger undefined behaviour. I've taken the opportunity to split out the unnamed thread case into a separate new_unnamed function to make the safety requirement clearer. All callers meet the safety requirement now that Revert "Use OS thread name by default" #123505 has been merged.

@rustbot
Copy link
Collaborator

rustbot commented Apr 13, 2024

r? @Mark-Simulacrum

rustbot has assigned @Mark-Simulacrum.
They will have a look at your PR within the next two weeks and either review your PR or reassign to another reviewer.

Use r? to explicitly pick a reviewer

@rustbot rustbot added O-unix Operating system: Unix-like S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. T-libs Relevant to the library team, which will review and decide on the PR/issue. labels Apr 13, 2024
@rust-log-analyzer

This comment has been minimized.

Sign in to view
@Mark-Simulacrum
Copy link
Member

@bors r+

@bors
Copy link
Collaborator

bors commented Apr 13, 2024

📌 Commit 126c762 has been approved by Mark-Simulacrum

It is now in the queue for this repository.

@bors bors added S-waiting-on-bors Status: Waiting on bors to run and complete tests. Bors will change the label on completion. and removed S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. labels Apr 13, 2024
matthiaskrgr added a commit to matthiaskrgr/rust that referenced this pull request Apr 14, 2024
@matthiaskrgr
Rollup merge of rust-lang#123879 - beetrees:missing-unsafe, r=Mark-Si…
e297869 
…mulacrum

Add missing `unsafe` to some internal `std` functions

Adds `unsafe` to a few internal functions that have safety requirements but were previously not marked as `unsafe`. Specifically:

- `std::sys::pal::unix::thread::min_stack_size` needs to be `unsafe` as `__pthread_get_minstack` might dereference the passed pointer. All callers currently pass a valid initialised `libc::pthread_attr_t`.
- `std::thread::Thread::new` (and `new_inner`) need to be `unsafe` as it requires the passed thread name to be valid UTF-8, otherwise `Thread::name` will trigger undefined behaviour. I've taken the opportunity to split out the unnamed thread case into a separate `new_unnamed` function to make the safety requirement clearer. All callers meet the safety requirement now that rust-lang#123505 has been merged.
@matthiaskrgr matthiaskrgr mentioned this pull request Apr 14, 2024
Closed
bors added a commit to rust-lang-ci/rust that referenced this pull request Apr 14, 2024
@bors
Auto merge of rust-lang#123910 - matthiaskrgr:rollup-8imjhnf, r=matth…
9524b6e 
…iaskrgr

Rollup of 9 pull requests

Successful merges:

 - rust-lang#123651 (Thread local updates for idiomatic examples)
 - rust-lang#123699 (run-make-support: tidy up support library)
 - rust-lang#123779 (OpenBSD fix long socket addresses)
 - rust-lang#123803 (Fix `VecDeque::shrink_to` UB when `handle_alloc_error` unwinds.)
 - rust-lang#123875 (Doc: replace x with y for hexa-decimal fmt)
 - rust-lang#123879 (Add missing `unsafe` to some internal `std` functions)
 - rust-lang#123889 (reduce tidy overheads in run-make checks)
 - rust-lang#123898 (Generic associated consts: Check regions earlier when comparing impl with trait item def)
 - rust-lang#123902 (compiletest: Update rustfix to 0.8.1)

r? `@ghost`
`@rustbot` modify labels: rollup
@matthiaskrgr matthiaskrgr mentioned this pull request Apr 14, 2024
Merged
bors added a commit to rust-lang-ci/rust that referenced this pull request Apr 14, 2024
@bors
Auto merge of rust-lang#123913 - matthiaskrgr:rollup-w8stnwl, r=matth…
78bc0a5 
…iaskrgr

Rollup of 8 pull requests

Successful merges:

 - rust-lang#123651 (Thread local updates for idiomatic examples)
 - rust-lang#123699 (run-make-support: tidy up support library)
 - rust-lang#123779 (OpenBSD fix long socket addresses)
 - rust-lang#123875 (Doc: replace x with y for hexa-decimal fmt)
 - rust-lang#123879 (Add missing `unsafe` to some internal `std` functions)
 - rust-lang#123889 (reduce tidy overheads in run-make checks)
 - rust-lang#123898 (Generic associated consts: Check regions earlier when comparing impl with trait item def)
 - rust-lang#123902 (compiletest: Update rustfix to 0.8.1)

r? `@ghost`
`@rustbot` modify labels: rollup
@bors bors merged commit 2ba0c62 into rust-lang:master Apr 14, 2024
@rustbot rustbot added this to the 1.79.0 milestone Apr 14, 2024
rust-timer added a commit to rust-lang-ci/rust that referenced this pull request Apr 14, 2024
@rust-timer
Unrolled build for rust-lang#123879
a931b9c 
Rollup merge of rust-lang#123879 - beetrees:missing-unsafe, r=Mark-Simulacrum

Add missing `unsafe` to some internal `std` functions

Adds `unsafe` to a few internal functions that have safety requirements but were previously not marked as `unsafe`. Specifically:

- `std::sys::pal::unix::thread::min_stack_size` needs to be `unsafe` as `__pthread_get_minstack` might dereference the passed pointer. All callers currently pass a valid initialised `libc::pthread_attr_t`.
- `std::thread::Thread::new` (and `new_inner`) need to be `unsafe` as it requires the passed thread name to be valid UTF-8, otherwise `Thread::name` will trigger undefined behaviour. I've taken the opportunity to split out the unnamed thread case into a separate `new_unnamed` function to make the safety requirement clearer. All callers meet the safety requirement now that rust-lang#123505 has been merged.
@beetrees beetrees deleted the missing-unsafe branch April 14, 2024 16:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@Mark-Simulacrum Mark-Simulacrum

Labels
O-unix Operating system: Unix-like S-waiting-on-bors Status: Waiting on bors to run and complete tests. Bors will change the label on completion. T-libs Relevant to the library team, which will review and decide on the PR/issue.
Projects
None yet
Milestone
1.79.0
Development

Successfully merging this pull request may close these issues.
5 participants
@beetrees @rustbot @rust-log-analyzer @Mark-Simulacrum @bors