-
Notifications
You must be signed in to change notification settings - Fork 12.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
#![deny(unsafe_op_in_unsafe_fn)]
in libstd
#73904
Comments
I'd like to work on sys/unix. |
I'd like to work on |
I'd like to take up |
…ckler `#[deny(unsafe_op_in_unsafe_fn)]` in libstd/fs.rs The `libstd/fs.rs` part of rust-lang#73904 . Wraps the two calls to an unsafe fn `Initializer::nop()` in an `unsafe` block. Followed instructions in parent issue, ran `./x.py check src/libstd/` after adding the lint and two warnings were given. After adding these changes, those disappear.
…ckler `#[deny(unsafe_op_in_unsafe_fn)]` in libstd/fs.rs The `libstd/fs.rs` part of rust-lang#73904 . Wraps the two calls to an unsafe fn `Initializer::nop()` in an `unsafe` block. Followed instructions in parent issue, ran `./x.py check src/libstd/` after adding the lint and two warnings were given. After adding these changes, those disappear.
…ckler `#[deny(unsafe_op_in_unsafe_fn)]` in libstd/fs.rs The `libstd/fs.rs` part of rust-lang#73904 . Wraps the two calls to an unsafe fn `Initializer::nop()` in an `unsafe` block. Followed instructions in parent issue, ran `./x.py check src/libstd/` after adding the lint and two warnings were given. After adding these changes, those disappear.
…ckler `#[deny(unsafe_op_in_unsafe_fn)]` in libstd/fs.rs The `libstd/fs.rs` part of rust-lang#73904 . Wraps the two calls to an unsafe fn `Initializer::nop()` in an `unsafe` block. Followed instructions in parent issue, ran `./x.py check src/libstd/` after adding the lint and two warnings were given. After adding these changes, those disappear.
Took care of process.rs in #73955 What do you expect for |
I built that list by running ripgrep to find occurrences of "unsafe fn" and blindly copied it. You’re right, there’s nothing to do, obviously since everything is comments :D |
I'd like to be pinged on any PRs that touch windows bits. |
FYI: #73909 has been merged and now |
Can I try working on the grep -l -d recurse 'unsafe fn' io | xargs vim # Or your editor |
@ryr3 please go ahead! |
I started to work on it and saw that some files required other crates which need to be changed first. |
I think that's only macros being problematic. You cannot put unsafe blocks in the macro, because it will make use sites which aren't using |
Also cc @RalfJung as this problem might have an impact on the design of the feature. |
…fe_fn, r=Mark-Simulacrum Applied `#![deny(unsafe_op_in_unsafe_fn)]` in library/std/src/wasi partial fix for rust-lang#73904 There are still more that was not applied in [mod.rs]( https://github.com/rust-lang/rust/blob/38fab2ea92a48980219989817201bf2094ae826a/library/std/src/sys/wasi/mod.rs) and that is due to its using files from `../unsupported` like: ``` #[path = "../unsupported/cmath.rs"] pub mod cmath; ```
I'll take |
…mulacrum deny(unsafe_op_in_unsafe_fn) in libstd/process.rs The libstd/process.rs part of rust-lang#73904 . Wraps the two calls to an unsafe fn Initializer::nop() in an unsafe block. Will have to wait for rust-lang#73909 to be merged, because of the feature in the libstd/lib.rs
…acrum deny(unsafe_op_in_unsafe_fn) in libstd/path.rs The libstd/path.rs part of rust-lang#73904 . Wraps the two calls to an unsafe fn Initializer::nop() in an unsafe block.
…acrum deny(unsafe_op_in_unsafe_fn) in libstd/path.rs The libstd/path.rs part of rust-lang#73904 . Wraps the two calls to an unsafe fn Initializer::nop() in an unsafe block.
…n-unsafe-fn, r=joshtriplett Std/thread: deny unsafe op in unsafe fn Partial fix of rust-lang#73904. This encloses `unsafe` operations in `unsafe fn` in `libstd/thread`. @rustbot modify labels: F-unsafe-block-in-unsafe-fn
…n-unsafe-fn, r=joshtriplett Std/thread: deny unsafe op in unsafe fn Partial fix of rust-lang#73904. This encloses `unsafe` operations in `unsafe fn` in `libstd/thread`. @rustbot modify labels: F-unsafe-block-in-unsafe-fn
…n-unsafe-fn, r=joshtriplett Std/thread: deny unsafe op in unsafe fn Partial fix of rust-lang#73904. This encloses `unsafe` operations in `unsafe fn` in `libstd/thread`. @rustbot modify labels: F-unsafe-block-in-unsafe-fn
…unsafe-fn, r=joshtriplett Std/thread: deny unsafe op in unsafe fn Partial fix of rust-lang#73904. This encloses `unsafe` operations in `unsafe fn` in `libstd/thread`. `@rustbot` modify labels: F-unsafe-block-in-unsafe-fn
I would like to take |
`#[deny(unsafe_op_in_unsafe_fn)]` in sys/sgx This is part of rust-lang#73904. Enclose unsafe operations in unsafe blocks in `libstd/sys/sgx`.
|
I have adjusted the E- tag here to E-hard, because for the most part, correctly checking the requirements and determining the appropriate safety comment to write is not an easy task. It might be a medium task (unclear), but it feels hard to me. |
…fe-fn, r=Mark-Simulacrum `#[deny(unsafe_op_in_unsafe_fn)]` in sys/wasm This is part of rust-lang#73904. This encloses unsafe operations in unsafe fn in `libstd/sys/wasm`. @rustbot modify labels: F-unsafe-block-in-unsafe-fn
…fe-fn, r=Mark-Simulacrum `#[deny(unsafe_op_in_unsafe_fn)]` in sys/wasm This is part of rust-lang#73904. This encloses unsafe operations in unsafe fn in `libstd/sys/wasm`. @rustbot modify labels: F-unsafe-block-in-unsafe-fn
…fe-fn, r=Mark-Simulacrum `#[deny(unsafe_op_in_unsafe_fn)]` in sys/wasm This is part of rust-lang#73904. This encloses unsafe operations in unsafe fn in `libstd/sys/wasm`. @rustbot modify labels: F-unsafe-block-in-unsafe-fn
`#![deny(unsafe_op_in_unsafe_fn)]` in sys/hermit Partial fix of rust-lang#73904. This encloses ``unsafe`` operations in ``unsafe fn`` in ``sys/hermit``. Some unsafe blocks are not well documented because some system-based functions lack documents.
`#![deny(unsafe_op_in_unsafe_fn)]` in sys/hermit Partial fix of rust-lang#73904. This encloses ``unsafe`` operations in ``unsafe fn`` in ``sys/hermit``. Some unsafe blocks are not well documented because some system-based functions lack documents.
`#![deny(unsafe_op_in_unsafe_fn)]` in sys/hermit Partial fix of rust-lang#73904. This encloses ``unsafe`` operations in ``unsafe fn`` in ``sys/hermit``. Some unsafe blocks are not well documented because some system-based functions lack documents.
@LeSeulArtichaut @ryr3 @euclio @carbotaniuman you are currently "registered" at the top of this issue for various parts of std to be ported to |
Feel free to take my name off, I think I put my name on before a hiatus and I don't remember this anymore. |
The goal of this effort is to
#![deny(unsafe_op_in_unsafe_fn)]
in all oflibstd
, as proposed in rust-lang/compiler-team#317. This means enclosing unsafe operations in unsafe functions inside unsafe blocks, and documenting them as much as possible.However, as
libstd
contains more than 100,000 lines (!!!) and 600 unsafe functions, this should be done step by step, and by multiple people. This issue is meant as a way of tracking and synchronizing progress.cc @nikomatsakis @RalfJung
Mentoring instructions (or rather, suggested workflow)
Please first leave a comment here stating that you want to work on file
xxx.rs
or modulexxx
, to make sure that this implementsSync
.You'll first want to add a
#![deny(unsafe_op_in_unsafe_fn)]
attribute in the scope you'll be working on.Then, add
unsafe
blocks around unsafe operations in unsafe functions. These unsafe operations can be found either by searching forunsafe fn
s, or by running./x.py check src/libstd
and looking at the errors.When adding an unsafe block, try to explain why it is safe in a safety comment before the unsafe block. This should look like:
Example PRs: #72709 (for
liballoc
) and #73622 (forlibcore
)TODO list
alloc.rs
(@poliorcetics, Deny unsafe operations in unsafe functions in libstd/alloc.rs #74333)fs.rs
(@eltonlaw,#[deny(unsafe_op_in_unsafe_fn)]
in libstd/fs.rs #73909)panicking.rs
(@poliorcetics, Std panicking unsafe block in unsafe fn #74200)path.rs
(@hellow554, deny(unsafe_op_in_unsafe_fn) in libstd/path.rs #73963)primitive_docs.rs
process.rs
(@hellow554, deny(unsafe_op_in_unsafe_fn) in libstd/process.rs #73955)sys_common/
(@LeSeulArtichaut, Deny unsafe ops in unsafe fns instd::sys_common
#73928)net/tcp.rs
(@ryr3, libstd/net/tcp.rs: #![deny(unsafe_op_in_unsafe_fn)] #73962)io/
(@ryr3)ffi/c_str.rs
(@poliorcetics, deny(unsafe_op_in_unsafe_fn) in libstd/ffi/c_str.rs #74062)(@poliorcetics, Deny unsafe operations in unsafe fns in libstd/sync/ #74278)sync/mpsc
thread/
(@poliorcetics, Std/thread: deny unsafe op in unsafe fn #74225)sys/
sys/cloudabi
(@chansuke,#[deny(unsafe_op_in_unsafe_fn)]
in sys/cloudabi #75115)sys/hermit
(@maekawatoshiki,#![deny(unsafe_op_in_unsafe_fn)]
in sys/hermit #74979)sys/sgx
(@Caduser2020,#[deny(unsafe_op_in_unsafe_fn)]
in sys/sgx #77346)sys/unix
(@euclio)sys/unsupported
(@m-ou-se, Remove unsafety from sys/unsupported and add deny(unsafe_op_in_unsafe_fn). #77722)sys/vxworks
sys/wasm
(@chansuke,#[deny(unsafe_op_in_unsafe_fn)]
in sys/wasm #74477)sys/wasi
(@Amjad50, Applied#![deny(unsafe_op_in_unsafe_fn)]
in library/std/src/wasi #75971)sys/windows
(unclaimed, previous attempt: Apply#![deny(unsafe_op_in_unsafe_fn)]
to sys/windows #76676)The text was updated successfully, but these errors were encountered: