From aea0186fe5e583b101016e40da55bd9adcd0bc27 Mon Sep 17 00:00:00 2001 From: Steve Klabnik Date: Tue, 12 May 2020 11:41:41 -0500 Subject: [PATCH 1/3] make many ptr functions must_use https://djugei.github.io/bad-at-unsafe/ describes an error a user had when trying to use offset: > At first I just assumed that the .add() and .offset() methods on pointers would mutate the pointer. They do not. Instead they return a new pointer, which gets dropped silently if you don't use it. Unlike for example Result, which is must_use annotated. --- src/libcore/intrinsics.rs | 2 ++ src/libcore/ptr/const_ptr.rs | 6 ++++++ src/libcore/ptr/mut_ptr.rs | 6 ++++++ 3 files changed, 14 insertions(+) diff --git a/src/libcore/intrinsics.rs b/src/libcore/intrinsics.rs index 962bcbe61985b..9b53172b00f44 100644 --- a/src/libcore/intrinsics.rs +++ b/src/libcore/intrinsics.rs @@ -1311,6 +1311,7 @@ extern "rust-intrinsic" { /// /// The stabilized version of this intrinsic is /// [`std::pointer::offset`](../../std/primitive.pointer.html#method.offset). + #[must_use = "returns a new pointer rather than modifying its argument"] pub fn offset(dst: *const T, offset: isize) -> *const T; /// Calculates the offset from a pointer, potentially wrapping. @@ -1327,6 +1328,7 @@ extern "rust-intrinsic" { /// /// The stabilized version of this intrinsic is /// [`std::pointer::wrapping_offset`](../../std/primitive.pointer.html#method.wrapping_offset). + #[must_use = "returns a new pointer rather than modifying its argument"] pub fn arith_offset(dst: *const T, offset: isize) -> *const T; /// Equivalent to the appropriate `llvm.memcpy.p0i8.0i8.*` intrinsic, with diff --git a/src/libcore/ptr/const_ptr.rs b/src/libcore/ptr/const_ptr.rs index 94ad77d1ec683..85ba5fc0638ea 100644 --- a/src/libcore/ptr/const_ptr.rs +++ b/src/libcore/ptr/const_ptr.rs @@ -150,6 +150,7 @@ impl *const T { /// } /// ``` #[stable(feature = "rust1", since = "1.0.0")] + #[must_use = "returns a new pointer rather than modifying its argument"] #[inline] pub unsafe fn offset(self, count: isize) -> *const T where @@ -208,6 +209,7 @@ impl *const T { /// } /// ``` #[stable(feature = "ptr_wrapping_offset", since = "1.16.0")] + #[must_use = "returns a new pointer rather than modifying its argument"] #[inline] pub fn wrapping_offset(self, count: isize) -> *const T where @@ -390,6 +392,7 @@ impl *const T { /// } /// ``` #[stable(feature = "pointer_methods", since = "1.26.0")] + #[must_use = "returns a new pointer rather than modifying its argument"] #[inline] pub unsafe fn add(self, count: usize) -> Self where @@ -451,6 +454,7 @@ impl *const T { /// } /// ``` #[stable(feature = "pointer_methods", since = "1.26.0")] + #[must_use = "returns a new pointer rather than modifying its argument"] #[inline] pub unsafe fn sub(self, count: usize) -> Self where @@ -506,6 +510,7 @@ impl *const T { /// } /// ``` #[stable(feature = "pointer_methods", since = "1.26.0")] + #[must_use = "returns a new pointer rather than modifying its argument"] #[inline] pub fn wrapping_add(self, count: usize) -> Self where @@ -561,6 +566,7 @@ impl *const T { /// } /// ``` #[stable(feature = "pointer_methods", since = "1.26.0")] + #[must_use = "returns a new pointer rather than modifying its argument"] #[inline] pub fn wrapping_sub(self, count: usize) -> Self where diff --git a/src/libcore/ptr/mut_ptr.rs b/src/libcore/ptr/mut_ptr.rs index cf9e20aa56941..0781d7e6cac45 100644 --- a/src/libcore/ptr/mut_ptr.rs +++ b/src/libcore/ptr/mut_ptr.rs @@ -144,6 +144,7 @@ impl *mut T { /// } /// ``` #[stable(feature = "rust1", since = "1.0.0")] + #[must_use = "returns a new pointer rather than modifying its argument"] #[inline] pub unsafe fn offset(self, count: isize) -> *mut T where @@ -201,6 +202,7 @@ impl *mut T { /// assert_eq!(&data, &[0, 2, 0, 4, 0]); /// ``` #[stable(feature = "ptr_wrapping_offset", since = "1.16.0")] + #[must_use = "returns a new pointer rather than modifying its argument"] #[inline] pub fn wrapping_offset(self, count: isize) -> *mut T where @@ -436,6 +438,7 @@ impl *mut T { /// } /// ``` #[stable(feature = "pointer_methods", since = "1.26.0")] + #[must_use = "returns a new pointer rather than modifying its argument"] #[inline] pub unsafe fn add(self, count: usize) -> Self where @@ -497,6 +500,7 @@ impl *mut T { /// } /// ``` #[stable(feature = "pointer_methods", since = "1.26.0")] + #[must_use = "returns a new pointer rather than modifying its argument"] #[inline] pub unsafe fn sub(self, count: usize) -> Self where @@ -552,6 +556,7 @@ impl *mut T { /// } /// ``` #[stable(feature = "pointer_methods", since = "1.26.0")] + #[must_use = "returns a new pointer rather than modifying its argument"] #[inline] pub fn wrapping_add(self, count: usize) -> Self where @@ -607,6 +612,7 @@ impl *mut T { /// } /// ``` #[stable(feature = "pointer_methods", since = "1.26.0")] + #[must_use = "returns a new pointer rather than modifying its argument"] #[inline] pub fn wrapping_sub(self, count: usize) -> Self where From 06d692febdba7ad9627d23f53aa302488268f2c4 Mon Sep 17 00:00:00 2001 From: Stefan Lankes Date: Sun, 17 May 2020 23:49:18 +0200 Subject: [PATCH 2/3] use new interface to initialize Condvar HermitCore introduce a new interface to intialize conditional variables. Consequently, minor changes are required to support this interface. --- Cargo.lock | 4 ++-- src/libstd/Cargo.toml | 2 +- src/libstd/sys/hermit/condvar.rs | 8 ++++---- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index d6357823a37f2..22baa79dc6240 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1439,9 +1439,9 @@ dependencies = [ [[package]] name = "hermit-abi" -version = "0.1.12" +version = "0.1.13" source = "registry+/~https://github.com/rust-lang/crates.io-index" -checksum = "61565ff7aaace3525556587bd2dc31d4a07071957be715e63ce7b1eccf51a8f4" +checksum = "91780f809e750b0a89f5544be56617ff6b1227ee485bcb06ebe10cdf89bd3b71" dependencies = [ "compiler_builtins", "libc", diff --git a/src/libstd/Cargo.toml b/src/libstd/Cargo.toml index 923d5fa8cacdb..077ca2a2faa7e 100644 --- a/src/libstd/Cargo.toml +++ b/src/libstd/Cargo.toml @@ -41,7 +41,7 @@ dlmalloc = { version = "0.1", features = ['rustc-dep-of-std'] } fortanix-sgx-abi = { version = "0.3.2", features = ['rustc-dep-of-std'] } [target.'cfg(all(any(target_arch = "x86_64", target_arch = "aarch64"), target_os = "hermit"))'.dependencies] -hermit-abi = { version = "0.1.12", features = ['rustc-dep-of-std'] } +hermit-abi = { version = "0.1.13", features = ['rustc-dep-of-std'] } [target.wasm32-wasi.dependencies] wasi = { version = "0.9.0", features = ['rustc-dep-of-std'], default-features = false } diff --git a/src/libstd/sys/hermit/condvar.rs b/src/libstd/sys/hermit/condvar.rs index 5b7f16ce562b9..ce4f2f2590a28 100644 --- a/src/libstd/sys/hermit/condvar.rs +++ b/src/libstd/sys/hermit/condvar.rs @@ -9,12 +9,13 @@ pub struct Condvar { impl Condvar { pub const fn new() -> Condvar { - Condvar { identifier: 0 } + Condvar { + identifier: 0, + } } - #[inline] pub unsafe fn init(&mut self) { - // nothing to do + let _ = abi::init_queue(self.id()); } pub unsafe fn notify_one(&self) { @@ -50,7 +51,6 @@ impl Condvar { ret } - #[inline] pub unsafe fn destroy(&self) { let _ = abi::destroy_queue(self.id()); } From 3f47d9d2e6195babf10b4063deb504a00aa5d249 Mon Sep 17 00:00:00 2001 From: Stefan Lankes Date: Mon, 18 May 2020 00:06:32 +0200 Subject: [PATCH 3/3] minor changes to pass the format check --- src/libstd/sys/hermit/condvar.rs | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/src/libstd/sys/hermit/condvar.rs b/src/libstd/sys/hermit/condvar.rs index ce4f2f2590a28..94e3275448ae9 100644 --- a/src/libstd/sys/hermit/condvar.rs +++ b/src/libstd/sys/hermit/condvar.rs @@ -9,9 +9,7 @@ pub struct Condvar { impl Condvar { pub const fn new() -> Condvar { - Condvar { - identifier: 0, - } + Condvar { identifier: 0 } } pub unsafe fn init(&mut self) {