Description
The goal of this effort is to #![deny(unsafe_op_in_unsafe_fn)]
in all of libstd
, as proposed in rust-lang/compiler-team#317. This means enclosing unsafe operations in unsafe functions inside unsafe blocks, and documenting them as much as possible.
However, as libstd
contains more than 100,000 lines (!!!) and 600 unsafe functions, this should be done step by step, and by multiple people. This issue is meant as a way of tracking and synchronizing progress.
Mentoring instructions (or rather, suggested workflow)
Please first leave a comment here stating that you want to work on file xxx.rs
or module xxx
, to make sure that this implements Sync
.
You'll first want to add a #![deny(unsafe_op_in_unsafe_fn)]
attribute in the scope you'll be working on.
Then, add unsafe
blocks around unsafe operations in unsafe functions. These unsafe operations can be found either by searching for unsafe fn
s, or by running ./x.py check src/libstd
and looking at the errors.
When adding an unsafe block, try to explain why it is safe in a safety comment before the unsafe block. This should look like:
// SAFETY: explain why `unsf` is safe here...
unsafe {
unsf();
}
Example PRs: #72709 (for liballoc
) and #73622 (for libcore
)
TODO list
-
alloc.rs
(@poliorcetics, Deny unsafe operations in unsafe functions in libstd/alloc.rs #74333) -
fs.rs
(@eltonlaw,#[deny(unsafe_op_in_unsafe_fn)]
in libstd/fs.rs #73909) -
panicking.rs
(@poliorcetics, Std panicking unsafe block in unsafe fn #74200) -
path.rs
(@hellow554, deny(unsafe_op_in_unsafe_fn) in libstd/path.rs #73963) -
primitive_docs.rs
-
process.rs
(@hellow554, deny(unsafe_op_in_unsafe_fn) in libstd/process.rs #73955) -
sys_common/
(@LeSeulArtichaut, Deny unsafe ops in unsafe fns instd::sys_common
#73928) -
net/tcp.rs
(@ryr3, libstd/net/tcp.rs: #![deny(unsafe_op_in_unsafe_fn)] #73962) -
io/
(@ryr3) -
ffi/c_str.rs
(@poliorcetics, deny(unsafe_op_in_unsafe_fn) in libstd/ffi/c_str.rs #74062) -
(@poliorcetics, Deny unsafe operations in unsafe fns in libstd/sync/ #74278)sync/mpsc
-
thread/
(@poliorcetics, Std/thread: deny unsafe op in unsafe fn #74225) -
sys/
-
sys/cloudabi
(@chansuke,#[deny(unsafe_op_in_unsafe_fn)]
in sys/cloudabi #75115) -
sys/hermit
(@maekawatoshiki,#![deny(unsafe_op_in_unsafe_fn)]
in sys/hermit #74979) -
sys/sgx
(@Caduser2020,#[deny(unsafe_op_in_unsafe_fn)]
in sys/sgx #77346) -
sys/unix
(@euclio) -
sys/unsupported
(@m-ou-se, Remove unsafety from sys/unsupported and add deny(unsafe_op_in_unsafe_fn). #77722) -
sys/vxworks
-
sys/wasm
(@chansuke,#[deny(unsafe_op_in_unsafe_fn)]
in sys/wasm #74477) -
sys/wasi
(@Amjad50, Applied#![deny(unsafe_op_in_unsafe_fn)]
in library/std/src/wasi #75971) -
sys/windows
(unclaimed, previous attempt: Apply#![deny(unsafe_op_in_unsafe_fn)]
to sys/windows #76676)
-