Home Original page

Rollup merge of #127789 - Sword-Destiny:master, r=petrochenkov · model-checking/verify-rust-std@5e4edba

@@ -28,22 +28,24 @@ impl Thread {

2828

// unsafe: see thread::Builder::spawn_unchecked for safety requirements

2929

pub unsafe fn new(stack: usize, p: Box<dyn FnOnce()>) -> io::Result<Thread> {

3030

let p = Box::into_raw(Box::new(p));

31-

let mut native: libc::pthread_t = mem::zeroed();

32-

let mut attr: libc::pthread_attr_t = mem::zeroed();

33-

assert_eq!(libc::pthread_attr_init(&mut attr), 0);

31+

let mut native: libc::pthread_t = unsafe { mem::zeroed() };

32+

let mut attr: libc::pthread_attr_t = unsafe { mem::zeroed() };

33+

assert_eq!(unsafe { libc::pthread_attr_init(&mut attr) }, 0);

3434

assert_eq!(

35-

libc::pthread_attr_settee(

36-

&mut attr,

37-

libc::TEESMP_THREAD_ATTR_CA_INHERIT,

38-

libc::TEESMP_THREAD_ATTR_TASK_ID_INHERIT,

39-

libc::TEESMP_THREAD_ATTR_HAS_SHADOW,

40-

),

35+

unsafe {

36+

libc::pthread_attr_settee(

37+

&mut attr,

38+

libc::TEESMP_THREAD_ATTR_CA_INHERIT,

39+

libc::TEESMP_THREAD_ATTR_TASK_ID_INHERIT,

40+

libc::TEESMP_THREAD_ATTR_HAS_SHADOW,

41+

)

42+

},

4143

0,

4244

);

43454446

let stack_size = cmp::max(stack, min_stack_size(&attr));

454746-

match libc::pthread_attr_setstacksize(&mut attr, stack_size) {

48+

match unsafe { libc::pthread_attr_setstacksize(&mut attr, stack_size) } {

4749

0 => {}

4850

n => {

4951

assert_eq!(n, libc::EINVAL);

@@ -54,20 +56,20 @@ impl Thread {

5456

let page_size = os::page_size();

5557

let stack_size =

5658

(stack_size + page_size - 1) & (-(page_size as isize - 1) as usize - 1);

57-

assert_eq!(libc::pthread_attr_setstacksize(&mut attr, stack_size), 0);

59+

assert_eq!(unsafe { libc::pthread_attr_setstacksize(&mut attr, stack_size) }, 0);

5860

}

5961

};

60626163

let ret = libc::pthread_create(&mut native, &attr, thread_start, p as *mut _);

6264

// Note: if the thread creation fails and this assert fails, then p will

6365

// be leaked. However, an alternative design could cause double-free

6466

// which is clearly worse.

65-

assert_eq!(libc::pthread_attr_destroy(&mut attr), 0);

67+

assert_eq!(unsafe { libc::pthread_attr_destroy(&mut attr) }, 0);

66686769

return if ret != 0 {

6870

// The thread failed to start and as a result p was not consumed. Therefore, it is

6971

// safe to reconstruct the box so that it gets deallocated.

70-

drop(Box::from_raw(p));

72+

drop(unsafe { Box::from_raw(p) });

7173

Err(io::Error::from_raw_os_error(ret))

7274

} else {

7375

// The new thread will start running earliest after the next yield.