Rollup merge of #127789 - Sword-Destiny:master, r=petrochenkov · model-checking/verify-rust-std@5e4edba (original) (raw)

`@@ -28,22 +28,24 @@ impl Thread {

`

28

28

`// unsafe: see thread::Builder::spawn_unchecked for safety requirements

`

29

29

`pub unsafe fn new(stack: usize, p: Box<dyn FnOnce()>) -> io::Result {

`

30

30

`let p = Box::into_raw(Box::new(p));

`

31

``

`-

let mut native: libc::pthread_t = mem::zeroed();

`

32

``

`-

let mut attr: libc::pthread_attr_t = mem::zeroed();

`

33

``

`-

assert_eq!(libc::pthread_attr_init(&mut attr), 0);

`

``

31

`+

let mut native: libc::pthread_t = unsafe { mem::zeroed() };

`

``

32

`+

let mut attr: libc::pthread_attr_t = unsafe { mem::zeroed() };

`

``

33

`+

assert_eq!(unsafe { libc::pthread_attr_init(&mut attr) }, 0);

`

34

34

`assert_eq!(

`

35

``

`-

libc::pthread_attr_settee(

`

36

``

`-

&mut attr,

`

37

``

`-

libc::TEESMP_THREAD_ATTR_CA_INHERIT,

`

38

``

`-

libc::TEESMP_THREAD_ATTR_TASK_ID_INHERIT,

`

39

``

`-

libc::TEESMP_THREAD_ATTR_HAS_SHADOW,

`

40

``

`-

),

`

``

35

`+

unsafe {

`

``

36

`+

libc::pthread_attr_settee(

`

``

37

`+

&mut attr,

`

``

38

`+

libc::TEESMP_THREAD_ATTR_CA_INHERIT,

`

``

39

`+

libc::TEESMP_THREAD_ATTR_TASK_ID_INHERIT,

`

``

40

`+

libc::TEESMP_THREAD_ATTR_HAS_SHADOW,

`

``

41

`+

)

`

``

42

`+

},

`

41

43

`0,

`

42

44

`);

`

43

45

``

44

46

`let stack_size = cmp::max(stack, min_stack_size(&attr));

`

45

47

``

46

``

`-

match libc::pthread_attr_setstacksize(&mut attr, stack_size) {

`

``

48

`+

match unsafe { libc::pthread_attr_setstacksize(&mut attr, stack_size) } {

`

47

49

`0 => {}

`

48

50

` n => {

`

49

51

`assert_eq!(n, libc::EINVAL);

`

`@@ -54,20 +56,20 @@ impl Thread {

`

54

56

`let page_size = os::page_size();

`

55

57

`let stack_size =

`

56

58

`(stack_size + page_size - 1) & (-(page_size as isize - 1) as usize - 1);

`

57

``

`-

assert_eq!(libc::pthread_attr_setstacksize(&mut attr, stack_size), 0);

`

``

59

`+

assert_eq!(unsafe { libc::pthread_attr_setstacksize(&mut attr, stack_size) }, 0);

`

58

60

`}

`

59

61

`};

`

60

62

``

61

63

`let ret = libc::pthread_create(&mut native, &attr, thread_start, p as *mut _);

`

62

64

`// Note: if the thread creation fails and this assert fails, then p will

`

63

65

`// be leaked. However, an alternative design could cause double-free

`

64

66

`// which is clearly worse.

`

65

``

`-

assert_eq!(libc::pthread_attr_destroy(&mut attr), 0);

`

``

67

`+

assert_eq!(unsafe { libc::pthread_attr_destroy(&mut attr) }, 0);

`

66

68

``

67

69

`return if ret != 0 {

`

68

70

`// The thread failed to start and as a result p was not consumed. Therefore, it is

`

69

71

`// safe to reconstruct the box so that it gets deallocated.

`

70

``

`-

drop(Box::from_raw(p));

`

``

72

`+

drop(unsafe { Box::from_raw(p) });

`

71

73

`Err(io::Error::from_raw_os_error(ret))

`

72

74

`} else {

`

73

75

`// The new thread will start running earliest after the next yield.

`