Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Make Client::from_env safe to call for any number of times #57

Merged
merged 2 commits into from
Mar 3, 2024
Merged

feat: Make Client::from_env safe to call for any number of times #57

merged 2 commits into from
Mar 3, 2024

Conversation

NobodyXu
Copy link
Contributor

@NobodyXu NobodyXu commented Aug 3, 2023

So that it can be used in different crates without causing UB.

Motivation

opencv-rust uses jobserver::Client::from_env in its build.rs to parallelize generation of bindings, then call cc::Build::compile with features cc/parallel enabled it will also call jobserver::Client::from_env and creates a UB rust-lang/cc-rs#844 (comment)

Workaround for this will require either wrapping jobserver::Client with std::mem::ManuallyDrop, or switching to my fork jobslot which supports calling Client::from_env unlimited number of times.

This PR thus port the change to upstream so that any crate using jobserver can benefit from this and can stop worrying about UB caused by calling Clieng::from_env multiple times in different crates.

@carbotaniuman carbotaniuman mentioned this pull request Sep 22, 2023
Open
@twistedfall twistedfall mentioned this pull request Oct 21, 2023
Closed
@petrochenkov petrochenkov mentioned this pull request Feb 7, 2024
Merged
weihanglo
weihanglo reviewed Feb 7, 2024
View reviewed changes
src/unix.rs Show resolved Hide resolved
src/unix.rs Show resolved Hide resolved
@NobodyXu
feat: Make Client::from_env safe to call for any number of time
108d8a4 
So that it can be used in different crates without causing UB.

Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
@NobodyXu
Use BorrowedFd instead of ManuallyDrop<File> for cloning fd
1c44c55 
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
@NobodyXu NobodyXu requested a review from weihanglo March 2, 2024 06:59
@NobodyXu NobodyXu mentioned this pull request Mar 3, 2024
Merged
weihanglo
weihanglo approved these changes Mar 3, 2024
View reviewed changes
Copy link
Member

@weihanglo weihanglo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me. Thanks!

src/unix.rs
@@ -444,6 +445,14 @@ unsafe fn fd_check(fd: c_int, check_pipe: bool) -> Result<(), FromEnvErrorInner>
}
}

fn clone_fd_and_set_cloexec(fd: c_int) -> Result<File, FromEnvErrorInner> {
// Safety: fd is a valid fd dand it remains open until returns
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
// Safety: fd is a valid fd dand it remains open until returns
// Safety: fd is a valid fd and it remains open until returns

weihanglo
weihanglo reviewed Mar 3, 2024
View reviewed changes
src/lib.rs
Comment on lines +286 to +295
/// # Safety
///
/// This function is `unsafe` to call on Unix specifically as it
/// transitively requires usage of the `from_raw_fd` function, which is
/// itself unsafe in some circumstances.
///
/// It's recommended to call this function very early in the lifetime of a
/// program before any other file descriptors are opened. That way you can
/// make sure to take ownership properly of the file descriptors passed
/// down, if any.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: How about this?

Suggested change
/// # Safety
///
/// This function is `unsafe` to call on Unix specifically as it
/// transitively requires usage of the `from_raw_fd` function, which is
/// itself unsafe in some circumstances.
///
/// It's recommended to call this function very early in the lifetime of a
/// program before any other file descriptors are opened. That way you can
/// make sure to take ownership properly of the file descriptors passed
/// down, if any.
/// # Safety
///
/// See the "Safety" section in [`Client::from_env_ext`].

@weihanglo
Copy link
Member

I don't think it worth more back-and-forth. Let's merge this and improve comments later!

@weihanglo weihanglo merged commit 5530ff4 into rust-lang:main Mar 3, 2024
14 checks passed
@NobodyXu NobodyXu deleted the feat/unlimited-from-env branch March 4, 2024 13:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@weihanglo weihanglo weihanglo approved these changes

@carbotaniuman carbotaniuman Awaiting requested review from carbotaniuman

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@NobodyXu @weihanglo @carbotaniuman