Warn on undocumented usage of unsafe #7639
Conversation
hulthe
changed the title
hulthe
force-pushed
the
document-and-lint-all-usages-of-unsafe-des-1459
branch
9 times, most recently
from
aadc8c3 to
410b311
Compare
There was a problem hiding this comment.
Reviewed 8 of 37 files at r1.
Reviewable status: 8 of 37 files reviewed, 1 unresolved discussion
talpid-core/src/split_tunnel/macos/tun.rs line 891 at r1 (raw file):
// cast the array from [i8] to [u8] to enable comparison with String::as_bytes let iface = header.pth_ifname.map(|b| b as u8);
This is a pretty hot path. Might not make any real difference, but now we're iterating over the elements an extra time for no real reason, right?
There was a problem hiding this comment.
Reviewable status: 8 of 37 files reviewed, 1 unresolved discussion (waiting on @dlon)
talpid-core/src/split_tunnel/macos/tun.rs line 891 at r1 (raw file):
Previously, dlon (David Lönnhager) wrote…
This is a pretty hot path. Might not make any real difference, but now we're iterating over the elements an extra time for no real reason, right?
Don't worry. I checked godbolt and it gets compiled into the same assembly as transmute.
There was a problem hiding this comment.
Reviewable status: 0 of 37 files reviewed, all discussions resolved
talpid-core/src/split_tunnel/macos/tun.rs line 891 at r1 (raw file):
Previously, hulthe (Joakim Hulthe) wrote…
Don't worry. I checked godbolt and it gets compiled into the same assembly as
transmute.
Awesome!
There was a problem hiding this comment.
Reviewed 26 of 37 files at r1, 12 of 15 files at r2, all commit messages.
Reviewable status: 37 of 50 files reviewed, 1 unresolved discussion
talpid-openvpn/src/wintun.rs line 353 at r2 (raw file):
let mut buffer = [0u16; 40]; // SAFETY: `gui` and `buffer` are valid references.
⛏️ guid
Code quote:
`gui`
There was a problem hiding this comment.
Reviewed 5 of 37 files at r1, 2 of 15 files at r2.
Reviewable status: 40 of 50 files reviewed, 2 unresolved discussions (waiting on @hulthe)
talpid-core/src/dns/windows/tcpip.rs line 169 at r2 (raw file):
let length = // SAFETY: `gui` and `buffer` are valid references.
Maybe this could say something about the size of buffer.
There was a problem hiding this comment.
Reviewed 7 of 37 files at r1, 2 of 15 files at r2.
Reviewable status: 47 of 50 files reviewed, 2 unresolved discussions (waiting on @hulthe)
There was a problem hiding this comment.
Reviewed 7 of 37 files at r1.
Reviewable status: all files reviewed, 3 unresolved discussions (waiting on @hulthe)
talpid-windows/src/io.rs line 17 at r2 (raw file):
I'm becoming convinced that it is not Sync, when I think about it. 🤷
A common mistake is to reuse an OVERLAPPED structure before the previous asynchronous operation has been completed. You should use a separate structure for each request. You should also create an event object for each thread that processes data.
https://learn.microsoft.com/en-us/windows/win32/api/minwinbase/ns-minwinbase-overlapped
Luckily, we don't actually reuse it while previous operations are not completed.
There was a problem hiding this comment.
Reviewable status: 47 of 50 files reviewed, all discussions resolved (waiting on @dlon and @MarkusPettersson98)
talpid-core/src/dns/windows/tcpip.rs line 169 at r2 (raw file):
Previously, dlon (David Lönnhager) wrote…
Maybe this could say something about the size of
buffer.
Done
talpid-openvpn/src/wintun.rs line 353 at r2 (raw file):
Previously, MarkusPettersson98 (Markus Pettersson) wrote…
⛏️
guid
Done
talpid-windows/src/io.rs line 17 at r2 (raw file):
Previously, dlon (David Lönnhager) wrote…
I'm becoming convinced that it is not
Sync, when I think about it. 🤷A common mistake is to reuse an OVERLAPPED structure before the previous asynchronous operation has been completed. You should use a separate structure for each request. You should also create an event object for each thread that processes data.
https://learn.microsoft.com/en-us/windows/win32/api/minwinbase/ns-minwinbase-overlapped
Luckily, we don't actually reuse it while previous operations are completed.
I removed Sync, it wasn't needed anyway.
There was a problem hiding this comment.
Reviewed 1 of 2 files at r3, 1 of 1 files at r5, all commit messages.
Reviewable status: 49 of 50 files reviewed, all discussions resolved
There was a problem hiding this comment.
Reviewed 1 of 37 files at r1.
Reviewable status: 49 of 50 files reviewed, all discussions resolved
hulthe
force-pushed
the
document-and-lint-all-usages-of-unsafe-des-1459
branch
from
8427371 to
8e5f9a8
Compare
`&mut buffer[0] as *mut u8` will create a raw pointer that is only allowed to access the very first byte of `buffer`. `slice::as_mut_ptr` is preferred.
hulthe
force-pushed
the
document-and-lint-all-usages-of-unsafe-des-1459
branch
from
abe9d9e to
148e43d
Compare
This change is