WIP: Use a more type safe alternative for sigaction types#5076
Open
lewis-belsten-revill wants to merge 1 commit intorust-lang:libc-0.2from
Open
WIP: Use a more type safe alternative for sigaction types#5076lewis-belsten-revill wants to merge 1 commit intorust-lang:libc-0.2from
lewis-belsten-revill wants to merge 1 commit intorust-lang:libc-0.2from
Conversation
Collaborator
|
lewis-belsten-revill
force-pushed
the
0.2.185-sigaction-cheri
branch
from
e44a9bc to
1559691
Compare
lewis-belsten-revill
force-pushed
the
0.2.185-sigaction-cheri
branch
2 times, most recently
from
2d90d99 to
c6fffa1
Compare
We cannot safely rely on considering usize and pointers as interchangeable, especially on CHERI where the pointer size is larger than a usize. Using a union is a much safer option and it actually communicates the fact that we interpret these fields differently in different situations.
lewis-belsten-revill
force-pushed
the
0.2.185-sigaction-cheri
branch
from
c6fffa1 to
c7aad86
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
We cannot safely rely on considering usize and pointers as interchangeable, especially on CHERI where the pointer size is larger than a usize. Using a union is a much safer option and it actually communicates the fact that we interpret these fields differently in different situations.
Sources
E.G: https://git.musl-libc.org/cgit/musl/tree/include/signal.h#n170
Checklist
libc-test/semverhave been updated*LASTor*MAXareincluded (see #3131)
cd libc-test && cargo test --target mytarget);especially relevant for platforms that may not be checked in CI
This would be a disruptive change to crates currently using these types, however it (or something similar) is absolutely necessary in order for us to be compatible on targets where the size of a function pointer is not equal to a size_t. C is obviously less strict about things which appear to not be unions but that are treated as such, however on the C side, at least the type used in these declarations is the maximum of the two types (fn ptr > size_t), whereas we are just currently using size_t. For an example of the changes this implies to other crates, see lewis-belsten-revill/wait-timeout@f5e0175