refactor(profiling): ErrnoBackup::new is safe

morrisonlevi · morrisonlevi · commit 214d8308c15a · 2026-02-17T15:09:14.000-07:00
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/profiling/Cargo.toml b/profiling/Cargo.toml
@@ -51,6 +51,7 @@ features = ["env-filter", "fmt", "smallvec", "std"]
 allocator-api2 = { version = "0.2", default-features = false, features = ["alloc"] }
 criterion = { version = "0.5.1" }
 datadog-php-profiling = { path = ".", features = ["test"] }
+static_assertions = "1"
 
 [target.'cfg(target_arch = "x86_64")'.dev-dependencies]
 criterion-perf-events = "0.4.0"
diff --git a/profiling/src/io/mod.rs b/profiling/src/io/mod.rs
@@ -30,22 +30,21 @@ struct ErrnoBackup {
 impl ErrnoBackup {
     /// Snapshots the current `errno` value.
     #[inline]
-    unsafe fn new() -> Self {
-        let location = libc::__errno_location();
-        Self {
-            errno: *location,
-            location,
-        }
+    fn new() -> Self {
+        // SAFETY: errno location is initialized in program/thread startup.
+        let location = unsafe { libc::__errno_location() };
+        // SAFETY: errno pointer is safe to read from same thread.
+        let errno = unsafe { location.read() };
+        Self { errno, location }
     }
 }
 
 impl Drop for ErrnoBackup {
     /// Restores `errno` value.
     #[inline]
     fn drop(&mut self) {
-        unsafe {
-            *self.location = self.errno;
-        }
+        // SAFETY: points to thread's errno (cached in new), safe for writes.
+        unsafe { self.location.write(self.errno) }
     }
 }
 
@@ -700,3 +699,11 @@ pub fn io_prof_first_rinit() {
         };
     }
 }
+
+#[cfg(test)]
+mod tests {
+    use super::ErrnoBackup;
+    use static_assertions::assert_not_impl_any;
+
+    assert_not_impl_any!(ErrnoBackup: Send, Sync);
+}
