[57_maintenance] Mark BufferBuilder::new_from_buffer as unsafe (#9292)#9312
Merged
alamb merged 1 commit intoapache:57_maintenancefrom Feb 2, 2026
Merged
[57_maintenance] Mark BufferBuilder::new_from_buffer as unsafe (#9292)#9312alamb merged 1 commit intoapache:57_maintenancefrom
BufferBuilder::new_from_buffer as unsafe (#9292)#9312alamb merged 1 commit intoapache:57_maintenancefrom
Conversation
# Which issue does this PR close? <!-- We generally require a GitHub issue to be filed for all bug fixes and enhancements and this helps us generate change logs for our releases. You can link an issue to this PR using the GitHub syntax. --> - Closes apache#9287 # Rationale for this change <!-- Why are you proposing this change? If this is already explained clearly in the issue then this section is not needed. Explaining clearly why changes are proposed helps reviewers understand your changes and offer better suggestions for fixes. --> As identified by the issue, it is possible to use safe APIs to produce an unaligned buffer in `BufferBuilder`. # What changes are included in this PR? <!-- There is no need to duplicate the description in the issue here but it is sometimes worth providing a summary of the individual changes in this PR. --> Mark `BufferBuilder::new_from_buffer` as unsafe since there are alignment invariants that must be upheld to use it correctly. Also fix some docstrings. # Are these changes tested? <!-- We typically require tests for all PRs in order to: 1. Prevent the code from being accidentally broken by subsequent changes 2. Serve as another way to document the expected behavior of the code If tests are not included in your PR, please explain why (for example, are they covered by existing tests)? --> Marking API unsafe only. # Are there any user-facing changes? <!-- If there are user-facing changes then we may require documentation to be updated before approving the PR. If there are any breaking changes to public APIs, please call them out. --> Yes.
This was referenced Jan 30, 2026
Jefffrey
approved these changes
Jan 30, 2026
viirya
approved these changes
Jan 30, 2026
Contributor
Author
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
57.3.0(January 2026) #9240This is a backport of the following PR to the 57 line
BufferBuilder::new_from_bufferas unsafe #9292 from @JefffreyNote this is technically an API change (if this API is used by downstream crates they will have to mark the callsites with
unsafe). However per a conversation with @Jefffrey #9292 (comment) and our general focus on safety, it seems better to err on the safety side