Stabilize process_set_argv0 feature for Unix
This stabilizes process_set_argv0 targeting 1.45.0. It has been
useful in practice and seems useful as-is.
The equivalent feature could be implemented for Windows, but as far as I
know nobody has. That can be done separately.
Tracking issue: #66510
abort_internal is safe
`sys::abort_internal` is stably exposed as a safe function. Forward that assumption "inwards" to the `sys` module by making the function itself safe, too.
This corresponds to what https://github.com/rust-lang/rust/pull/72204 did for the intrinsic. We should probably wait until that lands because some of the intrinsic calls in this PR might then need adjustments.
This stabilizes process_set_argv0 targeting 1.45.0. It has been
useful in practice and seems useful as-is.
The equivalent feature could be implemented for Windows, but as far as I
know nobody has. That can be done separately.
Tracking issue: #66510
Allow a few warnings.
On Windows, these types were causing warnings to be emitted during the
build. These types are allowed to not have idiomatic names, so the
warning should be supressed.
On Windows, these types were causing warnings to be emitted during the
build. These types are allowed to not have idiomatic names, so the
warning should be supressed.
explain the types used in the open64 call
Fixes https://github.com/rust-lang/rust/issues/71915, where I learned about this quirk. I don't actually know what I am talking about here. ;)
When working with an arbitrary reader or writer, code that uses vectored
operations may end up being slower than code that copies into a single
buffer when the underlying reader or writer doesn't actually support
vectored operations. These new methods allow you to ask the reader or
witer up front if vectored operations are efficiently supported.
Currently, you have to use some heuristics to guess by e.g. checking if
the read or write only accessed the first buffer. Hyper is one concrete
example of a library that has to do this dynamically:
0eaf304644/src/proto/h1/io.rs (L582-L594)
The ioctl(FIONBIO) method of setting a file descriptor to be
non-blocking does not notify the underlying resource in the same way
that fcntl(F_SETFL, O_NONBLOCK) does on illumos and Solaris.
add basic support of OsStrExt for HermitCore
- this patch increases the compatibility to other operating systems
- in principle `ffi.rs` is derived from `src/libstd/sys/unix/ext/ffi.rs`
Simplify dtor registration for HermitCore by using a list of destructors
The implementation is similar to the macOS version and doesn't depend on additional OS support
add basic IP support in HermitCore
- add initial version to support sockets
- use TcpStream as test case
- HermitCore uses smoltcp as IP stack for pure Rust applications
- further functionalities (e.g. UDP support) will be added step by step
- in principle, the current PR is a revision of #69404
Fix double-free and undefined behaviour in libstd::syn::unix::Thread::new
While working on concurrency support for Miri, I found that the `libstd::syn::unix::Thread::new` method has two potential problems: double-free and undefined behaviour.
**Double-free** could occur if the following events happened (credit for pointing this out goes to @RalfJung):
1. The call to `pthread_create` successfully launched a new thread that executed to completion and deallocated `p`.
2. The call to `pthread_attr_destroy` returned a non-zero value causing the `assert_eq!` to panic.
3. Since `mem::forget(p)` was not yet executed, the destructor of `p` would be executed and cause a double-free.
As far as I understand, this code also violates the stacked-borrows aliasing rules and thus would result in **undefined behaviour** if these rules were adopted. The problem is that the ownership of `p` is passed to the newly created thread before the call to `mem::forget`. Since the call to `mem::forget` is still a call, it counts as a use of `p` and triggers UB.
This pull request changes the code to use `mem::ManuallyDrop` instead of `mem::forget`. As a consequence, in case of a panic, `p` would be potentially leaked, which while undesirable is probably better than double-free or undefined behaviour.
