mikros/rust
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

wording; and explain some of the possible consequences of violating io-safety

Browse Source
This commit is contained in:
Ralf Jung 2023-08-14 08:59:37 +02:00
parent 334a54cd83
commit 55f18beddd
3 changed files with 9 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
library/std/src/io/mod.rs
View File

@ -245,7 +245,7 @@
//! subsume similar concepts that exist across a wide range of operating systems even if they might //! subsume similar concepts that exist across a wide range of operating systems even if they might
//! use a different name, such as "handle".) An exclusively owned file descriptor is one that no //! use a different name, such as "handle".) An exclusively owned file descriptor is one that no
//! other code is allowed to close, but the owner is allowed to close it any time. A type that owns //! other code is allowed to close, but the owner is allowed to close it any time. A type that owns
//! its file descriptor should close it in its `drop` function. Types like [`File`] generally own //! its file descriptor should usually close it in its `drop` function. Types like [`File`] generally own
//! their file descriptor. Similarly, file descriptors can be *borrowed*. This indicates that the //! their file descriptor. Similarly, file descriptors can be *borrowed*. This indicates that the
//! file descriptor will not be closed for the lifetime of the borrow, but it does *not* imply any //! file descriptor will not be closed for the lifetime of the borrow, but it does *not* imply any
//! right to close this file descriptor, since it will likely be owned by someone else. //! right to close this file descriptor, since it will likely be owned by someone else.
@ -257,6 +257,12 @@
//! other words, a safe function that takes a regular integer, treats it as a file descriptor, and //! other words, a safe function that takes a regular integer, treats it as a file descriptor, and
//! closes it, is *unsound*. //! closes it, is *unsound*.
//! //!
//! Not upholding I/O safety and closing a file descriptor without proof of ownership can lead to
//! misbehavior and even Undefined Behavior in code that relies on ownership of its file
//! descriptors: the closed file descriptor could be re-allocated to some other library (such as the
//! allocator or a memory mapping library) and now accessing the file descriptor will interfere in
//! arbitrarily destructive ways with that other library.
//!
//! Note that this does not talk about performing other operations on the file descriptor, such as //! Note that this does not talk about performing other operations on the file descriptor, such as
//! reading or writing. For example, on Unix, the [`OwnedFd`] and [`BorrowedFd`] types from the //! reading or writing. For example, on Unix, the [`OwnedFd`] and [`BorrowedFd`] types from the
//! standard library do *not* exclude that there is other code that reads or writes the same //! standard library do *not* exclude that there is other code that reads or writes the same

2
library/std/src/os/unix/io/mod.rs
View File

@ -6,7 +6,7 @@
//! //!
//! This module provides three types for representing file descriptors, //! This module provides three types for representing file descriptors,
//! with different ownership properties: raw, borrowed, and owned, which are //! with different ownership properties: raw, borrowed, and owned, which are
//! analogous to types used for representing pointers. These types realize the Unix version of [I/O safety]. //! analogous to types used for representing pointers. These types reflect the Unix version of [I/O safety].
//! //!
//! | Type | Analogous to | //! | Type | Analogous to |
//! | ------------------ | ------------ | //! | ------------------ | ------------ |

2
library/std/src/os/windows/io/mod.rs
View File

@ -6,7 +6,7 @@
//! //!
//! This module provides three types for representing raw handles and sockets //! This module provides three types for representing raw handles and sockets
//! with different ownership properties: raw, borrowed, and owned, which are //! with different ownership properties: raw, borrowed, and owned, which are
//! analogous to types used for representing pointers. These types realize the Windows version of [I/O safety]. //! analogous to types used for representing pointers. These types reflect the Windows version of [I/O safety].
//! //!
//! | Type | Analogous to | //! | Type | Analogous to |
//! | ---------------------- | ------------ | //! | ---------------------- | ------------ |