Implement safe io #871
Implement safe io #871
Conversation
A6GibKm
force-pushed
the
safe-io
branch
2 times, most recently
from
1200fdd to
281adac
Compare
|
Added commit descriptions where there were api questions. |
A6GibKm
force-pushed
the
safe-io
branch
4 times, most recently
from
2b2aeee to
b8c5eb6
Compare
|
|
A6GibKm
force-pushed
the
safe-io
branch
2 times, most recently
from
16e67be to
86cfed9
Compare
|
Rebased. There were quite many conflicts so a review would be appreciated. |
|
Is this ready for another review and potentially merging? |
Yes and maybe |
| } | ||
| if self.len > 1 { | ||
| let next = unsafe { self.ptr.as_ptr().add(1) }; | ||
| self.ptr = ptr::NonNull::new(next).unwrap(); |
There was a problem hiding this comment.
This doesn't work, you'll also have to free the original pointer
| len: usize, | ||
| } | ||
|
|
||
| impl Iterator for FdIterator { |
There was a problem hiding this comment.
It would be nice to also implement size_hint() and DoubleEndedIterator and ExactSizeIterator and FusedIterator here
| stderr_fd: V, | ||
| stdin_fd: Option<impl AsFd>, | ||
| stdout_fd: Option<impl AsFd>, | ||
| stderr_fd: Option<impl AsFd>, |
There was a problem hiding this comment.
Option<impl ...> is usually a bad idea. Just try calling this function with a None :)
I think here and in the other APIs using an Option<impl ...> currently you'll have to add a builder pattern instead
| @@ -238,7 +241,7 @@ pub fn compute_checksum_for_string( | |||
|
|
|||
| #[cfg(unix)] | |||
| #[doc(alias = "g_unix_open_pipe")] | |||
| pub fn unix_open_pipe(flags: i32) -> Result<(RawFd, RawFd), Error> { | |||
| pub unsafe fn unix_open_pipe(flags: i32) -> Result<(RawFd, RawFd), Error> { | |||
There was a problem hiding this comment.
Is that compatible with the flags argument that allows setting O_CLOEXEC/FD_CLOEXEC?
There was a problem hiding this comment.
As a prior art rustix::fd::open also returns OwnedFd and allows passing in the CLOEXEC flag.
| @@ -132,7 +135,7 @@ pub fn spawn_async_with_fds<P: AsRef<std::path::Path>, T: AsRawFd, U: AsRawFd, V | |||
| #[cfg(not(windows))] | |||
| #[cfg_attr(docsrs, doc(cfg(not(windows))))] | |||
| #[doc(alias = "g_spawn_async_with_pipes")] | |||
| pub fn spawn_async_with_pipes< | |||
| pub unsafe fn spawn_async_with_pipes< | |||
There was a problem hiding this comment.
Why not make this use the new traits?
| @@ -872,14 +872,14 @@ where | |||
| /// The default main loop almost always is the main loop of the main thread. | |||
| /// Thus, the closure is called on the main thread. | |||
| #[doc(alias = "g_unix_fd_add_full")] | |||
| pub fn unix_fd_add<F>(fd: RawFd, condition: IOCondition, func: F) -> SourceId | |||
There was a problem hiding this comment.
I think these functions all need to be unsafe actually. impl AsFd is correct but it's up to the caller to ensure that the fd is valid long enough
For the from_owned_fd it might make sense to implement From or replace the unsafe from_fd/take_fd methods.
|
Perhaps we could split this into smaller chunks. |
|
Go for it, or maybe @nagisa wants to take this over to bring it over the finish line? |
Needs reviewing
Stuff thats missing