-
Notifications
You must be signed in to change notification settings - Fork 511
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
I/O Safety #1622
Comments
I had a brief look, but I don't think there's any relevant work for the windows-rs project at this time. |
The I/O safety feature has features intended to be useful in this use case, so I'm curious about whether you're thinking this isn't relevant at this time, or whether you see a reason they won't be a good fit in the future either. It is at least the case that the I/O safety APIs aren't stable yet. They are currently expected to be stable in Rust 1.63 which won't be released until next month. And of course, even when it's stable, there will be MSRV concerns. But other than those, I'm curious if there are other concerns here. |
No concerns just don't really see an obvious application at this level, but time will tell. The |
As a few examples, Rust's internal FFI bindings are using |
windows-rs recently gained a generic You wouldn't normally want to return |
pub unsafe fn ReadFile<'a, Param0: IntoParam<'a, HANDLE>>(
hfile: Param0,
lpbuffer: *mut c_void,
nnumberofbytestoread: u32,
lpnumberofbytesread: *mut u32,
lpoverlapped: *mut OVERLAPPED
) -> BOOL It looks like functions like this could use In window-sys, pub unsafe extern "system" fn ReadFile(
hfile: HANDLE,
lpbuffer: *mut c_void,
nnumberofbytestoread: u32,
lpnumberofbytesread: *mut u32,
lpoverlapped: *mut OVERLAPPED
) -> BOOL Except for the One option would be to add a "std" feature where the std types are used, and then have windows-sys define its own version of the types in
I have this concern too. It may not have this information now, but this might be something worth thinking about. |
The metadata does indeed include this information, which is where the windows crate gets it from. |
I thought the generic |
There's no generic windows-rs/crates/libs/bindgen/src/handles.rs Lines 25 to 56 in 56f7799
For example, here's the metadata for [RAIIFree("CloseHandle")]
[InvalidHandleValue(-1L)]
[InvalidHandleValue(0L)]
[NativeTypedef]
public struct HANDLE
{
public IntPtr Value;
} |
Sorry, I worded that badly. The
|
To put it another way, for
But this information is not in the metadata: [DllImport("KERNEL32", ExactSpelling = true, PreserveSig = false, SetLastError = true)]
[SupportedOSPlatform("windows5.1.2600")]
public unsafe static extern HANDLE CreateFileW([In][Const] PWSTR lpFileName, [In] FILE_ACCESS_FLAGS dwDesiredAccess, [In] FILE_SHARE_MODE dwShareMode, [Optional][In] SECURITY_ATTRIBUTES* lpSecurityAttributes, [In] FILE_CREATION_DISPOSITION dwCreationDisposition, [In] FILE_FLAGS_AND_ATTRIBUTES dwFlagsAndAttributes, [Optional][In] HANDLE hTemplateFile); So windows-rs essentially tests both The |
That function returns a HANDLE, which is annotated with that information. The InvalidHandleValue attribute indicates which values are considered invalid. You should not be comparing that to docs. If CreateFile had incompatible sentinel values, it would have had its return type changed in metadata so that we could annotate it correctly. |
Right, I'm explaining why windows-rs could not use the To put it simply, Whereas |
What I'm saying is your belief that |
I did not express such a belief. Again, I'm trying to explain why windows-rs could not use I'm sorry, but I'm unsure how else to state this more clearly. |
I must have taken a wrong turn somewhere then, my mistake/ignore me! |
Just a reminder to consider how we might integrate or leverage the concepts behind the I/O Safety RFC.
rust-lang/rust#87074
The text was updated successfully, but these errors were encountered: