And make `core:terminal` use it so that `core:log` can be imported with `-default-to-nil-allocator`,
in which the actual allocator is set up in `main()`.
Windows was tricky because of the utf-8 <> utf-16 conversion, so we use some temporary stack buffers for that purpose,
limiting the non-allocating version there to 512 utf-16 characters each for the key and environment value.
In general the value is (obviously) limited to the size of the supplied buffer, and a `.Buffer_Full` error is returned
if that buffer is insufficient. If the key is not found, the procedure returns `.Env_Var_Not_Found`.
TODO:
- Factor out buffer-backed utf8 + utf16 conversion to `core:sys/util` to more easily apply this pattern.
- Add similar `lookup_env` and `get_env` procedures to `core:os/os2`.
Fixes#5336
This test harness ensures consistent non-blocking semantics and
validates that we have solved the toctou condition.
The __global_context_for_test is a bit of a hack to fuse together the
test supplied proc and the executing logic in packaage chan.
This is necessary because we need to allow the test guarantee against a
rare condition: where a third-party thread steals a value between the
validity checks can_{send,recv} and the channel operation
try_{send,recv}.
Fixes a TOCTOU where the channel could be used between the call to
can_{recv,send} and {recv,send} causing an unexpected blocking
operation.
To do this we use the non-blocking try_{recv,send} and retry the check
in a loop. This guarantees non-blocking select behaviour, at the cost of
spinning if the input channels are highly contended.
Signed-off-by: Jack Mordaunt <jackmordaunt.dev@gmail.com>
This follows the convention where non-blocking operations are prefixed
with "try" to indicate as much.
Since select_raw in it's current form doesn't block, it should be
try_select_raw, and allow select_raw to name a blocking implementation.
This fixes a flaw in the original implementation: the returned index is
actually useless to the caller.
This is because the index returned refers to the internal "candidate"
list. This list is dynamic, and may not have all of the input channels
(if they weren't ready according to chan.can_{recv,send}). That means
the index is not guaranteed to mean anything to the caller.
The fix introduced here is to return the index into the input slice
(recvs,sends) and an enum to specify which input slice that is.
If no selection was made, then (-1, .None) is returned to communicate as
much.
Signed-off-by: Jack Mordaunt <jackmordaunt.dev@gmail.com>
1. store alignment instead of original pointer
2. implement .Query_Info
3. poison the header and alignment portion of the allocation
4. .Resize uses `max(orig_alignment, new_alignment)` as it's alignment
now
5. .Free passes along the original alignment
free on tlsf poisons the entire block, while alloc might only unpoison a
part of it (cause it's size is aligned up). This causes free to
potentially poison an already poisoned portion, which is a
use-after-poison.
Because this is "fine" and intended, I opted to just
@no_sanitize_address it.
