Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Rollup of 10 pull requests #96824

Merged
merged 21 commits into from
May 8, 2022
Merged

Rollup of 10 pull requests #96824

merged 21 commits into from
May 8, 2022

Conversation

matthiaskrgr
Copy link
Member

Successful merges:

Failed merges:

r? @ghost
@rustbot modify labels: rollup

Create a similar rollup

Noratrieb and others added 21 commits April 23, 2022 13:42
It previously linked to the unstable const-mut-cast method instead of
the `mut` counterpart for `as_ref`.
The security example shows that `env::current_exe` will return the
path used when the program was started. This is not really surprising
considering how hard links work: after `ln foo bar`, the two files are
_equivalent_. It is _not_ the case that `bar` is a “link” to `foo`,
nor is `foo` a link to `bar`. They are simply two names for the same
underlying data.

The security vulnerability linked to seems to be different: there an
attacker would start a SUID binary from a directory under the control
of the attacker. The binary would respawn itself by executing the
program found at `/proc/self/exe` (which the attacker can control).
This is a real problem. In my opinion, the example given here doesn’t
really show the same problem, it just shows a misunderstanding of what
hard links are.

I looked through the history a bit and found that the example was
introduced in rust-lang#33526. That PR actually has two commits, and the
first (8478d48) explains the race
condition at the root of the linked security vulnerability. The second
commit proceeds to replace the explanation with the example we have
today.

This commit reverts most of the second commit from rust-lang#33526.
This happened because the `SYSROOT` variable was set for `x test`, but not `x build`.
Set it consistently for both to avoid unnecessary rebuilds.
`run-pass` produces a JSON file when enabling save analysis.
…-ptr-as_ref, r=JohnTitor

Link to correct `as_mut` in docs for `pointer::as_ref`

It previously linked to the unstable const-mut-cast method instead of
the `mut` counterpart for `as_ref`.

Closes rust-lang#96327
Add aliases for std::fs::canonicalize

The aliases are `realpath` and `GetFinalPathNameByHandle` which are explicitly mentioned in `canonicalize`'s documentation.
…k-Simulacrum

Add regression test

fixes rust-lang#69785

This issue seems to have been fixed in the meantime.
…ark-Simulacrum

Remove hard links from `env::current_exe` security example

The security example shows that `env::current_exe` will return the path used when the program was started. This is not really surprising considering how hard links work: after `ln foo bar`, the two files are _equivalent_. It is _not_ the case that `bar` is a “link” to `foo`, nor is `foo` a link to `bar`. They are simply two names for the same underlying data.

The security vulnerability linked to seems to be different: there an attacker would start a SUID binary from a directory under the control of the attacker. The binary would respawn itself by executing the program found at `/proc/self/exe` (which the attacker can control). This is a real problem. In my opinion, the example given here doesn’t really show the same problem, it just shows a misunderstanding of what hard links are.

I looked through the history a bit and found that the example was introduced in rust-lang#33526. That PR actually has two commits, and the first (rust-lang@8478d48) explains the race condition at the root of the linked security vulnerability. The second commit proceeds to replace the explanation with the example we have today.

This commit reverts most of the second commit from rust-lang#33526.
…Simulacrum

Add regression and bug tests

this tracks the behaviour from rust-lang#96572 in our test suite
…k-Simulacrum

Enable compiler-docs by default for `compiler`, `codegen`, and `tools` profiles

I had this overridden locally for a while and realized just now it should probably just be a default.
…k-Simulacrum

Don't constantly rebuild clippy on `x test src/tools/clippy`.

This happened because the `SYSROOT` variable was set for `x test`, but not `x build`.
Set it consistently for both to avoid unnecessary rebuilds.

This is a very small step towards rust-lang#76495.
…m-active, r=joshtriplett

Remove `adx_target_feature` feature from active features list

The feature was stabilized in rust-lang#93745
…ysis, r=Mark-Simulacrum

Make the test `check-pass` not to produce a JSON file

`run-pass` produces a JSON file when enabling save analysis.
The original ICE happened on `cargo check`, moreover **without** the `generic_const_exprs` feature, so `check-pass` should be enough.
…riddle

Enforce quote rule for JS source code

We mostly used double quotes but still had a weird mix. This eslint rule will now enforce it.

r? `@notriddle`
@rustbot rustbot added T-compiler Relevant to the compiler team, which will review and decide on the PR/issue. T-libs Relevant to the library team, which will review and decide on the PR/issue. T-rustdoc Relevant to the rustdoc team, which will review and decide on the PR/issue. rollup A PR which is a rollup labels May 7, 2022
@matthiaskrgr
Copy link
Member Author

@bors r+ rollup=never p=10

@bors
Copy link
Contributor

bors commented May 7, 2022

📌 Commit 20ade86 has been approved by matthiaskrgr

@bors bors added the S-waiting-on-bors Status: Waiting on bors to run and complete tests. Bors will change the label on completion. label May 7, 2022
@rust-log-analyzer
Copy link
Collaborator

The job x86_64-gnu-tools failed! Check out the build log: (web) (plain)

Click to see the possible cause of the failure (guessed by this bot)
  IMAGE: x86_64-gnu-tools
##[endgroup]
From https://github.com/rust-lang/rust
 * branch              master     -> FETCH_HEAD
Searching for toolstate changes between 24a0eecf035235fa58c0b10bad1d3665947842e4 and f6513d225b478229c1a76b26662b1935bafbed2a
Rustdoc was updated
##[group]Run src/ci/scripts/verify-channel.sh
src/ci/scripts/verify-channel.sh
shell: /usr/bin/bash --noprofile --norc -e -o pipefail {0}
env:
---
.......... (60/64)
...       (64/64)


/checkout/src/test/rustdoc-gui/search-filter.goml search-filter... FAILED
[ERROR] (line 6) TimeoutError: waiting for selector "#titles" failed: timeout 30000ms exceeded: for command `wait-for: "#titles"`
Build completed unsuccessfully in 0:00:42

@matthiaskrgr
Copy link
Member Author

@bors retry

@bors
Copy link
Contributor

bors commented May 7, 2022

⌛ Testing commit 20ade86 with merge e612ce9...

@bors
Copy link
Contributor

bors commented May 8, 2022

☀️ Test successful - checks-actions
Approved by: matthiaskrgr
Pushing e612ce9 to master...

@bors bors added the merged-by-bors This PR was explicitly merged by bors. label May 8, 2022
@bors bors merged commit e612ce9 into rust-lang:master May 8, 2022
@rustbot rustbot added this to the 1.62.0 milestone May 8, 2022
@rust-timer
Copy link
Collaborator

Finished benchmarking commit (e612ce9): comparison url.

Summary: This benchmark run did not return any relevant results.

If you disagree with this performance assessment, please file an issue in rust-lang/rustc-perf.

@rustbot label: -perf-regression

@matthiaskrgr matthiaskrgr deleted the rollup-silw3ki branch July 30, 2022 10:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
merged-by-bors This PR was explicitly merged by bors. rollup A PR which is a rollup S-waiting-on-bors Status: Waiting on bors to run and complete tests. Bors will change the label on completion. T-compiler Relevant to the compiler team, which will review and decide on the PR/issue. T-libs Relevant to the library team, which will review and decide on the PR/issue. T-rustdoc Relevant to the rustdoc team, which will review and decide on the PR/issue.
Projects
None yet
Development

Successfully merging this pull request may close these issues.