3944 Commits

Author SHA1 Message Date
Dylan DPC
75023d61a1
Rollup merge of #103379 - cuviper:truncate-thread-name, r=thomcc
Truncate thread names on Linux and Apple targets

These targets have system limits on the thread names, 16 and 64 bytes
respectively, and `pthread_setname_np` returns an error if the name is
longer. However, we're not in a context that can propagate errors when
we call this, and we used to implicitly truncate on Linux with `prctl`,
so now we manually truncate these names ahead of time.

r? ``````@thomcc``````
2022-10-25 14:43:15 +05:30
Yuki Okushi
a710f56e7d
Rollup merge of #103466 - jruderman:patch-2, r=Dylan-DPC
Fix grammar in docs for std::io::Read

Two independent clauses were incorrectly joined by a bare comma. The simplest fix would be to switch to a semicolon, but I think it's slightly better to keep the comma and use the coordinating conjunction "so".
2022-10-24 19:32:29 +09:00
Yuki Okushi
413380fc20
Rollup merge of #103277 - thomcc:bump-libc-135, r=Mark-Simulacrum
Update libstd's libc to 0.2.135 (to make `libstd` no longer pull in `libiconv.dylib` on Darwin)

This is to pull in https://github.com/rust-lang/libc/pull/2944.

It's related to https://github.com/rust-lang/rust/pull/102766, in that they both remove unused dylibs from libstd on Darwin platforms. As a result, I'm marking this as relnotes since everybody agreed it was good to add it to the other as well. (The note should be about no longer linking against libiconv -- the libc update is irrelevant).

Might as well have the same reviewer too.

r? `@Mark-Simulacrum`
2022-10-24 19:32:27 +09:00
Yuki Okushi
413a82051d
Rollup merge of #102766 - thomcc:remove-resolv, r=Mark-Simulacrum
Don't link to `libresolv` in libstd on Darwin

Currently we link `libresolv` into every Rust program on apple targets despite never using it (as of https://github.com/rust-lang/rust/pull/44965). I had thought we needed this for `getaddrinfo` or something, but we do not / cannot safely use it.

I'd like to fix this for `libiconv` too (the other library we pull in. that's harder since it's coming in through `libc`, which is https://github.com/rust-lang/libc/pull/2944)).

---

This may warrant release notes. I'm not sure but I've added the flag regardless -- It's a change to the list of dylibs every Rust program pulls in, so it's worth mentioning.

It's pretty unlikely anybody was relying on this being pulled in, and `std` does not guarantee that it will link (and thus transitively provide access to) any particular system library -- anybody relying on that behavior would already be broken when dynamically linking std. That is, there's an outside chance something will fail to link on macOS and iOS because it was accidentally relying on our unnecessary dependency.

(If that *does* happen, that project could be easily fixed by linking libresolv explicitly on those platforms, probably via `#[link(name = "resolv")] extern {}`,` -Crustc-link-lib=resolv`, `println!("cargo:rustc-link-lib=resolv")`, or one of several places in `.config/cargo.toml`)

---

I'm also going to preemptively add the nomination for discussing this in the libs meeting. Basically: Do we care about programs that assume we will bring libraries in that we do not use. `libresolv` and `libiconv` on macOS/iOS are in this camp (`libresolv` because we used to use it, and `libiconv` because the `libc` crate was unintentionally(?) pulling it in to every Rust program).

I'd like to remove them both, but this may cause link issues programs that are relying on `std` to depend on them transitively. (Relying on std for this does not work in all build configurations, so this seems very fragile, and like a use case we should not support).

More generally, IMO we should not guarantee the specific set of system-provided libraries we use (beyond what is implied by an OS version requirement), which means we'd be free to remove this cruft.
2022-10-24 19:32:27 +09:00
Yuki Okushi
c1f9d985d7
Rollup merge of #102271 - lopopolo:lopopolo/stabilize-duration-try-from-secs-float, r=dtolnay
Stabilize `duration_checked_float`

## Stabilization Report

This stabilization report is for a stabilization of `duration_checked_float`, tracking issue: https://github.com/rust-lang/rust/issues/83400.

### Implementation History

- https://github.com/rust-lang/rust/pull/82179
- https://github.com/rust-lang/rust/pull/90247
- https://github.com/rust-lang/rust/pull/96051
- Changed error type to `FromFloatSecsError` in https://github.com/rust-lang/rust/pull/90247
- https://github.com/rust-lang/rust/pull/96051 changes the rounding mode to round-to-nearest instead of truncate.

## API Summary

This stabilization report proposes the following API to be stabilized in `core`, along with their re-exports in `std`:

```rust
// core::time

impl Duration {
    pub const fn try_from_secs_f32(secs: f32) -> Result<Duration, TryFromFloatSecsError>;
    pub const fn try_from_secs_f64(secs: f64) -> Result<Duration, TryFromFloatSecsError>;
}

#[derive(Debug, Clone, PartialEq, Eq)]
pub struct TryFromFloatSecsError { ... }

impl core::fmt::Display for TryFromFloatSecsError { ... }
impl core::error::Error for TryFromFloatSecsError { ... }
```

These functions are made const unstable under `duration_consts_float`, tracking issue #72440.

There is an open question in the tracking issue around what the error type should be called which I was hoping to resolve in the context of an FCP.

In this stabilization PR, I have altered the name of the error type to `TryFromFloatSecsError`. In my opinion, the error type shares the name of the method (adjusted to accommodate both types of floats), which is consistent with other error types in `core`, `alloc` and `std` like `TryReserveError` and `TryFromIntError`.

## Experience Report

Code such as this is ready to be converted to a checked API to ensure it is panic free:

```rust
impl Time {
    pub fn checked_add_f64(&self, seconds: f64) -> Result<Self, TimeError> {
        // Fail safely during `f64` conversion to duration
        if seconds.is_nan() || seconds.is_infinite() {
            return Err(TzOutOfRangeError::new().into());
        }

        if seconds.is_sign_positive() {
            self.checked_add(Duration::from_secs_f64(seconds))
        } else {
            self.checked_sub(Duration::from_secs_f64(-seconds))
        }
    }
}
```

See: https://github.com/artichoke/artichoke/issues/2194.

`@rustbot` label +T-libs-api -T-libs

cc `@mbartlett21`
2022-10-24 19:32:26 +09:00
Jesse Ruderman
f53b32288c
Fix grammar in docs for std::io::Read 2022-10-24 01:06:34 -07:00
Michael Howell
23d1b05726
Rollup merge of #103005 - solid-rs:patch/kmc-solid/readdir-terminator, r=m-ou-se
kmc-solid: Handle errors returned by `SOLID_FS_ReadDir`

Fixes the issue where the `std::fs::ReadDir` implementaton of the [`*-kmc-solid_*`](https://doc.rust-lang.org/nightly/rustc/platform-support/kmc-solid.html) Tier 3 targets silently suppressed errors returned by the underlying `SOLID_FS_ReadDir` system function. The new implementation correctly handles all cases:

- `SOLID_ERR_NOTFOUND` indicates the end of directory stream.
- `SOLID_ERR_OK` + non-empty `d_name` indicates success.
- Some old filesystem drivers may return `SOLID_ERR_OK` + empty `d_name` to indicate the end of directory stream.
- Any other negative values (per ITRON convention) represent an error.
2022-10-23 14:48:15 -07:00
Michael Howell
214fa9fb9c
Rollup merge of #101644 - Timmmm:file_permissions_docs, r=thomcc
Document surprising and dangerous fs::Permissions behaviour on Unix

This documents the very surprising behaviour that `set_readonly(false)` will make a file *world writable* on Unix. I would go so far as to say that this function should be deprecated on Unix, or maybe even entirely. But documenting the bad behaviour is a good first step.

Fixes #74895
2022-10-23 14:48:14 -07:00
bors
7fcf850d79 Auto merge of #103137 - dtolnay:readdir, r=Mark-Simulacrum
Eliminate 280-byte memset from ReadDir iterator

This guy:

1536ab1b38/library/std/src/sys/unix/fs.rs (L589)

It turns out `libc::dirent64` is quite big&mdash;https://docs.rs/libc/0.2.135/libc/struct.dirent64.html. In #103135 this memset accounted for 0.9% of the runtime of iterating a big directory.

Almost none of the big zeroed value is ever used. We memcpy a tiny prefix (19 bytes) into it, and then read just 9 bytes (`d_ino` and `d_type`) back out. We can read exactly those 9 bytes we need directly from the original entry_ptr instead.

## History

This code got added in #93459 and tweaked in #94272 and #94750.

Prior to #93459, there was no memset but a full 280 bytes were being copied from the entry_ptr.

<table><tr><td>copy 280 bytes</td></tr></table>

This was not legal because not all of those bytes might be initialized, or even allocated, depending on the length of the directory entry's name, leading to a segfault. That PR fixed the segfault by creating a new zeroed dirent64 and copying just the guaranteed initialized prefix into it.

<table><tr><td>memset 280 bytes</td><td>copy 19 bytes</td></tr></table>

However this was still buggy because it used `addr_of!((*entry_ptr).d_name)`, which is considered UB by Miri in the case that the full extent of entry_ptr is not in bounds of the same allocation. (Arguably this shouldn't be a requirement, but here we are.)

The UB got fixed by #94272 by replacing `addr_of` with some pointer manipulation based on `offset_from`, but still fundamentally the same operation.

<table><tr><td>memset 280 bytes</td><td>copy 19 bytes</td></tr></table>

Then #94750 noticed that only 9 of those 19 bytes were even being used, so we could pick out only those 9 to put in the ReadDir value.

<table><tr><td>memset 280 bytes</td><td>copy 19 bytes</td><td>copy 9 bytes</td></tr></table>

After my PR we just grab the 9 needed bytes directly from entry_ptr.

<table><tr><td>copy 9 bytes</td></tr></table>

The resulting code is more complex but I believe still worthwhile to land for the following reason. This is an extremely straightforward thing to accomplish in C and clearly libc assumes that; literally just `entry_ptr->d_name`. The extra work in comparison to accomplish it in Rust is not an example of any actual safety being provided by Rust. I believe it's useful to have uncovered that and think about what could be done in the standard library or language to support this obvious operation better.

## References

- https://man7.org/linux/man-pages/man3/readdir.3.html
2022-10-23 18:55:40 +00:00
Josh Stone
15cfeb33b0 Only test pthread_getname_np on linux-gnu 2022-10-23 11:53:39 -07:00
Dylan DPC
b4536943e3
Rollup merge of #103360 - ChrisDenton:isterm-filetype, r=thomcc
Reduce false positives in msys2 detection

Currently msys2 will be detected by getting the file path and looking to see if it contains the substrings "msys-" and "-ptr" (or "cygwin-" and "-pty"). This risks false positives, especially with filesystem files and if `GetFileInformationByHandleEx` returns a [full path](https://learn.microsoft.com/en-us/windows-hardware/drivers/ddi/ntifs/nf-ntifs-ntqueryinformationfile#remarks).

This PR adds a check to see if the handle is a pipe before doing the substring search. Additionally, for "msys2-" or "cygwin-" it only checks if the file name starts with the substring rather than looking at the whole path.
2022-10-22 16:28:09 +05:30
Josh Stone
12e45846eb Move truncation next to other thread tests for tidy 2022-10-21 18:13:22 -07:00
Josh Stone
7280f3d28a Truncate thread names on Linux and Apple targets
These targets have system limits on the thread names, 16 and 64 bytes
respectively, and `pthread_setname_np` returns an error if the name is
longer. However, we're not in a context that can propagate errors when
we call this, and we used to implicitly truncate on Linux with `prctl`,
so now we manually truncate these names ahead of time.
2022-10-21 17:44:35 -07:00
bors
57e2c06a8d Auto merge of #101077 - sunshowers:signal-mask-inherit, r=sunshowers
Change process spawning to inherit the parent's signal mask by default

Previously, the signal mask was always reset when a child process is
started. This breaks tools like `nohup` which expect `SIGHUP` to be
blocked for all transitive processes.

With this change, the default behavior changes to inherit the signal mask.

This also changes the signal disposition for `SIGPIPE` to only be changed if the `#[unix_sigpipe]` attribute isn't set.
2022-10-21 18:09:03 +00:00
Chris Denton
d7b0bcb20f
Reduce false positives in msys2 detection
This checks that:

* the handle is a pipe
* the pipe's file name starts with "msys-" or "cygwin-" rather than looking in the full path.
2022-10-21 18:06:12 +01:00
bors
b1ab3b738a Auto merge of #103308 - sunfishcode:sunfishcode/wasi-io-safety, r=joshtriplett
Mark `std::os::wasi::io::AsFd` etc. as stable.

io_safety was stabilized in Rust 1.63, so mark the io_safety exports in `std::os::wasi::io` as stable.

Fixes #103306.
2022-10-21 04:05:02 +00:00
Rain
a52c79e859 Change process spawning to inherit the parent's signal mask by default
Previously, the signal mask is always reset when a child process is
started. This breaks tools like `nohup` which expect `SIGHUP` to be
blocked.

With this change, the default behavior changes to inherit the signal mask.

This also changes the signal disposition for `SIGPIPE` to only be
changed if the `#[unix_sigpipe]` attribute isn't set.
2022-10-20 14:53:38 -07:00
Dan Gohman
7ac645a565 Make the whole std::os::wasi::io module stable. 2022-10-20 14:31:11 -07:00
Dan Gohman
e56b84e844 Mark std::os::wasi::io::AsFd etc. as stable.
io_safety was stabilized in Rust 1.63, so mark the io_safety exports in
`std::os::wasi::io` as stable.

Fixes #103306.
2022-10-20 08:04:19 -07:00
John Higgins
a3ccb193be
Fixed docs typo in library/std/src/time.rs 2022-10-19 21:49:29 -07:00
Thom Chiovoloni
4b66432268
Update libstd's libc to 0.2.135 2022-10-19 17:54:55 -07:00
bors
e94827e5b0 Auto merge of #103188 - JohnTitor:rollup-pwilam1, r=JohnTitor
Rollup of 6 pull requests

Successful merges:

 - #103023 (Adding `fuchsia-ignore` and `needs-unwind` to compiler test cases)
 - #103142 (Make diagnostic for unsatisfied `Termination` bounds more precise)
 - #103154 (Fix typo in `ReverseSearcher` docs)
 - #103159 (Remove the redundant `Some(try_opt!(..))` in `checked_pow`)
 - #103163 (Remove all uses of array_assume_init)
 - #103168 (Stabilize asm_sym)

Failed merges:

r? `@ghost`
`@rustbot` modify labels: rollup
2022-10-18 13:35:43 +00:00
bors
21b246587c Auto merge of #103075 - SUPERCILEX:miri-metadata, r=thomcc
Support DirEntry metadata calls in miri

This should work as it uses lstat64 which is supported here: ~d9ad25ee4b/src/shims/unix/macos/foreign_items.rs (L42~) just noticed that's macos, linux would be using statx: 86f0e63b21/src/shims/unix/linux/foreign_items.rs (L112)

The failing syscall is `dirfd`, so maybe that should actually be added to the shims?
2022-10-18 10:54:53 +00:00
León Orell Valerian Liehr
684df4d24e
Make diagnostic for unsatisfied Termination bounds more precise 2022-10-17 12:08:46 +02:00
David Tolnay
0bb6eb1526
Eliminate 280-byte memset from ReadDir iterator 2022-10-16 23:43:35 -07:00
Alex Saveau
727335878d
Support DirEntry metadata calls in miri
Signed-off-by: Alex Saveau <saveau.alexandre@gmail.com>
2022-10-16 12:14:27 -07:00
bors
ddc7fd9837 Auto merge of #100579 - joboet:sync_mutex_everywhere, r=thomcc
std: use `sync::Mutex` for internal statics

Since `sync::Mutex` is now `const`-constructible, it can be used for internal statics, removing the need for `sys_common::StaticMutex`. This adds some extra allocations on platforms which need to box their mutexes (currently SGX and some UNIX), but these will become unnecessary with the lock improvements tracked in #93740.

I changed the program argument implementation on Hermit, it does not need `Mutex` but can use atomics like some UNIX systems (ping `@mkroening` `@stlankes).`
2022-10-15 22:49:30 +00:00
Ryan Lopopolo
95040a70d7
Stabilize duration_checked_float
Tracking issue:

- https://github.com/rust-lang/rust/issues/83400
2022-10-15 12:02:13 -07:00
Dylan DPC
cbe5e7bc62
Rollup merge of #102773 - joboet:apple_parker, r=thomcc
Use semaphores for thread parking on Apple platforms

Currently we use a mutex-condvar pair for thread parking on Apple systems. Unfortunately, `pthread_cond_timedwait` uses the real-time clock for measuring time, which causes problems when the system time changes. The parking implementation in this PR uses a semaphore instead, which measures monotonic time by default, avoiding these issues. As a further benefit, this has the potential to improve performance a bit, since `unpark` does not need to wait for a lock to be released.

Since the Mach semaphores are poorly documented (I could not find availability or stability guarantees for instance), this uses a [dispatch semaphore](https://developer.apple.com/documentation/dispatch/dispatch_semaphore?language=objc) instead. While it adds a layer of indirection (it uses Mach semaphores internally), the overhead is probably negligible.

Tested on macOS 12.5.

r? ``````@thomcc``````
2022-10-15 15:45:30 +05:30
bors
8154955321 Auto merge of #98033 - joshtriplett:is-terminal-fd-handle, r=thomcc
Add `IsTerminal` trait to determine if a descriptor or handle is a terminal

The UNIX implementation uses `isatty`. The Windows implementation uses
the same logic the `atty` crate uses, including the hack needed to
detect msys terminals.

Implement this trait for `Stdin`/`Stdout`/`Stderr`/`File` on all
platforms. On Unix, implement it for `BorrowedFd`/`OwnedFd`. On Windows,
implement it for `BorrowedHandle`/`OwnedHandle`.

Based on https://github.com/rust-lang/rust/pull/91121

Co-authored-by: Matt Wilkinson <mattwilki17@gmail.com>
2022-10-15 01:42:28 +00:00
Josh Triplett
97d438cd31 Use Align8 to avoid misalignment if the allocator or Vec doesn't align allocations 2022-10-15 00:35:39 +01:00
Josh Triplett
6a79da9ab7 Rewrite FILE_NAME_INFO handling to avoid enlarging slice reference
Rather than referencing a slice's pointer and then creating a new slice
with a longer length, offset from the base structure pointer instead.
This makes some choices of Rust semantics happier.
2022-10-15 00:35:39 +01:00
Josh Triplett
e25fe564d1 Make is_terminal fail fast if a process has no console at all
If a process has no console, it'll have NULL in place of a console
handle, so return early with `false` in that case without making any OS
calls.
2022-10-15 00:35:38 +01:00
Josh Triplett
326ef470a8 Add IsTerminal trait to determine if a descriptor or handle is a terminal
The UNIX and WASI implementations use `isatty`. The Windows
implementation uses the same logic the `atty` crate uses, including the
hack needed to detect msys terminals.

Implement this trait for `File` and for `Stdin`/`Stdout`/`Stderr` and
their locked counterparts on all platforms. On UNIX and WASI, implement
it for `BorrowedFd`/`OwnedFd`. On Windows, implement it for
`BorrowedHandle`/`OwnedHandle`.

Based on https://github.com/rust-lang/rust/pull/91121

Co-authored-by: Matt Wilkinson <mattwilki17@gmail.com>
2022-10-15 00:35:38 +01:00
Matthias Krüger
a96f1a8a1e
Rollup merge of #103067 - Nilstrieb:tidy-likes-the-alphabet, r=jackh726
More alphabetical sorting

Sort and enforce a few more things. The biggest change here is sorting all target features.
2022-10-14 23:43:46 +02:00
Matthias Krüger
d47b755683
Rollup merge of #103017 - fortanix:raoul/sgx_tls_fix, r=ChrisDenton
Avoid dropping TLS Key on sgx

#102655 reenabled dropping thread local `Key` on every platform ([library/std/src/sys_common/thread_local_key.rs](fa0ca783f8 (diff-5cb9acf9e243f35c975fa9fbac4885519dc104626bc03610dfa7a20bc79641ceL237-R215))). That's causing problems at least for sgx.

cc: `@jethrogb` `@ChrisDenton`
2022-10-14 23:43:43 +02:00
Matthias Krüger
fbb0c31544
Rollup merge of #102781 - StackOverflowExcept1on:master, r=joshtriplett
Improved documentation for `std::io::Error`
2022-10-14 23:43:43 +02:00
nils
b00cb04037
Sort target features alphabetically 2022-10-14 22:01:18 +02:00
nils
3c0062641d
Add some tidy-alphabetical 2022-10-14 21:18:03 +02:00
bors
5819f419a7 Auto merge of #102783 - RalfJung:tls, r=thomcc
sync thread_local key conditions exactly with what the macro uses

This makes the `cfg` in `mod.rs` syntactically the same as those in `local.rs`.

I don't think this should actually change anything, but seems better to be consistent?
I looked into this due to https://github.com/rust-lang/rust/issues/102549, but this PR would make it *less* likely that `__OsLocalKeyInner` is going to get provided, so this cannot help with that issue.

r? `@thomcc`
2022-10-14 16:43:46 +00:00
Raoul Strackx
c46185bea0 Bugfix: keep TLS data in sync 2022-10-14 17:07:18 +02:00
Josh Triplett
f95e853222
Tweak grammar 2022-10-14 12:17:07 +01:00
Dylan DPC
77064b7f0a
Rollup merge of #103018 - Rageking8:more-dupe-word-typos, r=TaKO8Ki
More dupe word typos

I only picked those changes (from the regex search) that I am pretty certain doesn't change meaning and is just a typo fix. Do correct me if any fix is undesirable and I can revert those. Thanks.
2022-10-14 16:19:15 +05:30
Dylan DPC
b03bece6f3
Rollup merge of #102847 - joshtriplett:bugfix-impl-fd-traits-for-io-types, r=m-ou-se
impl AsFd and AsRawFd for io::{Stdin, Stdout, Stderr}, not the sys versions

https://github.com/rust-lang/rust/pull/100892 implemented AsFd for the
sys versions, rather than for the public types. Change the
implementations to apply to the public types.
2022-10-14 16:19:12 +05:30
Rageking8
7122abaddf more dupe word typos 2022-10-14 12:57:56 +08:00
Dylan DPC
376c81c94a
Rollup merge of #102854 - semarie:openbsd-immutablestack, r=m-ou-se
openbsd: don't reallocate a guard page on the stack.

the kernel currently enforce that a stack is immutable. calling mmap(2) or  mprotect(2) to change it will result in EPERM, which generate a panic!().

so just do like for Linux, and trust the kernel to do the right thing.
2022-10-13 18:19:19 +05:30
Ralf Jung
594838d132 smarter way to avoid 'unused' warning when building for tests 2022-10-13 14:09:08 +02:00
Ralf Jung
600ac6959a sync thread_local key conditions exactly with what the macro uses 2022-10-13 14:09:08 +02:00
joboet
2d2c9e4493
std: use sync::Mutex for internal statics 2022-10-13 12:55:14 +02:00
bors
fa0ca783f8 Auto merge of #102655 - joboet:windows_tls_opt, r=ChrisDenton
Optimize TLS on Windows

This implements the suggestion in the current TLS code to embed the linked list of destructors in the `StaticKey` structure to save allocations. Additionally, locking is avoided when no destructor needs to be run. By using one Windows-provided `Once` per key instead of a global lock, locking is more finely-grained (this unblocks #100579).
2022-10-13 06:49:29 +00:00