Commit Graph

5141 Commits

Author SHA1 Message Date
Chris Denton
ad12be3668
allow clippy style in windows/c.rs
We intentional use the Windows API style here.
2023-11-22 00:14:46 +00:00
Nilstrieb
6bb671e7e8
Rollup merge of #117790 - rcvalle:rust-cfi-fix-000000, r=workingjubilee
CFI: Add missing use core::ffi::c_int

Adds missing use core::ffi::c_int for when sanitizer_cfi_normalize_integers is defined.
2023-11-21 09:06:27 +01:00
Michael Goulet
6d33e900d8
Rollup merge of #117957 - the8472:pidfd-wait, r=Mark-Simulacrum
if available use a Child's pidfd for kill/wait

This should get us closer to stabilization of pidfds since they now do something useful. And they're `CLOEXEC` now.

```
$ strace -ffe clone,sendmsg,recvmsg,execve,kill,pidfd_open,pidfd_send_signal,waitpid,waitid ./x test std --no-doc -- pidfd

[...]
running 1 tests
strace: Process 816007 attached
[pid 816007] pidfd_open(816006, 0)      = 3
[pid 816007] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x7f0c6b787990) = 816008
strace: Process 816008 attached
[pid 816007] recvmsg(3,  <unfinished ...>
[pid 816008] pidfd_open(816008, 0)      = 3
[pid 816008] sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="", iov_len=0}], msg_iovlen=1, msg_control=[{cmsg_len=20, cmsg_level=SOL_SOCKET, cmsg_type=SCM_RIGHTS, cmsg_data=[3]}], msg_controllen=24, msg_flags=0}, 0) = 0
[pid 816007] <... recvmsg resumed>{msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="", iov_len=0}], msg_iovlen=1, msg_control=[{cmsg_len=20, cmsg_level=SOL_SOCKET, cmsg_type=SCM_RIGHTS, cmsg_data=[4]}], msg_controllen=24, msg_flags=MSG_CMSG_CLOEXEC}, MSG_CMSG_CLOEXEC) = 0
[pid 816008] execve("/usr/bin/false", ["false"], 0x7ffcf2100048 /* 105 vars */) = 0
[pid 816007] waitid(P_PIDFD, 4,  <unfinished ...>
[pid 816008] +++ exited with 1 +++
[pid 816007] <... waitid resumed>{si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=816008, si_uid=1001, si_status=1, si_utime=0, si_stime=0}, WEXITED, NULL) = 0
[pid 816007] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=816008, si_uid=1001, si_status=1, si_utime=0, si_stime=0} ---
[pid 816007] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDstrace: Process 816009 attached
, child_tidptr=0x7f0c6b787990) = 816009
[pid 816007] recvmsg(3,  <unfinished ...>
[pid 816009] pidfd_open(816009, 0)      = 3
[pid 816009] sendmsg(5, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="", iov_len=0}], msg_iovlen=1, msg_control=[{cmsg_len=20, cmsg_level=SOL_SOCKET, cmsg_type=SCM_RIGHTS, cmsg_data=[3]}], msg_controllen=24, msg_flags=0}, 0) = 0
[pid 816007] <... recvmsg resumed>{msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="", iov_len=0}], msg_iovlen=1, msg_control=[{cmsg_len=20, cmsg_level=SOL_SOCKET, cmsg_type=SCM_RIGHTS, cmsg_data=[5]}], msg_controllen=24, msg_flags=MSG_CMSG_CLOEXEC}, MSG_CMSG_CLOEXEC) = 0
[pid 816009] execve("/usr/bin/sleep", ["sleep", "1000"], 0x7ffcf2100048 /* 105 vars */) = 0
[pid 816007] waitid(P_PIDFD, 5, {}, WNOHANG|WEXITED, NULL) = 0
[pid 816007] pidfd_send_signal(5, SIGKILL, NULL, 0) = 0
[pid 816007] waitid(P_PIDFD, 5,  <unfinished ...>
[pid 816009] +++ killed by SIGKILL +++
[pid 816007] <... waitid resumed>{si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=816009, si_uid=1001, si_status=SIGKILL, si_utime=0, si_stime=0}, WEXITED, NULL) = 0
[pid 816007] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=816009, si_uid=1001, si_status=SIGKILL, si_utime=0, si_stime=0} ---
[pid 816007] +++ exited with 0 +++
```
2023-11-19 19:14:34 -08:00
The 8472
f34e7f4768 Don't set cmsg fields in msghdr if we have no cmsg to send 2023-11-19 15:19:47 +01:00
bors
d052f6fde6 Auto merge of #117895 - mzohreva:mz/fix-sgx-backtrace, r=Mark-Simulacrum
Adjust frame IP in backtraces relative to image base for SGX target

This is followup to https://github.com/rust-lang/backtrace-rs/pull/566.

The backtraces printed by `panic!` or generated by `std::backtrace::Backtrace` in SGX target are not usable. The frame addresses need to be relative to image base address so they can be used for symbol resolution. Here's an example panic backtrace generated before this change:

```
$ cargo r --target x86_64-fortanix-unknown-sgx
...
stack backtrace:
   0:     0x7f8fe401d3a5 - <unknown>
   1:     0x7f8fe4034780 - <unknown>
   2:     0x7f8fe401c5a3 - <unknown>
   3:     0x7f8fe401d1f5 - <unknown>
   4:     0x7f8fe401e6f6 - <unknown>
```
Here's the same panic after this change:
```
$ cargo +stage1 r --target x86_64-fortanix-unknown-sgx
stack backtrace:
   0:            0x198bf - <unknown>
   1:            0x3d181 - <unknown>
   2:            0x26164 - <unknown>
   3:            0x19705 - <unknown>
   4:            0x1ef36 - <unknown>
```
cc `@jethrogb` and `@workingjubilee`
2023-11-19 03:00:18 +00:00
Takayuki Maeda
baf3059f4e
Rollup merge of #116750 - fintelia:seek_seek_relative, r=Mark-Simulacrum
Add Seek::seek_relative

The `BufReader` struct has a `seek_relative` method because its `Seek::seek` implementation involved dumping the internal buffer (https://github.com/rust-lang/rust/issues/31100).

Unfortunately, there isn't really a good way to take advantage of that method in generic code. This PR adds the same method to the main `Seek` trait with the straightforward default method, and an override for `BufReader` that calls its implementation.

_Also discussed in [this](https://internals.rust-lang.org/t/add-seek-seek-relative/19546) internals.rust-lang.org thread._
2023-11-19 04:14:40 +09:00
bors
1a740c3816 Auto merge of #117138 - zachs18:rwlock_guard_debug_unsized, r=dtolnay
Add T: ?Sized to `RwLockReadGuard` and `RwLockWriteGuard`'s Debug impls.

For context, `MutexGuard` has `+ ?Sized` on its `Debug` impl, and all three have `+ ?Sized` on their `Display` impls.

It looks like the `?Sized` was just missed when the impls were added (the impl for `MutexGuard` was added in the same PR (https://github.com/rust-lang/rust/pull/38006) with support for `T: Debug + ?Sized`, and `RwLock*Guard`s did allow `T: ?Sized` types already); the `Display` impls were added later (https://github.com/rust-lang/rust/pull/42822) with support for `T: Debug + ?Sized` types.

I think this needs a T-libs-api FCP? I'm not sure if this also needs an ACP. If so I can make one.

These are changes to (stable) trait impls on stable types so will be insta-stable.

`@rustbot` label +T-libs-api
2023-11-18 00:59:19 +00:00
Matthias Krüger
ca3a02836e
Rollup merge of #117338 - workingjubilee:asmjs-meets-thanatos, r=b-naber
Remove asmjs

Fulfills [MCP 668](https://github.com/rust-lang/compiler-team/issues/668).

`asmjs-unknown-emscripten` does not work as-specified, and lacks essential upstream support for generating asm.js, so it should not exist at all.
2023-11-17 23:04:21 +01:00
Mohsen Zohrevandi
b576dd2b3c Use ptr::invalid_mut for SGX image base 2023-11-17 11:49:23 -08:00
Mark Rousskov
917f6540ed Re-format code with new rustfmt 2023-11-15 21:45:48 -05:00
The 8472
12efa53b19 if available use a Child's pidfd for kill/wait 2023-11-16 02:05:37 +01:00
Mark Rousskov
db3e2bacb6 Bump cfg(bootstrap)s 2023-11-15 19:41:28 -05:00
Mark Rousskov
efe54e24aa Substitute version placeholders 2023-11-15 19:40:51 -05:00
The 8472
3ffbb4899e update comment, we're currently using a different syscall 2023-11-16 01:38:59 +01:00
The 8472
10127d9eb5 set CLOEXEC on pidfd received from child process 2023-11-16 01:36:54 +01:00
Mohsen Zohrevandi
ec8c3d9992 Move SGX-specific image base logic to sys_common 2023-11-14 13:27:57 -08:00
Mohsen Zohrevandi
6e7ea03c26 Adjust frame IP in backtraces relative to image base for SGX target 2023-11-14 10:27:12 -08:00
bors
2c1b65ee14 Auto merge of #115694 - clarfonthey:std-hash-private, r=dtolnay
Add `std:#️⃣:{DefaultHasher, RandomState}` exports (needs FCP)

This implements rust-lang/libs-team#267 to move the libstd hasher types to `std::hash` where they belong, instead of `std::collections::hash_map`.

<details><summary>The below no longer applies, but is kept for clarity.</summary>
This is a small refactor for #27242, which moves the definitions of `RandomState` and `DefaultHasher` into `std::hash`, but in a way that won't be noticed in the public API.

I've opened rust-lang/libs-team#267 as a formal ACP to move these directly into the root of `std::hash`, but for now, they're at least separated out from the collections code in a way that will make moving that around easier.

I decided to simply copy the rustdoc for `std::hash` from `core::hash` since I think it would be ideal for the two to diverge longer-term, especially if the ACP is accepted. However, I would be willing to factor them out into a common markdown document if that's preferred.
</details>
2023-11-11 21:12:20 +00:00
Ramon de C Valle
55e3dc487f CFI: Add missing use core::ffi::c_int
Adds missing use core::ffi::c_int for when
sanitizer_cfi_normalize_integers is defined.
2023-11-10 08:20:04 -08:00
John Millikin
341c85648c Move BorrowedBuf and BorrowedCursor from std:io to core::io
Assigned new feature name `core_io_borrowed_buf` to distinguish from the
`Read::read_buf` functionality in `std::io`.
2023-11-09 07:10:11 +09:00
bors
28acba3c61 Auto merge of #115460 - zachs18:borrowedcursor_write_no_panic, r=dtolnay
Don't panic in `<BorrowedCursor as io::Write>::write`

Instead of panicking if the BorrowedCursor does not have enough capacity for the whole buffer, just return a short write, [like `<&mut [u8] as io::Write>::write` does](https://doc.rust-lang.org/src/std/io/impls.rs.html#349).

(cc `@ChayimFriedman2` https://github.com/rust-lang/rust/issues/78485#issuecomment-1493129588)

(I'm not sure if this needs an ACP? since it's not changing the "API", just what the function does)
2023-11-08 14:08:48 +00:00
bors
118a2deea5 Auto merge of #117617 - Urgau:bump-libc-0.2.150, r=Mark-Simulacrum
Bump libc dependency

This bumps the `libc` crate to version 0.2.150 which includes https://github.com/rust-lang/libc/pull/3410 which will help remove the old and deprecated check-cfg syntax.

Extracted from https://github.com/rust-lang/rust/pull/117612
2023-11-07 17:18:36 +00:00
bors
7a892ab8d8 Auto merge of #117576 - the8472:fix-io-copy-vec, r=Mark-Simulacrum
Fix excessive initialization and reads beyond EOF in `io::copy(_, Vec<u8>)` specialization

fixes #117545 and https://github.com/bczhc/bzip3-rs/pull/8
2023-11-06 00:05:58 +00:00
Urgau
15719a8c1d libc: bump dependency to 0.2.150 2023-11-05 18:32:10 +01:00
Jonathan Behrens
d9f7c9db02 Improve documentation 2023-11-04 15:45:55 -07:00
Nicholas Bishop
5d3535c616 Bump compiler_builtins to 0.1.103 2023-11-04 13:11:10 -04:00
The 8472
78aa5e511c detect EOF earlier
The initial probe-for-empty-source by stack_buffer_copy only detected EOF
if the source was empty but not when it was merely small which lead to
additional calls to read() after Ok(0) had already been returned
in the stack copy routine
2023-11-04 16:11:01 +01:00
The 8472
8d8f06b277 avoid excessive initialization when copying to a Vec
It now keeps track of initialized bytes to avoid reinitialization.
It also keeps track of read sizes to avoid initializing more bytes
than the reader needs. This is important when passing a huge vector to a
Read that only has a few bytes to offer and doesn't implement read_buf().
2023-11-04 16:11:01 +01:00
ltdk
8337e86b28 Add insta-stable std:#️⃣:{DefaultHasher, RandomState} exports 2023-11-02 20:35:20 -04:00
ltdk
075409ddd9 Move RandomState and DefaultHasher into std::hash, but don't export for now 2023-11-02 20:35:20 -04:00
bors
46455dc650 Auto merge of #117386 - roblabla:fix-switch-stdio-win7, r=ChrisDenton
Fix switch_stdout_to on Windows7

The `switch_stdout_to` test was broken on Windows7, as deleting the temporary test folder would fail since the `switch-stdout-output` file we redirected the stdout to is never closed, and it's impossible on Win7 to delete an opened file.

To fix this issue, we make `switch_stdout_to` return the previous handle. Using this, we add a new `switch_stdout_to` call at the end of the test to return the stdio handles to their original state, and recover the handle to the file we opened. This handle is automatically closed at the end of the function, which should allow the temporary test folder to be deleted properly.
2023-11-02 07:58:38 +00:00
bors
815b3ae00a Auto merge of #115356 - devnexen:haiku_set_name_use_return, r=thomcc
`std:🧵:set_name` exploit the return on haiku
2023-11-01 07:53:49 +00:00
bors
dd24c7bdbf Auto merge of #117422 - joshtriplett:stabilize-file-times, r=workingjubilee
Stabilize `file_set_times`

Approved via FCP in https://github.com/rust-lang/rust/issues/98245 .
2023-11-01 05:35:39 +00:00
Sebastian Thiel
a8ece1190b
Add support for pre-unix-epoch file dates on Apple platforms (#108277)
Time in UNIX system calls counts from the epoch, 1970-01-01. The timespec
struct used in various system calls represents this as a number of seconds and
a number of nanoseconds. Nanoseconds are required to be between 0 and
999_999_999, because the portion outside that range should be represented in
the seconds field; if nanoseconds were larger than 999_999_999, the seconds
field should go up instead.

Suppose you ask for the time 1969-12-31, what time is that? On UNIX systems
that support times before the epoch, that's seconds=-86400, one day before the
epoch. But now, suppose you ask for the time 1969-12-31 23:59:00.1. In other
words, a tenth of a second after one minute before the epoch.  On most UNIX
systems, that's represented as seconds=-60, nanoseconds=100_000_000. The macOS
bug is that it returns seconds=-59, nanoseconds=-900_000_000.

While that's in some sense an accurate description of the time (59.9 seconds
before the epoch), that violates the invariant of the timespec data structure:
nanoseconds must be between 0 and 999999999. This causes this assertion in the
Rust standard library.

So, on macOS, if we get a Timespec value with seconds less than or equal to
zero, and nanoseconds between -999_999_999 and -1 (inclusive), we can add
1_000_000_000 to the nanoseconds and subtract 1 from the seconds, and then
convert.  The resulting timespec value is still accepted by macOS, and when fed
back into the OS, produces the same results. (If you set a file's mtime with
that timestamp, then read it back, you get back the one with negative
nanoseconds again.)

Co-authored-by: Josh Triplett <josh@joshtriplett.org>
2023-10-31 17:00:59 +01:00
roblabla
4971e997e5 Fix switch_stdout_to on Windows7
The switch_stdout_to test was broken on Windows7, as the test
infrastructure would refuse to delete the temporary test folder because
the switch-stdout-output file we redirected the stdout to was still
opened.

To fix this issue, we make switch_stdout_to return the previous handle,
and add a new switch_stdout_to call at the end of the test to return the
stdio handles to their original state. The handle the second
switch_stdout_to returns will be automatically closed, which should
allow the temporary test folder to be deleted properly.
2023-10-31 09:50:07 +01:00
Josh Triplett
bcfc48db76 Stabilize file_set_times
Approved via FCP in https://github.com/rust-lang/rust/issues/98245 .
2023-10-31 14:34:02 +08:00
León Orell Valerian Liehr
098bb3703c
Rollup merge of #117177 - Ayush1325:uefi-alloc-type, r=workingjubilee
Use ImageDataType for allocation type

Suggested at #100499

cc `@dvdhrm`
cc `@nicholasbishop`
2023-10-30 10:48:18 +01:00
Ayush Singh
441068b613
Use ImageDataType for allocation type
Signed-off-by: Ayush Singh <ayushdevel1325@gmail.com>
2023-10-30 10:27:10 +05:30
Jonathan Behrens
bc058b6f45 Add tracking issue 2023-10-29 19:11:18 -07:00
bors
bcb5798dd8 Auto merge of #117332 - saethlin:panic-immediate-abort, r=workingjubilee
Increase the reach of panic_immediate_abort

I wanted to use/abuse this recently as part of another project, and I was surprised how many panic-related things were left in my binaries if I built a large crate with the feature enabled along with LTO. These changes get all the panic-related symbols that I could find out of my set of locally installed Rust utilities.
2023-10-30 00:03:47 +00:00
Ben Kimock
2e7364a586 Increase the reach of panic_immediate_abort 2023-10-29 09:31:07 -04:00
Jubilee Young
6649219c3f Remove asmjs from library 2023-10-28 23:10:45 -07:00
git-bruh
7a504cc68a Don't use LFS64 symbols on musl
Simplify #[cfg] blocks

fmt

don't try to use the more appropriate direntry on musl
2023-10-29 03:29:27 +00:00
Jubilee
d87b5e4727
Rollup merge of #116816 - ChrisDenton:api.rs, r=workingjubilee
Create `windows/api.rs` for safer FFI

FFI is inherently unsafe. For memory safety we need to assert that some contract is being upheld on both sides of the FFI, though of course we can only ever check our side. In Rust, `unsafe` blocks are used to assert safety and `// SAFETY` comments describing why it is safe. Currently in sys/windows we have a lot of this unsafety spread all over the place, with variations on the same unsafe patterns repeated. And because of the repitition and frequency, we're a bit lax with the safety comments.

This PR aims to fix this and to make FFI safety more auditable by creating an `api` module with the goal of centralising and consolidating this unsafety. It contains thin wrappers around the Windows API that make most functions safe to call or, if that's not possible, then at least safer. Note that its goal is *only* to address safety. It does not stray far from the Windows API and intentionally does not attempt to make higher lever wrappers around, for example, file handles. This is better left to the existing modules. The windows/api.rs file has a top level comment to help future contributors understand the intent of the module and the design decisions made.

I chose two functions as a first tentative step towards the above goal:

- [`GetLastError`](https://learn.microsoft.com/en-us/windows/win32/api/errhandlingapi/nf-errhandlingapi-getlasterror) is trivially safe. There's no reason to wrap it in an `unsafe` block every time. So I simply created a safe `get_last_error` wrapper.
- [`SetFileInformationByHandle`](https://learn.microsoft.com/en-us/windows/win32/api/fileapi/nf-fileapi-setfileinformationbyhandle) is more complex. It essentially takes a generic type but over a C API which necessitates some amount of ceremony. Rather than implementing similar unsafe patterns in multiple places, I provide a safe `set_file_information_by_handle` that takes a Rusty generic type and handles converting that to the form required by the C FFI.

r? libs
2023-10-28 01:07:36 -07:00
Matthias Krüger
f9d62a84f0
Rollup merge of #117281 - RalfJung:thread-safety, r=thomcc
std::thread : add SAFETY comment

I forgot to add this in https://github.com/rust-lang/rust/pull/117266.
2023-10-27 19:46:10 +02:00
Matthias Krüger
60b071fa8a
Rollup merge of #117270 - jhpratt:hide-print-internals, r=ChrisDenton
Hide internal methods from documentation

The two methods here are perma-unstable and only made public for technical reasons. There is no reason to show them in documentation.

`@rustbot` label +A-docs
2023-10-27 19:46:09 +02:00
Ralf Jung
ccb36a688d std:🧵 add SAFETY comment 2023-10-27 15:18:32 +02:00
bors
95f6a01e8f Auto merge of #117272 - matthiaskrgr:rollup-upg122z, r=matthiaskrgr
Rollup of 6 pull requests

Successful merges:

 - #114998 (feat(docs): add cargo-pgo to PGO documentation 📝)
 - #116868 (Tweak suggestion span for outer attr and point at item following invalid inner attr)
 - #117240 (Fix documentation typo in std::iter::Iterator::collect_into)
 - #117241 (Stash and cancel cycle errors for auto trait leakage in opaques)
 - #117262 (Create a new ConstantKind variant (ZeroSized) for StableMIR)
 - #117266 (replace transmute by raw pointer cast)

r? `@ghost`
`@rustbot` modify labels: rollup
2023-10-27 10:19:35 +00:00
Jacob Pratt
72d5f4b1dc
Hide internal methods from documentation 2023-10-27 04:30:49 -04:00
Ralf Jung
b3f7f4dff7 replace transmute by raw pointer cast 2023-10-27 08:02:16 +02:00