diff options
| author | Laurențiu Nicola <lnicola@dend.ro> | 2025-06-09 15:44:40 +0300 |
|---|---|---|
| committer | Laurențiu Nicola <lnicola@dend.ro> | 2025-06-09 15:44:40 +0300 |
| commit | 88223c56d9352a14bf4e91d706d68ca3a696bcdf (patch) | |
| tree | 1fa465adaaf07355079312d2e1aa3e8594acadc7 /library/std/src | |
| parent | cbe6fe86ef60ceedd46128df8f09da982f44191a (diff) | |
| parent | 7c10378e1fee5ddc6573b916aeb884ab10e0de17 (diff) | |
| download | rust-88223c56d9352a14bf4e91d706d68ca3a696bcdf.tar.gz rust-88223c56d9352a14bf4e91d706d68ca3a696bcdf.zip | |
Merge from rust-lang/rust
Diffstat (limited to 'library/std/src')
60 files changed, 924 insertions, 321 deletions
diff --git a/library/std/src/collections/hash/map.rs b/library/std/src/collections/hash/map.rs index 3530f890f52..edbdd041145 100644 --- a/library/std/src/collections/hash/map.rs +++ b/library/std/src/collections/hash/map.rs @@ -648,14 +648,14 @@ impl<K, V, S> HashMap<K, V, S> { Drain { base: self.base.drain() } } - /// Creates an iterator which uses a closure to determine if an element should be removed. + /// Creates an iterator which uses a closure to determine if an element (key-value pair) should be removed. /// - /// If the closure returns true, the element is removed from the map and yielded. - /// If the closure returns false, or panics, the element remains in the map and will not be - /// yielded. + /// If the closure returns `true`, the element is removed from the map and + /// yielded. If the closure returns `false`, or panics, the element remains + /// in the map and will not be yielded. /// - /// Note that `extract_if` lets you mutate every value in the filter closure, regardless of - /// whether you choose to keep or remove it. + /// The iterator also lets you mutate the value of each element in the + /// closure, regardless of whether you choose to keep or remove it. /// /// If the returned `ExtractIf` is not exhausted, e.g. because it is dropped without iterating /// or the iteration short-circuits, then the remaining elements will be retained. diff --git a/library/std/src/collections/hash/set.rs b/library/std/src/collections/hash/set.rs index 8514dfd9a98..482d57b47f6 100644 --- a/library/std/src/collections/hash/set.rs +++ b/library/std/src/collections/hash/set.rs @@ -276,11 +276,11 @@ impl<T, S> HashSet<T, S> { Drain { base: self.base.drain() } } - /// Creates an iterator which uses a closure to determine if a value should be removed. + /// Creates an iterator which uses a closure to determine if an element should be removed. /// - /// If the closure returns true, then the value is removed and yielded. - /// If the closure returns false, the value will remain in the list and will not be yielded - /// by the iterator. + /// If the closure returns `true`, the element is removed from the set and + /// yielded. If the closure returns `false`, or panics, the element remains + /// in the set and will not be yielded. /// /// If the returned `ExtractIf` is not exhausted, e.g. because it is dropped without iterating /// or the iteration short-circuits, then the remaining elements will be retained. diff --git a/library/std/src/env.rs b/library/std/src/env.rs index ce2dc795220..6d7d576b32a 100644 --- a/library/std/src/env.rs +++ b/library/std/src/env.rs @@ -1046,6 +1046,7 @@ pub mod consts { /// * `"sparc"` /// * `"sparc64"` /// * `"hexagon"` + /// * `"loongarch32"` /// * `"loongarch64"` /// /// </details> diff --git a/library/std/src/ffi/mod.rs b/library/std/src/ffi/mod.rs index 56791609910..f44e12d48ad 100644 --- a/library/std/src/ffi/mod.rs +++ b/library/std/src/ffi/mod.rs @@ -172,12 +172,14 @@ pub use core::ffi::c_void; all supported platforms", issue = "44930" )] -pub use core::ffi::{VaList, VaListImpl}; +pub use core::ffi::{VaArgSafe, VaList, VaListImpl}; #[stable(feature = "core_ffi_c", since = "1.64.0")] pub use core::ffi::{ c_char, c_double, c_float, c_int, c_long, c_longlong, c_schar, c_short, c_uchar, c_uint, c_ulong, c_ulonglong, c_ushort, }; +#[unstable(feature = "c_size_t", issue = "88345")] +pub use core::ffi::{c_ptrdiff_t, c_size_t, c_ssize_t}; #[doc(inline)] #[stable(feature = "cstr_from_bytes_until_nul", since = "1.69.0")] diff --git a/library/std/src/ffi/os_str.rs b/library/std/src/ffi/os_str.rs index 72bdf03ee61..3cc225004ea 100644 --- a/library/std/src/ffi/os_str.rs +++ b/library/std/src/ffi/os_str.rs @@ -137,7 +137,8 @@ impl OsString { #[stable(feature = "rust1", since = "1.0.0")] #[must_use] #[inline] - pub fn new() -> OsString { + #[rustc_const_unstable(feature = "const_pathbuf_osstring_new", issue = "141520")] + pub const fn new() -> OsString { OsString { inner: Buf::from_string(String::new()) } } @@ -567,7 +568,7 @@ impl OsString { /// However, keep in mind that trimming the capacity may result in a reallocation and copy. /// /// [`into_boxed_os_str`]: Self::into_boxed_os_str - #[unstable(feature = "os_string_pathbuf_leak", issue = "125965")] + #[stable(feature = "os_string_pathbuf_leak", since = "CURRENT_RUSTC_VERSION")] #[inline] pub fn leak<'a>(self) -> &'a mut OsStr { OsStr::from_inner_mut(self.inner.leak()) @@ -594,9 +595,9 @@ impl OsString { /// The slice must be valid for the platform encoding (as described in /// [`OsStr::from_encoded_bytes_unchecked`]). /// - /// This bypasses the encoding-dependent surrogate joining, so `self` must - /// not end with a leading surrogate half and `other` must not start with - /// with a trailing surrogate half. + /// This bypasses the encoding-dependent surrogate joining, so either + /// `self` must not end with a leading surrogate half, or `other` must not + /// start with a trailing surrogate half. #[inline] pub(crate) unsafe fn extend_from_slice_unchecked(&mut self, other: &[u8]) { // SAFETY: Guaranteed by caller. @@ -1040,7 +1041,7 @@ impl OsStr { /// Converts a <code>[Box]<[OsStr]></code> into an [`OsString`] without copying or allocating. #[stable(feature = "into_boxed_os_str", since = "1.20.0")] #[must_use = "`self` will be dropped if the result is not used"] - pub fn into_os_string(self: Box<OsStr>) -> OsString { + pub fn into_os_string(self: Box<Self>) -> OsString { let boxed = unsafe { Box::from_raw(Box::into_raw(self) as *mut Slice) }; OsString { inner: Buf::from_box(boxed) } } diff --git a/library/std/src/fs.rs b/library/std/src/fs.rs index 509e673bdb8..6cbf8301e01 100644 --- a/library/std/src/fs.rs +++ b/library/std/src/fs.rs @@ -391,6 +391,16 @@ impl fmt::Display for TryLockError { } } +#[unstable(feature = "file_lock", issue = "130994")] +impl From<TryLockError> for io::Error { + fn from(err: TryLockError) -> io::Error { + match err { + TryLockError::Error(err) => err, + TryLockError::WouldBlock => io::ErrorKind::WouldBlock.into(), + } + } +} + impl File { /// Attempts to open a file in read-only mode. /// @@ -820,11 +830,14 @@ impl File { /// /// fn main() -> std::io::Result<()> { /// let f = File::create("foo.txt")?; + /// // Explicit handling of the WouldBlock error /// match f.try_lock() { /// Ok(_) => (), /// Err(TryLockError::WouldBlock) => (), // Lock not acquired /// Err(TryLockError::Error(err)) => return Err(err), /// } + /// // Alternately, propagate the error as an io::Error + /// f.try_lock()?; /// Ok(()) /// } /// ``` @@ -881,11 +894,14 @@ impl File { /// /// fn main() -> std::io::Result<()> { /// let f = File::open("foo.txt")?; + /// // Explicit handling of the WouldBlock error /// match f.try_lock_shared() { /// Ok(_) => (), /// Err(TryLockError::WouldBlock) => (), // Lock not acquired /// Err(TryLockError::Error(err)) => return Err(err), /// } + /// // Alternately, propagate the error as an io::Error + /// f.try_lock_shared()?; /// /// Ok(()) /// } @@ -1295,9 +1311,39 @@ impl Write for &File { } #[stable(feature = "rust1", since = "1.0.0")] impl Seek for &File { + /// Seek to an offset, in bytes in a file. + /// + /// See [`Seek::seek`] docs for more info. + /// + /// # Platform-specific behavior + /// + /// This function currently corresponds to the `lseek64` function on Unix + /// and the `SetFilePointerEx` function on Windows. Note that this [may + /// change in the future][changes]. + /// + /// [changes]: io#platform-specific-behavior fn seek(&mut self, pos: SeekFrom) -> io::Result<u64> { self.inner.seek(pos) } + + /// Returns the length of this file (in bytes). + /// + /// See [`Seek::stream_len`] docs for more info. + /// + /// # Platform-specific behavior + /// + /// This function currently corresponds to the `statx` function on Linux + /// (with fallbacks) and the `GetFileSizeEx` function on Windows. Note that + /// this [may change in the future][changes]. + /// + /// [changes]: io#platform-specific-behavior + fn stream_len(&mut self) -> io::Result<u64> { + if let Some(result) = self.inner.size() { + return result; + } + io::stream_len_default(self) + } + fn stream_position(&mut self) -> io::Result<u64> { self.inner.tell() } @@ -1347,6 +1393,9 @@ impl Seek for File { fn seek(&mut self, pos: SeekFrom) -> io::Result<u64> { (&*self).seek(pos) } + fn stream_len(&mut self) -> io::Result<u64> { + (&*self).stream_len() + } fn stream_position(&mut self) -> io::Result<u64> { (&*self).stream_position() } @@ -1396,6 +1445,9 @@ impl Seek for Arc<File> { fn seek(&mut self, pos: SeekFrom) -> io::Result<u64> { (&**self).seek(pos) } + fn stream_len(&mut self) -> io::Result<u64> { + (&**self).stream_len() + } fn stream_position(&mut self) -> io::Result<u64> { (&**self).stream_position() } @@ -2803,8 +2855,8 @@ pub fn create_dir<P: AsRef<Path>>(path: P) -> io::Result<()> { /// Recursively create a directory and all of its parent components if they /// are missing. /// -/// If this function returns an error, some of the parent components might have -/// been created already. +/// This function is not atomic. If it returns an error, any parent components it was able to create +/// will remain. /// /// If the empty path is passed to this function, it always succeeds without /// creating any directories. @@ -2899,17 +2951,28 @@ pub fn remove_dir<P: AsRef<Path>>(path: P) -> io::Result<()> { /// /// # Platform-specific behavior /// -/// This function currently corresponds to `openat`, `fdopendir`, `unlinkat` and `lstat` functions -/// on Unix (except for REDOX) and the `CreateFileW`, `GetFileInformationByHandleEx`, -/// `SetFileInformationByHandle`, and `NtCreateFile` functions on Windows. Note that, this -/// [may change in the future][changes]. +/// These implementation details [may change in the future][changes]. +/// +/// - "Unix-like": By default, this function currently corresponds to +/// `openat`, `fdopendir`, `unlinkat` and `lstat` +/// on Unix-family platforms, except where noted otherwise. +/// - "Windows": This function currently corresponds to `CreateFileW`, +/// `GetFileInformationByHandleEx`, `SetFileInformationByHandle`, and `NtCreateFile`. +/// +/// ## Time-of-check to time-of-use (TOCTOU) race conditions +/// On a few platforms there is no way to remove a directory's contents without following symlinks +/// unless you perform a check and then operate on paths based on that directory. +/// This allows concurrently-running code to replace the directory with a symlink after the check, +/// causing a removal to instead operate on a path based on the symlink. This is a TOCTOU race. +/// By default, `fs::remove_dir_all` protects against a symlink TOCTOU race on all platforms +/// except the following. It should not be used in security-sensitive contexts on these platforms: +/// - Miri: Even when emulating targets where the underlying implementation will protect against +/// TOCTOU races, Miri will not do so. +/// - Redox OS: This function does not protect against TOCTOU races, as Redox does not implement +/// the required platform support to do so. /// /// [changes]: io#platform-specific-behavior /// -/// On REDOX, as well as when running in Miri for any target, this function is not protected against -/// time-of-check to time-of-use (TOCTOU) race conditions, and should not be used in -/// security-sensitive code on those platforms. All other platforms are protected. -/// /// # Errors /// /// See [`fs::remove_file`] and [`fs::remove_dir`]. diff --git a/library/std/src/fs/tests.rs b/library/std/src/fs/tests.rs index c81a5ff4d96..c81e3af2f0d 100644 --- a/library/std/src/fs/tests.rs +++ b/library/std/src/fs/tests.rs @@ -367,6 +367,28 @@ fn file_lock_blocking_async() { } #[test] +#[cfg(windows)] +fn file_try_lock_async() { + const FILE_FLAG_OVERLAPPED: u32 = 0x40000000; + + let tmpdir = tmpdir(); + let filename = &tmpdir.join("file_try_lock_async.txt"); + let f1 = check!(File::create(filename)); + let f2 = + check!(OpenOptions::new().custom_flags(FILE_FLAG_OVERLAPPED).write(true).open(filename)); + + // Check that shared locks block exclusive locks + check!(f1.lock_shared()); + assert_matches!(f2.try_lock(), Err(TryLockError::WouldBlock)); + check!(f1.unlock()); + + // Check that exclusive locks block all locks + check!(f1.lock()); + assert_matches!(f2.try_lock(), Err(TryLockError::WouldBlock)); + assert_matches!(f2.try_lock_shared(), Err(TryLockError::WouldBlock)); +} + +#[test] fn file_test_io_seek_shakedown() { // 01234567890123 let initial_msg = "qwer-asdf-zxcv"; @@ -1760,8 +1782,30 @@ fn test_eq_windows_file_type() { // Change the readonly attribute of one file. let mut perms = file1.metadata().unwrap().permissions(); perms.set_readonly(true); - file1.set_permissions(perms).unwrap(); + file1.set_permissions(perms.clone()).unwrap(); + #[cfg(target_vendor = "win7")] + let _g = ReadonlyGuard { file: &file1, perms }; assert_eq!(file1.metadata().unwrap().file_type(), file2.metadata().unwrap().file_type()); + + // Reset the attribute before the `TmpDir`'s drop that removes the + // associated directory, which fails with a `PermissionDenied` error when + // running under Windows 7. + #[cfg(target_vendor = "win7")] + struct ReadonlyGuard<'f> { + file: &'f File, + perms: fs::Permissions, + } + #[cfg(target_vendor = "win7")] + impl<'f> Drop for ReadonlyGuard<'f> { + fn drop(&mut self) { + self.perms.set_readonly(false); + let res = self.file.set_permissions(self.perms.clone()); + + if !thread::panicking() { + res.unwrap(); + } + } + } } /// Regression test for https://github.com/rust-lang/rust/issues/50619. diff --git a/library/std/src/io/mod.rs b/library/std/src/io/mod.rs index 03f5f838311..20c82b64bcc 100644 --- a/library/std/src/io/mod.rs +++ b/library/std/src/io/mod.rs @@ -2028,7 +2028,7 @@ pub trait Seek { /// Returns the length of this stream (in bytes). /// - /// This method is implemented using up to three seek operations. If this + /// The default implementation uses up to three seek operations. If this /// method returns successfully, the seek position is unchanged (i.e. the /// position before calling this method is the same as afterwards). /// However, if this method returns an error, the seek position is @@ -2062,16 +2062,7 @@ pub trait Seek { /// ``` #[unstable(feature = "seek_stream_len", issue = "59359")] fn stream_len(&mut self) -> Result<u64> { - let old_pos = self.stream_position()?; - let len = self.seek(SeekFrom::End(0))?; - - // Avoid seeking a third time when we were already at the end of the - // stream. The branch is usually way cheaper than a seek operation. - if old_pos != len { - self.seek(SeekFrom::Start(old_pos))?; - } - - Ok(len) + stream_len_default(self) } /// Returns the current seek position from the start of the stream. @@ -2132,6 +2123,19 @@ pub trait Seek { } } +pub(crate) fn stream_len_default<T: Seek + ?Sized>(self_: &mut T) -> Result<u64> { + let old_pos = self_.stream_position()?; + let len = self_.seek(SeekFrom::End(0))?; + + // Avoid seeking a third time when we were already at the end of the + // stream. The branch is usually way cheaper than a seek operation. + if old_pos != len { + self_.seek(SeekFrom::Start(old_pos))?; + } + + Ok(len) +} + /// Enumeration of possible methods to seek within an I/O object. /// /// It is used by the [`Seek`] trait. diff --git a/library/std/src/io/pipe.rs b/library/std/src/io/pipe.rs index 47243806cd2..16727d44541 100644 --- a/library/std/src/io/pipe.rs +++ b/library/std/src/io/pipe.rs @@ -38,30 +38,44 @@ use crate::sys_common::{FromInner, IntoInner}; /// > not rely on a particular capacity: an application should be designed so that a reading process /// > consumes data as soon as it is available, so that a writing process does not remain blocked. /// -/// # Examples +/// # Example /// /// ```no_run /// # #[cfg(miri)] fn main() {} /// # #[cfg(not(miri))] /// # fn main() -> std::io::Result<()> { +/// use std::io::{Read, Write, pipe}; /// use std::process::Command; -/// use std::io::{pipe, Read, Write}; -/// let (ping_rx, mut ping_tx) = pipe()?; -/// let (mut pong_rx, pong_tx) = pipe()?; +/// let (ping_reader, mut ping_writer) = pipe()?; +/// let (mut pong_reader, pong_writer) = pipe()?; /// -/// // Spawn a process that echoes its input. -/// let mut echo_server = Command::new("cat").stdin(ping_rx).stdout(pong_tx).spawn()?; +/// // Spawn a child process that echoes its input. +/// let mut echo_command = Command::new("cat"); +/// echo_command.stdin(ping_reader); +/// echo_command.stdout(pong_writer); +/// let mut echo_child = echo_command.spawn()?; /// -/// ping_tx.write_all(b"hello")?; -/// // Close to unblock echo_server's reader. -/// drop(ping_tx); +/// // Send input to the child process. Note that because we're writing all the input before we +/// // read any output, this could deadlock if the child's input and output pipe buffers both +/// // filled up. Those buffers are usually at least a few KB, so "hello" is fine, but for longer +/// // inputs we'd need to read and write at the same time, e.g. using threads. +/// ping_writer.write_all(b"hello")?; +/// +/// // `cat` exits when it reads EOF from stdin, but that can't happen while any ping writer +/// // remains open. We need to drop our ping writer, or read_to_string will deadlock below. +/// drop(ping_writer); +/// +/// // The pong reader can't report EOF while any pong writer remains open. Our Command object is +/// // holding a pong writer, and again read_to_string will deadlock if we don't drop it. +/// drop(echo_command); /// /// let mut buf = String::new(); -/// // Block until echo_server's writer is closed. -/// pong_rx.read_to_string(&mut buf)?; +/// // Block until `cat` closes its stdout (a pong writer). +/// pong_reader.read_to_string(&mut buf)?; /// assert_eq!(&buf, "hello"); /// -/// echo_server.wait()?; +/// // At this point we know `cat` has exited, but we still need to wait to clean up the "zombie". +/// echo_child.wait()?; /// # Ok(()) /// # } /// ``` diff --git a/library/std/src/keyword_docs.rs b/library/std/src/keyword_docs.rs index 79b25040ef6..1c55824ab90 100644 --- a/library/std/src/keyword_docs.rs +++ b/library/std/src/keyword_docs.rs @@ -1916,10 +1916,6 @@ mod type_keyword {} /// - and to declare that a programmer has checked that these contracts have been upheld (`unsafe /// {}` and `unsafe impl`, but also `unsafe fn` -- see below). /// -/// They are not mutually exclusive, as can be seen in `unsafe fn`: the body of an `unsafe fn` is, -/// by default, treated like an unsafe block. The `unsafe_op_in_unsafe_fn` lint can be enabled to -/// change that. -/// /// # Unsafe abilities /// /// **No matter what, Safe Rust can't cause Undefined Behavior**. This is @@ -1961,13 +1957,6 @@ mod type_keyword {} /// - `unsafe impl`: the contract necessary to implement the trait has been /// checked by the programmer and is guaranteed to be respected. /// -/// By default, `unsafe fn` also acts like an `unsafe {}` block -/// around the code inside the function. This means it is not just a signal to -/// the caller, but also promises that the preconditions for the operations -/// inside the function are upheld. Mixing these two meanings can be confusing, so the -/// `unsafe_op_in_unsafe_fn` lint can be enabled to warn against that and require explicit unsafe -/// blocks even inside `unsafe fn`. -/// /// See the [Rustonomicon] and the [Reference] for more information. /// /// # Examples @@ -2109,6 +2098,7 @@ mod type_keyword {} /// impl Indexable for i32 { /// const LEN: usize = 1; /// +/// /// See `Indexable` for the safety contract. /// unsafe fn idx_unchecked(&self, idx: usize) -> i32 { /// debug_assert_eq!(idx, 0); /// *self @@ -2120,6 +2110,7 @@ mod type_keyword {} /// impl Indexable for [i32; 42] { /// const LEN: usize = 42; /// +/// /// See `Indexable` for the safety contract. /// unsafe fn idx_unchecked(&self, idx: usize) -> i32 { /// // SAFETY: As per this trait's documentation, the caller ensures /// // that `idx < 42`. @@ -2132,6 +2123,7 @@ mod type_keyword {} /// impl Indexable for ! { /// const LEN: usize = 0; /// +/// /// See `Indexable` for the safety contract. /// unsafe fn idx_unchecked(&self, idx: usize) -> i32 { /// // SAFETY: As per this trait's documentation, the caller ensures /// // that `idx < 0`, which is impossible, so this is dead code. @@ -2153,11 +2145,14 @@ mod type_keyword {} /// contract of `idx_unchecked`. Implementing `Indexable` is safe because when writing /// `idx_unchecked`, we don't have to worry: our *callers* need to discharge a proof obligation /// (like `use_indexable` does), but the *implementation* of `get_unchecked` has no proof obligation -/// to contend with. Of course, the implementation of `Indexable` may choose to call other unsafe -/// operations, and then it needs an `unsafe` *block* to indicate it discharged the proof -/// obligations of its callees. (We enabled `unsafe_op_in_unsafe_fn`, so the body of `idx_unchecked` -/// is not implicitly an unsafe block.) For that purpose it can make use of the contract that all -/// its callers must uphold -- the fact that `idx < LEN`. +/// to contend with. Of course, the implementation may choose to call other unsafe operations, and +/// then it needs an `unsafe` *block* to indicate it discharged the proof obligations of its +/// callees. For that purpose it can make use of the contract that all its callers must uphold -- +/// the fact that `idx < LEN`. +/// +/// Note that unlike normal `unsafe fn`, an `unsafe fn` in a trait implementation does not get to +/// just pick an arbitrary safety contract! It *has* to use the safety contract defined by the trait +/// (or one with weaker preconditions). /// /// Formally speaking, an `unsafe fn` in a trait is a function with *preconditions* that go beyond /// those encoded by the argument types (such as `idx < LEN`), whereas an `unsafe trait` can declare diff --git a/library/std/src/lib.rs b/library/std/src/lib.rs index ef41b47384d..7c54e731edc 100644 --- a/library/std/src/lib.rs +++ b/library/std/src/lib.rs @@ -235,12 +235,7 @@ test(attr(allow(dead_code, deprecated, unused_variables, unused_mut))) )] #![doc(rust_logo)] -#![doc(cfg_hide( - not(test), - not(any(test, bootstrap)), - no_global_oom_handling, - not(no_global_oom_handling) -))] +#![doc(cfg_hide(not(test), no_global_oom_handling, not(no_global_oom_handling)))] // Don't link to std. We are std. #![no_std] // Tell the compiler to link to either panic_abort or panic_unwind @@ -335,6 +330,7 @@ #![feature(bstr_internals)] #![feature(char_internals)] #![feature(clone_to_uninit)] +#![feature(const_float_round_methods)] #![feature(core_intrinsics)] #![feature(core_io_borrowed_buf)] #![feature(duration_constants)] @@ -585,11 +581,13 @@ pub use alloc_crate::string; #[stable(feature = "rust1", since = "1.0.0")] pub use alloc_crate::vec; -#[unstable(feature = "f128", issue = "116909")] +#[path = "num/f128.rs"] pub mod f128; -#[unstable(feature = "f16", issue = "116909")] +#[path = "num/f16.rs"] pub mod f16; +#[path = "num/f32.rs"] pub mod f32; +#[path = "num/f64.rs"] pub mod f64; #[macro_use] @@ -636,12 +634,14 @@ pub mod simd { #[doc(inline)] pub use crate::std_float::StdFloat; } + #[unstable(feature = "autodiff", issue = "124509")] /// This module provides support for automatic differentiation. pub mod autodiff { /// This macro handles automatic differentiation. - pub use core::autodiff::autodiff; + pub use core::autodiff::{autodiff_forward, autodiff_reverse}; } + #[stable(feature = "futures_api", since = "1.36.0")] pub mod task { //! Types and Traits for working with asynchronous tasks. @@ -700,8 +700,8 @@ mod panicking; #[allow(dead_code, unused_attributes, fuzzy_provenance_casts, unsafe_op_in_unsafe_fn)] mod backtrace_rs; -#[unstable(feature = "cfg_match", issue = "115585")] -pub use core::cfg_match; +#[unstable(feature = "cfg_select", issue = "115585")] +pub use core::cfg_select; #[unstable( feature = "concat_bytes", issue = "87555", diff --git a/library/std/src/f128.rs b/library/std/src/num/f128.rs index bb4acde4822..c0190de089f 100644 --- a/library/std/src/f128.rs +++ b/library/std/src/num/f128.rs @@ -4,6 +4,8 @@ //! //! Mathematically significant numbers are provided in the `consts` sub-module. +#![unstable(feature = "f128", issue = "116909")] + #[unstable(feature = "f128", issue = "116909")] pub use core::f128::consts; diff --git a/library/std/src/f16.rs b/library/std/src/num/f16.rs index 4792eac1f9e..4a4a8fd839a 100644 --- a/library/std/src/f16.rs +++ b/library/std/src/num/f16.rs @@ -4,6 +4,8 @@ //! //! Mathematically significant numbers are provided in the `consts` sub-module. +#![unstable(feature = "f16", issue = "116909")] + #[unstable(feature = "f16", issue = "116909")] pub use core::f16::consts; diff --git a/library/std/src/f32.rs b/library/std/src/num/f32.rs index 94140d01d8b..b7f6529ac40 100644 --- a/library/std/src/f32.rs +++ b/library/std/src/num/f32.rs @@ -44,9 +44,10 @@ impl f32 { #[rustc_allow_incoherent_impl] #[must_use = "method returns a new number and does not mutate the original value"] #[stable(feature = "rust1", since = "1.0.0")] + #[rustc_const_unstable(feature = "const_float_round_methods", issue = "141555")] #[inline] - pub fn floor(self) -> f32 { - core::f32::floor(self) + pub const fn floor(self) -> f32 { + core::f32::math::floor(self) } /// Returns the smallest integer greater than or equal to `self`. @@ -66,9 +67,10 @@ impl f32 { #[rustc_allow_incoherent_impl] #[must_use = "method returns a new number and does not mutate the original value"] #[stable(feature = "rust1", since = "1.0.0")] + #[rustc_const_unstable(feature = "const_float_round_methods", issue = "141555")] #[inline] - pub fn ceil(self) -> f32 { - core::f32::ceil(self) + pub const fn ceil(self) -> f32 { + core::f32::math::ceil(self) } /// Returns the nearest integer to `self`. If a value is half-way between two @@ -94,9 +96,10 @@ impl f32 { #[rustc_allow_incoherent_impl] #[must_use = "method returns a new number and does not mutate the original value"] #[stable(feature = "rust1", since = "1.0.0")] + #[rustc_const_unstable(feature = "const_float_round_methods", issue = "141555")] #[inline] - pub fn round(self) -> f32 { - core::f32::round(self) + pub const fn round(self) -> f32 { + core::f32::math::round(self) } /// Returns the nearest integer to a number. Rounds half-way cases to the number @@ -120,9 +123,10 @@ impl f32 { #[rustc_allow_incoherent_impl] #[must_use = "method returns a new number and does not mutate the original value"] #[stable(feature = "round_ties_even", since = "1.77.0")] + #[rustc_const_unstable(feature = "const_float_round_methods", issue = "141555")] #[inline] - pub fn round_ties_even(self) -> f32 { - core::f32::round_ties_even(self) + pub const fn round_ties_even(self) -> f32 { + core::f32::math::round_ties_even(self) } /// Returns the integer part of `self`. @@ -145,9 +149,10 @@ impl f32 { #[rustc_allow_incoherent_impl] #[must_use = "method returns a new number and does not mutate the original value"] #[stable(feature = "rust1", since = "1.0.0")] + #[rustc_const_unstable(feature = "const_float_round_methods", issue = "141555")] #[inline] - pub fn trunc(self) -> f32 { - core::f32::trunc(self) + pub const fn trunc(self) -> f32 { + core::f32::math::trunc(self) } /// Returns the fractional part of `self`. @@ -168,9 +173,10 @@ impl f32 { #[rustc_allow_incoherent_impl] #[must_use = "method returns a new number and does not mutate the original value"] #[stable(feature = "rust1", since = "1.0.0")] + #[rustc_const_unstable(feature = "const_float_round_methods", issue = "141555")] #[inline] - pub fn fract(self) -> f32 { - core::f32::fract(self) + pub const fn fract(self) -> f32 { + core::f32::math::fract(self) } /// Fused multiply-add. Computes `(self * a) + b` with only one rounding @@ -212,7 +218,7 @@ impl f32 { #[stable(feature = "rust1", since = "1.0.0")] #[inline] pub fn mul_add(self, a: f32, b: f32) -> f32 { - core::f32::mul_add(self, a, b) + core::f32::math::mul_add(self, a, b) } /// Calculates Euclidean division, the matching method for `rem_euclid`. @@ -242,7 +248,7 @@ impl f32 { #[inline] #[stable(feature = "euclidean_division", since = "1.38.0")] pub fn div_euclid(self, rhs: f32) -> f32 { - core::f32::div_euclid(self, rhs) + core::f32::math::div_euclid(self, rhs) } /// Calculates the least nonnegative remainder of `self (mod rhs)`. @@ -279,7 +285,7 @@ impl f32 { #[inline] #[stable(feature = "euclidean_division", since = "1.38.0")] pub fn rem_euclid(self, rhs: f32) -> f32 { - core::f32::rem_euclid(self, rhs) + core::f32::math::rem_euclid(self, rhs) } /// Raises a number to an integer power. @@ -307,7 +313,7 @@ impl f32 { #[stable(feature = "rust1", since = "1.0.0")] #[inline] pub fn powi(self, n: i32) -> f32 { - core::f32::powi(self, n) + core::f32::math::powi(self, n) } /// Raises a number to a floating point power. @@ -362,7 +368,7 @@ impl f32 { #[stable(feature = "rust1", since = "1.0.0")] #[inline] pub fn sqrt(self) -> f32 { - core::f32::sqrt(self) + core::f32::math::sqrt(self) } /// Returns `e^(self)`, (the exponential function). @@ -595,7 +601,7 @@ impl f32 { )] pub fn abs_sub(self, other: f32) -> f32 { #[allow(deprecated)] - core::f32::abs_sub(self, other) + core::f32::math::abs_sub(self, other) } /// Returns the cube root of a number. @@ -622,7 +628,7 @@ impl f32 { #[stable(feature = "rust1", since = "1.0.0")] #[inline] pub fn cbrt(self) -> f32 { - core::f32::cbrt(self) + core::f32::math::cbrt(self) } /// Compute the distance between the origin and a point (`x`, `y`) on the diff --git a/library/std/src/f64.rs b/library/std/src/num/f64.rs index 051061ae605..75e35a8db33 100644 --- a/library/std/src/f64.rs +++ b/library/std/src/num/f64.rs @@ -44,9 +44,10 @@ impl f64 { #[rustc_allow_incoherent_impl] #[must_use = "method returns a new number and does not mutate the original value"] #[stable(feature = "rust1", since = "1.0.0")] + #[rustc_const_unstable(feature = "const_float_round_methods", issue = "141555")] #[inline] - pub fn floor(self) -> f64 { - core::f64::floor(self) + pub const fn floor(self) -> f64 { + core::f64::math::floor(self) } /// Returns the smallest integer greater than or equal to `self`. @@ -66,9 +67,10 @@ impl f64 { #[rustc_allow_incoherent_impl] #[must_use = "method returns a new number and does not mutate the original value"] #[stable(feature = "rust1", since = "1.0.0")] + #[rustc_const_unstable(feature = "const_float_round_methods", issue = "141555")] #[inline] - pub fn ceil(self) -> f64 { - core::f64::ceil(self) + pub const fn ceil(self) -> f64 { + core::f64::math::ceil(self) } /// Returns the nearest integer to `self`. If a value is half-way between two @@ -94,9 +96,10 @@ impl f64 { #[rustc_allow_incoherent_impl] #[must_use = "method returns a new number and does not mutate the original value"] #[stable(feature = "rust1", since = "1.0.0")] + #[rustc_const_unstable(feature = "const_float_round_methods", issue = "141555")] #[inline] - pub fn round(self) -> f64 { - core::f64::round(self) + pub const fn round(self) -> f64 { + core::f64::math::round(self) } /// Returns the nearest integer to a number. Rounds half-way cases to the number @@ -120,9 +123,10 @@ impl f64 { #[rustc_allow_incoherent_impl] #[must_use = "method returns a new number and does not mutate the original value"] #[stable(feature = "round_ties_even", since = "1.77.0")] + #[rustc_const_unstable(feature = "const_float_round_methods", issue = "141555")] #[inline] - pub fn round_ties_even(self) -> f64 { - core::f64::round_ties_even(self) + pub const fn round_ties_even(self) -> f64 { + core::f64::math::round_ties_even(self) } /// Returns the integer part of `self`. @@ -145,9 +149,10 @@ impl f64 { #[rustc_allow_incoherent_impl] #[must_use = "method returns a new number and does not mutate the original value"] #[stable(feature = "rust1", since = "1.0.0")] + #[rustc_const_unstable(feature = "const_float_round_methods", issue = "141555")] #[inline] - pub fn trunc(self) -> f64 { - core::f64::trunc(self) + pub const fn trunc(self) -> f64 { + core::f64::math::trunc(self) } /// Returns the fractional part of `self`. @@ -168,9 +173,10 @@ impl f64 { #[rustc_allow_incoherent_impl] #[must_use = "method returns a new number and does not mutate the original value"] #[stable(feature = "rust1", since = "1.0.0")] + #[rustc_const_unstable(feature = "const_float_round_methods", issue = "141555")] #[inline] - pub fn fract(self) -> f64 { - core::f64::fract(self) + pub const fn fract(self) -> f64 { + core::f64::math::fract(self) } /// Fused multiply-add. Computes `(self * a) + b` with only one rounding @@ -212,7 +218,7 @@ impl f64 { #[stable(feature = "rust1", since = "1.0.0")] #[inline] pub fn mul_add(self, a: f64, b: f64) -> f64 { - core::f64::mul_add(self, a, b) + core::f64::math::mul_add(self, a, b) } /// Calculates Euclidean division, the matching method for `rem_euclid`. @@ -242,7 +248,7 @@ impl f64 { #[inline] #[stable(feature = "euclidean_division", since = "1.38.0")] pub fn div_euclid(self, rhs: f64) -> f64 { - core::f64::div_euclid(self, rhs) + core::f64::math::div_euclid(self, rhs) } /// Calculates the least nonnegative remainder of `self (mod rhs)`. @@ -279,7 +285,7 @@ impl f64 { #[inline] #[stable(feature = "euclidean_division", since = "1.38.0")] pub fn rem_euclid(self, rhs: f64) -> f64 { - core::f64::rem_euclid(self, rhs) + core::f64::math::rem_euclid(self, rhs) } /// Raises a number to an integer power. @@ -307,7 +313,7 @@ impl f64 { #[stable(feature = "rust1", since = "1.0.0")] #[inline] pub fn powi(self, n: i32) -> f64 { - core::f64::powi(self, n) + core::f64::math::powi(self, n) } /// Raises a number to a floating point power. @@ -362,7 +368,7 @@ impl f64 { #[stable(feature = "rust1", since = "1.0.0")] #[inline] pub fn sqrt(self) -> f64 { - core::f64::sqrt(self) + core::f64::math::sqrt(self) } /// Returns `e^(self)`, (the exponential function). @@ -595,7 +601,7 @@ impl f64 { )] pub fn abs_sub(self, other: f64) -> f64 { #[allow(deprecated)] - core::f64::abs_sub(self, other) + core::f64::math::abs_sub(self, other) } /// Returns the cube root of a number. @@ -622,7 +628,7 @@ impl f64 { #[stable(feature = "rust1", since = "1.0.0")] #[inline] pub fn cbrt(self) -> f64 { - core::f64::cbrt(self) + core::f64::math::cbrt(self) } /// Compute the distance between the origin and a point (`x`, `y`) on the diff --git a/library/std/src/num.rs b/library/std/src/num/mod.rs index ffb8789c906..ffb8789c906 100644 --- a/library/std/src/num.rs +++ b/library/std/src/num/mod.rs diff --git a/library/std/src/os/linux/raw.rs b/library/std/src/os/linux/raw.rs index d53674d3c5f..6483f086113 100644 --- a/library/std/src/os/linux/raw.rs +++ b/library/std/src/os/linux/raw.rs @@ -231,6 +231,7 @@ mod arch { } #[cfg(any( + target_arch = "loongarch32", target_arch = "loongarch64", target_arch = "mips64", target_arch = "mips64r6", diff --git a/library/std/src/os/net/linux_ext/addr.rs b/library/std/src/os/net/linux_ext/addr.rs index aed772056e1..41009c0e284 100644 --- a/library/std/src/os/net/linux_ext/addr.rs +++ b/library/std/src/os/net/linux_ext/addr.rs @@ -23,7 +23,10 @@ pub trait SocketAddrExt: Sealed { /// /// ```no_run /// use std::os::unix::net::{UnixListener, SocketAddr}; + /// #[cfg(target_os = "linux")] /// use std::os::linux::net::SocketAddrExt; + /// #[cfg(target_os = "android")] + /// use std::os::android::net::SocketAddrExt; /// /// fn main() -> std::io::Result<()> { /// let addr = SocketAddr::from_abstract_name(b"hidden")?; @@ -48,7 +51,10 @@ pub trait SocketAddrExt: Sealed { /// /// ```no_run /// use std::os::unix::net::{UnixListener, SocketAddr}; + /// #[cfg(target_os = "linux")] /// use std::os::linux::net::SocketAddrExt; + /// #[cfg(target_os = "android")] + /// use std::os::android::net::SocketAddrExt; /// /// fn main() -> std::io::Result<()> { /// let name = b"hidden"; diff --git a/library/std/src/os/net/linux_ext/socket.rs b/library/std/src/os/net/linux_ext/socket.rs index 4e4168f693c..a15feb6bd9f 100644 --- a/library/std/src/os/net/linux_ext/socket.rs +++ b/library/std/src/os/net/linux_ext/socket.rs @@ -27,7 +27,10 @@ pub trait UnixSocketExt: Sealed { /// /// ```no_run /// #![feature(unix_socket_ancillary_data)] + /// #[cfg(target_os = "linux")] /// use std::os::linux::net::UnixSocketExt; + /// #[cfg(target_os = "android")] + /// use std::os::android::net::UnixSocketExt; /// use std::os::unix::net::UnixDatagram; /// /// fn main() -> std::io::Result<()> { diff --git a/library/std/src/os/net/linux_ext/tcp.rs b/library/std/src/os/net/linux_ext/tcp.rs index c8d012962d4..95dffb3bc43 100644 --- a/library/std/src/os/net/linux_ext/tcp.rs +++ b/library/std/src/os/net/linux_ext/tcp.rs @@ -25,7 +25,10 @@ pub trait TcpStreamExt: Sealed { /// ```no_run /// #![feature(tcp_quickack)] /// use std::net::TcpStream; + /// #[cfg(target_os = "linux")] /// use std::os::linux::net::TcpStreamExt; + /// #[cfg(target_os = "android")] + /// use std::os::android::net::TcpStreamExt; /// /// let stream = TcpStream::connect("127.0.0.1:8080") /// .expect("Couldn't connect to the server..."); @@ -43,7 +46,10 @@ pub trait TcpStreamExt: Sealed { /// ```no_run /// #![feature(tcp_quickack)] /// use std::net::TcpStream; + /// #[cfg(target_os = "linux")] /// use std::os::linux::net::TcpStreamExt; + /// #[cfg(target_os = "android")] + /// use std::os::android::net::TcpStreamExt; /// /// let stream = TcpStream::connect("127.0.0.1:8080") /// .expect("Couldn't connect to the server..."); diff --git a/library/std/src/os/unix/process.rs b/library/std/src/os/unix/process.rs index 7c3fa7d6507..57ce3c5a4bf 100644 --- a/library/std/src/os/unix/process.rs +++ b/library/std/src/os/unix/process.rs @@ -8,6 +8,7 @@ use cfg_if::cfg_if; use crate::ffi::OsStr; use crate::os::unix::io::{AsFd, AsRawFd, BorrowedFd, FromRawFd, IntoRawFd, OwnedFd, RawFd}; +use crate::path::Path; use crate::sealed::Sealed; use crate::sys_common::{AsInner, AsInnerMut, FromInner, IntoInner}; use crate::{io, process, sys}; @@ -197,6 +198,18 @@ pub trait CommandExt: Sealed { /// ``` #[stable(feature = "process_set_process_group", since = "1.64.0")] fn process_group(&mut self, pgroup: i32) -> &mut process::Command; + + /// Set the root of the child process. This calls `chroot` in the child process before executing + /// the command. + /// + /// This happens before changing to the directory specified with + /// [`process::Command::current_dir`], and that directory will be relative to the new root. + /// + /// If no directory has been specified with [`process::Command::current_dir`], this will set the + /// directory to `/`, to avoid leaving the current directory outside the chroot. (This is an + /// intentional difference from the underlying `chroot` system call.) + #[unstable(feature = "process_chroot", issue = "141298")] + fn chroot<P: AsRef<Path>>(&mut self, dir: P) -> &mut process::Command; } #[stable(feature = "rust1", since = "1.0.0")] @@ -242,6 +255,11 @@ impl CommandExt for process::Command { self.as_inner_mut().pgroup(pgroup); self } + + fn chroot<P: AsRef<Path>>(&mut self, dir: P) -> &mut process::Command { + self.as_inner_mut().chroot(dir.as_ref()); + self + } } /// Unix-specific extensions to [`process::ExitStatus`] and diff --git a/library/std/src/panic.rs b/library/std/src/panic.rs index f3b26ac64df..234fb284a59 100644 --- a/library/std/src/panic.rs +++ b/library/std/src/panic.rs @@ -356,7 +356,7 @@ pub use core::panic::abort_unwind; /// ``` #[stable(feature = "catch_unwind", since = "1.9.0")] pub fn catch_unwind<F: FnOnce() -> R + UnwindSafe, R>(f: F) -> Result<R> { - unsafe { panicking::r#try(f) } + unsafe { panicking::catch_unwind(f) } } /// Triggers a panic without invoking the panic hook. diff --git a/library/std/src/panicking.rs b/library/std/src/panicking.rs index 4bfedf78366..7873049d20b 100644 --- a/library/std/src/panicking.rs +++ b/library/std/src/panicking.rs @@ -499,13 +499,13 @@ pub use realstd::rt::panic_count; /// Invoke a closure, capturing the cause of an unwinding panic if one occurs. #[cfg(feature = "panic_immediate_abort")] -pub unsafe fn r#try<R, F: FnOnce() -> R>(f: F) -> Result<R, Box<dyn Any + Send>> { +pub unsafe fn catch_unwind<R, F: FnOnce() -> R>(f: F) -> Result<R, Box<dyn Any + Send>> { Ok(f()) } /// Invoke a closure, capturing the cause of an unwinding panic if one occurs. #[cfg(not(feature = "panic_immediate_abort"))] -pub unsafe fn r#try<R, F: FnOnce() -> R>(f: F) -> Result<R, Box<dyn Any + Send>> { +pub unsafe fn catch_unwind<R, F: FnOnce() -> R>(f: F) -> Result<R, Box<dyn Any + Send>> { union Data<F, R> { f: ManuallyDrop<F>, r: ManuallyDrop<R>, @@ -541,7 +541,7 @@ pub unsafe fn r#try<R, F: FnOnce() -> R>(f: F) -> Result<R, Box<dyn Any + Send>> let data_ptr = (&raw mut data) as *mut u8; // SAFETY: // - // Access to the union's fields: this is `std` and we know that the `r#try` + // Access to the union's fields: this is `std` and we know that the `catch_unwind` // intrinsic fills in the `r` or `p` union field based on its return value. // // The call to `intrinsics::catch_unwind` is made safe by: @@ -602,7 +602,7 @@ pub unsafe fn r#try<R, F: FnOnce() -> R>(f: F) -> Result<R, Box<dyn Any + Send>> // This function cannot be marked as `unsafe` because `intrinsics::catch_unwind` // expects normal function pointers. #[inline] - #[rustc_nounwind] // `intrinsic::r#try` requires catch fn to be nounwind + #[rustc_nounwind] // `intrinsic::catch_unwind` requires catch fn to be nounwind fn do_catch<F: FnOnce() -> R, R>(data: *mut u8, payload: *mut u8) { // SAFETY: this is the responsibility of the caller, see above. // diff --git a/library/std/src/path.rs b/library/std/src/path.rs index 1a4a7aa7448..826d9f0f39d 100644 --- a/library/std/src/path.rs +++ b/library/std/src/path.rs @@ -1191,7 +1191,8 @@ impl PathBuf { #[stable(feature = "rust1", since = "1.0.0")] #[must_use] #[inline] - pub fn new() -> PathBuf { + #[rustc_const_unstable(feature = "const_pathbuf_osstring_new", issue = "141520")] + pub const fn new() -> PathBuf { PathBuf { inner: OsString::new() } } @@ -1251,7 +1252,7 @@ impl PathBuf { /// However, keep in mind that trimming the capacity may result in a reallocation and copy. /// /// [`into_boxed_path`]: Self::into_boxed_path - #[unstable(feature = "os_string_pathbuf_leak", issue = "125965")] + #[stable(feature = "os_string_pathbuf_leak", since = "CURRENT_RUSTC_VERSION")] #[inline] pub fn leak<'a>(self) -> &'a mut Path { Path::from_inner_mut(self.inner.leak()) @@ -2154,6 +2155,13 @@ pub struct Path { #[stable(since = "1.7.0", feature = "strip_prefix")] pub struct StripPrefixError(()); +/// An error returned from [`Path::normalize_lexically`] if a `..` parent reference +/// would escape the path. +#[unstable(feature = "normalize_lexically", issue = "134694")] +#[derive(Debug, PartialEq)] +#[non_exhaustive] +pub struct NormalizeError; + impl Path { // The following (private!) function allows construction of a path from a u8 // slice, which is only safe when it is known to follow the OsStr encoding. @@ -2739,15 +2747,30 @@ impl Path { /// # Examples /// /// ``` - /// use std::path::{Path, PathBuf}; + /// use std::path::Path; /// /// let path = Path::new("foo.rs"); - /// assert_eq!(path.with_extension("txt"), PathBuf::from("foo.txt")); + /// assert_eq!(path.with_extension("txt"), Path::new("foo.txt")); + /// assert_eq!(path.with_extension(""), Path::new("foo")); + /// ``` + /// + /// Handling multiple extensions: + /// + /// ``` + /// use std::path::Path; /// /// let path = Path::new("foo.tar.gz"); - /// assert_eq!(path.with_extension(""), PathBuf::from("foo.tar")); - /// assert_eq!(path.with_extension("xz"), PathBuf::from("foo.tar.xz")); - /// assert_eq!(path.with_extension("").with_extension("txt"), PathBuf::from("foo.txt")); + /// assert_eq!(path.with_extension("xz"), Path::new("foo.tar.xz")); + /// assert_eq!(path.with_extension("").with_extension("txt"), Path::new("foo.txt")); + /// ``` + /// + /// Adding an extension where one did not exist: + /// + /// ``` + /// use std::path::Path; + /// + /// let path = Path::new("foo"); + /// assert_eq!(path.with_extension("rs"), Path::new("foo.rs")); /// ``` #[stable(feature = "rust1", since = "1.0.0")] pub fn with_extension<S: AsRef<OsStr>>(&self, extension: S) -> PathBuf { @@ -2961,6 +2984,67 @@ impl Path { fs::canonicalize(self) } + /// Normalize a path, including `..` without traversing the filesystem. + /// + /// Returns an error if normalization would leave leading `..` components. + /// + /// <div class="warning"> + /// + /// This function always resolves `..` to the "lexical" parent. + /// That is "a/b/../c" will always resolve to `a/c` which can change the meaning of the path. + /// In particular, `a/c` and `a/b/../c` are distinct on many systems because `b` may be a symbolic link, so its parent isn’t `a`. + /// + /// </div> + /// + /// [`path::absolute`](absolute) is an alternative that preserves `..`. + /// Or [`Path::canonicalize`] can be used to resolve any `..` by querying the filesystem. + #[unstable(feature = "normalize_lexically", issue = "134694")] + pub fn normalize_lexically(&self) -> Result<PathBuf, NormalizeError> { + let mut lexical = PathBuf::new(); + let mut iter = self.components().peekable(); + + // Find the root, if any, and add it to the lexical path. + // Here we treat the Windows path "C:\" as a single "root" even though + // `components` splits it into two: (Prefix, RootDir). + let root = match iter.peek() { + Some(Component::ParentDir) => return Err(NormalizeError), + Some(p @ Component::RootDir) | Some(p @ Component::CurDir) => { + lexical.push(p); + iter.next(); + lexical.as_os_str().len() + } + Some(Component::Prefix(prefix)) => { + lexical.push(prefix.as_os_str()); + iter.next(); + if let Some(p @ Component::RootDir) = iter.peek() { + lexical.push(p); + iter.next(); + } + lexical.as_os_str().len() + } + None => return Ok(PathBuf::new()), + Some(Component::Normal(_)) => 0, + }; + + for component in iter { + match component { + Component::RootDir => unreachable!(), + Component::Prefix(_) => return Err(NormalizeError), + Component::CurDir => continue, + Component::ParentDir => { + // It's an error if ParentDir causes us to go above the "root". + if lexical.as_os_str().len() == root { + return Err(NormalizeError); + } else { + lexical.pop(); + } + } + Component::Normal(path) => lexical.push(path), + } + } + Ok(lexical) + } + /// Reads a symbolic link, returning the file that the link points to. /// /// This is an alias to [`fs::read_link`]. @@ -3163,7 +3247,7 @@ impl Path { /// allocating. #[stable(feature = "into_boxed_path", since = "1.20.0")] #[must_use = "`self` will be dropped if the result is not used"] - pub fn into_path_buf(self: Box<Path>) -> PathBuf { + pub fn into_path_buf(self: Box<Self>) -> PathBuf { let rw = Box::into_raw(self) as *mut OsStr; let inner = unsafe { Box::from_raw(rw) }; PathBuf { inner: OsString::from(inner) } @@ -3502,6 +3586,15 @@ impl Error for StripPrefixError { } } +#[unstable(feature = "normalize_lexically", issue = "134694")] +impl fmt::Display for NormalizeError { + fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { + f.write_str("parent reference `..` points outside of base directory") + } +} +#[unstable(feature = "normalize_lexically", issue = "134694")] +impl Error for NormalizeError {} + /// Makes the path absolute without accessing the filesystem. /// /// If the path is relative, the current directory is used as the base directory. diff --git a/library/std/src/process.rs b/library/std/src/process.rs index df6b9a6e563..373584d0117 100644 --- a/library/std/src/process.rs +++ b/library/std/src/process.rs @@ -1348,7 +1348,7 @@ impl Output { /// /// ``` /// #![feature(exit_status_error)] - /// # #[cfg(unix)] { + /// # #[cfg(all(unix, not(target_os = "android")))] { /// use std::process::Command; /// assert!(Command::new("false").output().unwrap().exit_ok().is_err()); /// # } @@ -1695,7 +1695,7 @@ impl From<io::Stdout> for Stdio { /// # Ok(()) /// # } /// # - /// # if cfg!(unix) { + /// # if cfg!(all(unix, not(target_os = "android"))) { /// # test().unwrap(); /// # } /// ``` @@ -1724,7 +1724,7 @@ impl From<io::Stderr> for Stdio { /// # Ok(()) /// # } /// # - /// # if cfg!(unix) { + /// # if cfg!(all(unix, not(target_os = "android"))) { /// # test().unwrap(); /// # } /// ``` @@ -1907,7 +1907,7 @@ impl crate::sealed::Sealed for ExitStatusError {} /// /// ``` /// #![feature(exit_status_error)] -/// # if cfg!(unix) { +/// # if cfg!(all(unix, not(target_os = "android"))) { /// use std::process::{Command, ExitStatusError}; /// /// fn run(cmd: &str) -> Result<(), ExitStatusError> { @@ -1950,7 +1950,7 @@ impl ExitStatusError { /// /// ``` /// #![feature(exit_status_error)] - /// # #[cfg(unix)] { + /// # #[cfg(all(unix, not(target_os = "android")))] { /// use std::process::Command; /// /// let bad = Command::new("false").status().unwrap().exit_ok().unwrap_err(); @@ -1975,7 +1975,7 @@ impl ExitStatusError { /// ``` /// #![feature(exit_status_error)] /// - /// # if cfg!(unix) { + /// # if cfg!(all(unix, not(target_os = "android"))) { /// use std::num::NonZero; /// use std::process::Command; /// @@ -2532,7 +2532,7 @@ pub fn id() -> u32 { #[rustc_on_unimplemented(on( cause = "MainFunctionType", message = "`main` has invalid return type `{Self}`", - label = "`main` can only return types that implement `{Termination}`" + label = "`main` can only return types that implement `{This}`" ))] pub trait Termination { /// Is called to get the representation of the value as status code. diff --git a/library/std/src/sync/mpmc/list.rs b/library/std/src/sync/mpmc/list.rs index 3fcfb85cf2a..050f26b097a 100644 --- a/library/std/src/sync/mpmc/list.rs +++ b/library/std/src/sync/mpmc/list.rs @@ -575,7 +575,7 @@ impl<T> Channel<T> { // After this point `head.block` is not modified again and it will be deallocated if it's // non-null. The `Drop` code of the channel, which runs after this function, also attempts // to deallocate `head.block` if it's non-null. Therefore this function must maintain the - // invariant that if a deallocation of head.block is attemped then it must also be set to + // invariant that if a deallocation of head.block is attempted then it must also be set to // NULL. Failing to do so will lead to the Drop code attempting a double free. For this // reason both reads above do an atomic swap instead of a simple atomic load. diff --git a/library/std/src/sync/once_lock.rs b/library/std/src/sync/once_lock.rs index 324b5451873..a5c3a6c46a4 100644 --- a/library/std/src/sync/once_lock.rs +++ b/library/std/src/sync/once_lock.rs @@ -159,8 +159,11 @@ impl<T> OnceLock<T> { /// Gets the mutable reference to the underlying value. /// - /// Returns `None` if the cell is uninitialized, or being initialized. - /// This method never blocks. + /// Returns `None` if the cell is uninitialized. + /// + /// This method never blocks. Since it borrows the `OnceLock` mutably, + /// it is statically guaranteed that no active borrows to the `OnceLock` + /// exist, including from other threads. #[inline] #[stable(feature = "once_cell", since = "1.70.0")] pub fn get_mut(&mut self) -> Option<&mut T> { @@ -315,7 +318,9 @@ impl<T> OnceLock<T> { /// Gets the mutable reference of the contents of the cell, initializing /// it to `f()` if the cell was uninitialized. /// - /// This method never blocks. + /// This method never blocks. Since it borrows the `OnceLock` mutably, + /// it is statically guaranteed that no active borrows to the `OnceLock` + /// exist, including from other threads. /// /// # Panics /// @@ -405,7 +410,9 @@ impl<T> OnceLock<T> { /// it to `f()` if the cell was uninitialized. If the cell was uninitialized /// and `f()` failed, an error is returned. /// - /// This method never blocks. + /// This method never blocks. Since it borrows the `OnceLock` mutably, + /// it is statically guaranteed that no active borrows to the `OnceLock` + /// exist, including from other threads. /// /// # Panics /// @@ -469,7 +476,8 @@ impl<T> OnceLock<T> { /// /// Has no effect and returns `None` if the `OnceLock` was uninitialized. /// - /// Safety is guaranteed by requiring a mutable reference. + /// Since this method borrows the `OnceLock` mutably, it is statically guaranteed that + /// no active borrows to the `OnceLock` exist, including from other threads. /// /// # Examples /// diff --git a/library/std/src/sync/poison/mutex.rs b/library/std/src/sync/poison/mutex.rs index 1c29c619edc..30325be685c 100644 --- a/library/std/src/sync/poison/mutex.rs +++ b/library/std/src/sync/poison/mutex.rs @@ -608,6 +608,17 @@ impl<T: ?Sized> Mutex<T> { let data = self.data.get_mut(); poison::map_result(self.poison.borrow(), |()| data) } + + /// Returns a raw pointer to the underlying data. + /// + /// The returned pointer is always non-null and properly aligned, but it is + /// the user's responsibility to ensure that any reads and writes through it + /// are properly synchronized to avoid data races, and that it is not read + /// or written through after the mutex is dropped. + #[unstable(feature = "mutex_data_ptr", issue = "140368")] + pub fn data_ptr(&self) -> *mut T { + self.data.get() + } } #[stable(feature = "mutex_from", since = "1.24.0")] diff --git a/library/std/src/sync/poison/rwlock.rs b/library/std/src/sync/poison/rwlock.rs index 6976c0a64e2..a060e2ea57a 100644 --- a/library/std/src/sync/poison/rwlock.rs +++ b/library/std/src/sync/poison/rwlock.rs @@ -634,6 +634,17 @@ impl<T: ?Sized> RwLock<T> { let data = self.data.get_mut(); poison::map_result(self.poison.borrow(), |()| data) } + + /// Returns a raw pointer to the underlying data. + /// + /// The returned pointer is always non-null and properly aligned, but it is + /// the user's responsibility to ensure that any reads and writes through it + /// are properly synchronized to avoid data races, and that it is not read + /// or written through after the lock is dropped. + #[unstable(feature = "rwlock_data_ptr", issue = "140368")] + pub fn data_ptr(&self) -> *mut T { + self.data.get() + } } #[stable(feature = "rust1", since = "1.0.0")] diff --git a/library/std/src/sync/reentrant_lock.rs b/library/std/src/sync/reentrant_lock.rs index 96a4cf12659..727252f03a2 100644 --- a/library/std/src/sync/reentrant_lock.rs +++ b/library/std/src/sync/reentrant_lock.rs @@ -349,6 +349,17 @@ impl<T: ?Sized> ReentrantLock<T> { } } + /// Returns a raw pointer to the underlying data. + /// + /// The returned pointer is always non-null and properly aligned, but it is + /// the user's responsibility to ensure that any reads through it are + /// properly synchronized to avoid data races, and that it is not read + /// through after the lock is dropped. + #[unstable(feature = "reentrant_lock_data_ptr", issue = "140368")] + pub fn data_ptr(&self) -> *const T { + &raw const self.data + } + unsafe fn increment_lock_count(&self) -> Option<()> { unsafe { *self.lock_count.get() = (*self.lock_count.get()).checked_add(1)?; diff --git a/library/std/src/sys/alloc/mod.rs b/library/std/src/sys/alloc/mod.rs index 8489e17c971..f3af1f7f599 100644 --- a/library/std/src/sys/alloc/mod.rs +++ b/library/std/src/sys/alloc/mod.rs @@ -17,6 +17,7 @@ const MIN_ALIGN: usize = if cfg!(any( target_arch = "arm", target_arch = "m68k", target_arch = "csky", + target_arch = "loongarch32", target_arch = "mips", target_arch = "mips32r6", target_arch = "powerpc", diff --git a/library/std/src/sys/fs/hermit.rs b/library/std/src/sys/fs/hermit.rs index a9774bef9e3..175d919c289 100644 --- a/library/std/src/sys/fs/hermit.rs +++ b/library/std/src/sys/fs/hermit.rs @@ -422,6 +422,10 @@ impl File { self.0.seek(pos) } + pub fn size(&self) -> Option<io::Result<u64>> { + None + } + pub fn tell(&self) -> io::Result<u64> { self.0.tell() } diff --git a/library/std/src/sys/fs/solid.rs b/library/std/src/sys/fs/solid.rs index 3bfb39bac95..808a9582911 100644 --- a/library/std/src/sys/fs/solid.rs +++ b/library/std/src/sys/fs/solid.rs @@ -459,6 +459,10 @@ impl File { self.tell() } + pub fn size(&self) -> Option<io::Result<u64>> { + None + } + pub fn tell(&self) -> io::Result<u64> { unsafe { let mut out_offset = MaybeUninit::uninit(); diff --git a/library/std/src/sys/fs/uefi.rs b/library/std/src/sys/fs/uefi.rs index 416c90b98b6..5763d7862f5 100644 --- a/library/std/src/sys/fs/uefi.rs +++ b/library/std/src/sys/fs/uefi.rs @@ -280,6 +280,10 @@ impl File { self.0 } + pub fn size(&self) -> Option<io::Result<u64>> { + self.0 + } + pub fn tell(&self) -> io::Result<u64> { self.0 } diff --git a/library/std/src/sys/fs/unix.rs b/library/std/src/sys/fs/unix.rs index a3e520fdeef..dc278274f00 100644 --- a/library/std/src/sys/fs/unix.rs +++ b/library/std/src/sys/fs/unix.rs @@ -1464,6 +1464,15 @@ impl File { Ok(n as u64) } + pub fn size(&self) -> Option<io::Result<u64>> { + match self.file_attr().map(|attr| attr.size()) { + // Fall back to default implementation if the returned size is 0, + // we might be in a proc mount. + Ok(0) => None, + result => Some(result), + } + } + pub fn tell(&self) -> io::Result<u64> { self.seek(SeekFrom::Current(0)) } diff --git a/library/std/src/sys/fs/unsupported.rs b/library/std/src/sys/fs/unsupported.rs index 0ff9533c047..efaddb51b37 100644 --- a/library/std/src/sys/fs/unsupported.rs +++ b/library/std/src/sys/fs/unsupported.rs @@ -259,6 +259,10 @@ impl File { self.0 } + pub fn size(&self) -> Option<io::Result<u64>> { + self.0 + } + pub fn tell(&self) -> io::Result<u64> { self.0 } diff --git a/library/std/src/sys/fs/wasi.rs b/library/std/src/sys/fs/wasi.rs index ebfc7377a2e..b65d86de12a 100644 --- a/library/std/src/sys/fs/wasi.rs +++ b/library/std/src/sys/fs/wasi.rs @@ -516,6 +516,10 @@ impl File { self.fd.seek(pos) } + pub fn size(&self) -> Option<io::Result<u64>> { + None + } + pub fn tell(&self) -> io::Result<u64> { self.fd.tell() } diff --git a/library/std/src/sys/fs/windows.rs b/library/std/src/sys/fs/windows.rs index 9039fd00f5d..a95709b4891 100644 --- a/library/std/src/sys/fs/windows.rs +++ b/library/std/src/sys/fs/windows.rs @@ -415,10 +415,7 @@ impl File { match result { Ok(_) => Ok(()), - Err(err) - if err.raw_os_error() == Some(c::ERROR_IO_PENDING as i32) - || err.raw_os_error() == Some(c::ERROR_LOCK_VIOLATION as i32) => - { + Err(err) if err.raw_os_error() == Some(c::ERROR_LOCK_VIOLATION as i32) => { Err(TryLockError::WouldBlock) } Err(err) => Err(TryLockError::Error(err)), @@ -440,10 +437,7 @@ impl File { match result { Ok(_) => Ok(()), - Err(err) - if err.raw_os_error() == Some(c::ERROR_IO_PENDING as i32) - || err.raw_os_error() == Some(c::ERROR_LOCK_VIOLATION as i32) => - { + Err(err) if err.raw_os_error() == Some(c::ERROR_LOCK_VIOLATION as i32) => { Err(TryLockError::WouldBlock) } Err(err) => Err(TryLockError::Error(err)), @@ -622,6 +616,14 @@ impl File { Ok(newpos as u64) } + pub fn size(&self) -> Option<io::Result<u64>> { + let mut result = 0; + Some( + cvt(unsafe { c::GetFileSizeEx(self.handle.as_raw_handle(), &mut result) }) + .map(|_| result as u64), + ) + } + pub fn tell(&self) -> io::Result<u64> { self.seek(SeekFrom::Current(0)) } diff --git a/library/std/src/sys/net/connection/uefi/mod.rs b/library/std/src/sys/net/connection/uefi/mod.rs index da217439626..46d67c8e510 100644 --- a/library/std/src/sys/net/connection/uefi/mod.rs +++ b/library/std/src/sys/net/connection/uefi/mod.rs @@ -4,11 +4,14 @@ use crate::net::{Ipv4Addr, Ipv6Addr, Shutdown, SocketAddr}; use crate::sys::unsupported; use crate::time::Duration; -pub struct TcpStream(!); +mod tcp; +pub(crate) mod tcp4; + +pub struct TcpStream(#[expect(dead_code)] tcp::Tcp); impl TcpStream { - pub fn connect(_: io::Result<&SocketAddr>) -> io::Result<TcpStream> { - unsupported() + pub fn connect(addr: io::Result<&SocketAddr>) -> io::Result<TcpStream> { + tcp::Tcp::connect(addr?).map(Self) } pub fn connect_timeout(_: &SocketAddr, _: Duration) -> io::Result<TcpStream> { @@ -16,105 +19,105 @@ impl TcpStream { } pub fn set_read_timeout(&self, _: Option<Duration>) -> io::Result<()> { - self.0 + unsupported() } pub fn set_write_timeout(&self, _: Option<Duration>) -> io::Result<()> { - self.0 + unsupported() } pub fn read_timeout(&self) -> io::Result<Option<Duration>> { - self.0 + unsupported() } pub fn write_timeout(&self) -> io::Result<Option<Duration>> { - self.0 + unsupported() } pub fn peek(&self, _: &mut [u8]) -> io::Result<usize> { - self.0 + unsupported() } pub fn read(&self, _: &mut [u8]) -> io::Result<usize> { - self.0 + unsupported() } pub fn read_buf(&self, _buf: BorrowedCursor<'_>) -> io::Result<()> { - self.0 + unsupported() } pub fn read_vectored(&self, _: &mut [IoSliceMut<'_>]) -> io::Result<usize> { - self.0 + unsupported() } pub fn is_read_vectored(&self) -> bool { - self.0 + false } pub fn write(&self, _: &[u8]) -> io::Result<usize> { - self.0 + unsupported() } pub fn write_vectored(&self, _: &[IoSlice<'_>]) -> io::Result<usize> { - self.0 + unsupported() } pub fn is_write_vectored(&self) -> bool { - self.0 + false } pub fn peer_addr(&self) -> io::Result<SocketAddr> { - self.0 + unsupported() } pub fn socket_addr(&self) -> io::Result<SocketAddr> { - self.0 + unsupported() } pub fn shutdown(&self, _: Shutdown) -> io::Result<()> { - self.0 + unsupported() } pub fn duplicate(&self) -> io::Result<TcpStream> { - self.0 + unsupported() } pub fn set_linger(&self, _: Option<Duration>) -> io::Result<()> { - self.0 + unsupported() } pub fn linger(&self) -> io::Result<Option<Duration>> { - self.0 + unsupported() } pub fn set_nodelay(&self, _: bool) -> io::Result<()> { - self.0 + unsupported() } pub fn nodelay(&self) -> io::Result<bool> { - self.0 + unsupported() } pub fn set_ttl(&self, _: u32) -> io::Result<()> { - self.0 + unsupported() } pub fn ttl(&self) -> io::Result<u32> { - self.0 + unsupported() } pub fn take_error(&self) -> io::Result<Option<io::Error>> { - self.0 + unsupported() } pub fn set_nonblocking(&self, _: bool) -> io::Result<()> { - self.0 + unsupported() } } impl fmt::Debug for TcpStream { fn fmt(&self, _f: &mut fmt::Formatter<'_>) -> fmt::Result { - self.0 + todo!() } } diff --git a/library/std/src/sys/net/connection/uefi/tcp.rs b/library/std/src/sys/net/connection/uefi/tcp.rs new file mode 100644 index 00000000000..f87accdc41d --- /dev/null +++ b/library/std/src/sys/net/connection/uefi/tcp.rs @@ -0,0 +1,21 @@ +use super::tcp4; +use crate::io; +use crate::net::SocketAddr; + +pub(crate) enum Tcp { + V4(#[expect(dead_code)] tcp4::Tcp4), +} + +impl Tcp { + pub(crate) fn connect(addr: &SocketAddr) -> io::Result<Self> { + match addr { + SocketAddr::V4(x) => { + let temp = tcp4::Tcp4::new()?; + temp.configure(true, Some(x), None)?; + temp.connect()?; + Ok(Tcp::V4(temp)) + } + SocketAddr::V6(_) => todo!(), + } + } +} diff --git a/library/std/src/sys/net/connection/uefi/tcp4.rs b/library/std/src/sys/net/connection/uefi/tcp4.rs new file mode 100644 index 00000000000..f7ca373b52b --- /dev/null +++ b/library/std/src/sys/net/connection/uefi/tcp4.rs @@ -0,0 +1,118 @@ +use r_efi::efi::{self, Status}; +use r_efi::protocols::tcp4; + +use crate::io; +use crate::net::SocketAddrV4; +use crate::ptr::NonNull; +use crate::sync::atomic::{AtomicBool, Ordering}; +use crate::sys::pal::helpers; + +const TYPE_OF_SERVICE: u8 = 8; +const TIME_TO_LIVE: u8 = 255; + +pub(crate) struct Tcp4 { + protocol: NonNull<tcp4::Protocol>, + flag: AtomicBool, + #[expect(dead_code)] + service_binding: helpers::ServiceProtocol, +} + +const DEFAULT_ADDR: efi::Ipv4Address = efi::Ipv4Address { addr: [0u8; 4] }; + +impl Tcp4 { + pub(crate) fn new() -> io::Result<Self> { + let service_binding = helpers::ServiceProtocol::open(tcp4::SERVICE_BINDING_PROTOCOL_GUID)?; + let protocol = helpers::open_protocol(service_binding.child_handle(), tcp4::PROTOCOL_GUID)?; + + Ok(Self { service_binding, protocol, flag: AtomicBool::new(false) }) + } + + pub(crate) fn configure( + &self, + active: bool, + remote_address: Option<&SocketAddrV4>, + station_address: Option<&SocketAddrV4>, + ) -> io::Result<()> { + let protocol = self.protocol.as_ptr(); + + let (remote_address, remote_port) = if let Some(x) = remote_address { + (helpers::ipv4_to_r_efi(*x.ip()), x.port()) + } else { + (DEFAULT_ADDR, 0) + }; + + // FIXME: Remove when passive connections with proper subnet handling are added + assert!(station_address.is_none()); + let use_default_address = efi::Boolean::TRUE; + let (station_address, station_port) = (DEFAULT_ADDR, 0); + let subnet_mask = helpers::ipv4_to_r_efi(crate::net::Ipv4Addr::new(0, 0, 0, 0)); + + let mut config_data = tcp4::ConfigData { + type_of_service: TYPE_OF_SERVICE, + time_to_live: TIME_TO_LIVE, + access_point: tcp4::AccessPoint { + use_default_address, + remote_address, + remote_port, + active_flag: active.into(), + station_address, + station_port, + subnet_mask, + }, + control_option: crate::ptr::null_mut(), + }; + + let r = unsafe { ((*protocol).configure)(protocol, &mut config_data) }; + if r.is_error() { Err(crate::io::Error::from_raw_os_error(r.as_usize())) } else { Ok(()) } + } + + pub(crate) fn connect(&self) -> io::Result<()> { + let evt = unsafe { self.create_evt() }?; + let completion_token = + tcp4::CompletionToken { event: evt.as_ptr(), status: Status::SUCCESS }; + + let protocol = self.protocol.as_ptr(); + let mut conn_token = tcp4::ConnectionToken { completion_token }; + + let r = unsafe { ((*protocol).connect)(protocol, &mut conn_token) }; + if r.is_error() { + return Err(io::Error::from_raw_os_error(r.as_usize())); + } + + self.wait_for_flag(); + + if completion_token.status.is_error() { + Err(io::Error::from_raw_os_error(completion_token.status.as_usize())) + } else { + Ok(()) + } + } + + unsafe fn create_evt(&self) -> io::Result<helpers::OwnedEvent> { + self.flag.store(false, Ordering::Relaxed); + helpers::OwnedEvent::new( + efi::EVT_NOTIFY_SIGNAL, + efi::TPL_CALLBACK, + Some(toggle_atomic_flag), + Some(unsafe { NonNull::new_unchecked(self.flag.as_ptr().cast()) }), + ) + } + + fn wait_for_flag(&self) { + while !self.flag.load(Ordering::Relaxed) { + let _ = self.poll(); + } + } + + fn poll(&self) -> io::Result<()> { + let protocol = self.protocol.as_ptr(); + let r = unsafe { ((*protocol).poll)(protocol) }; + + if r.is_error() { Err(io::Error::from_raw_os_error(r.as_usize())) } else { Ok(()) } + } +} + +extern "efiapi" fn toggle_atomic_flag(_: r_efi::efi::Event, ctx: *mut crate::ffi::c_void) { + let flag = unsafe { AtomicBool::from_ptr(ctx.cast()) }; + flag.store(true, Ordering::Relaxed); +} diff --git a/library/std/src/sys/os_str/bytes.rs b/library/std/src/sys/os_str/bytes.rs index 4a8808c9230..f8ab4543a3a 100644 --- a/library/std/src/sys/os_str/bytes.rs +++ b/library/std/src/sys/os_str/bytes.rs @@ -115,7 +115,7 @@ impl Buf { } #[inline] - pub fn from_string(s: String) -> Buf { + pub const fn from_string(s: String) -> Buf { Buf { inner: s.into_bytes() } } diff --git a/library/std/src/sys/os_str/wtf8.rs b/library/std/src/sys/os_str/wtf8.rs index 5174ea65d0c..bbc704ebf86 100644 --- a/library/std/src/sys/os_str/wtf8.rs +++ b/library/std/src/sys/os_str/wtf8.rs @@ -92,7 +92,7 @@ impl Buf { } #[inline] - pub fn from_string(s: String) -> Buf { + pub const fn from_string(s: String) -> Buf { Buf { inner: Wtf8Buf::from_string(s) } } @@ -215,9 +215,9 @@ impl Buf { /// The slice must be valid for the platform encoding (as described in /// [`Slice::from_encoded_bytes_unchecked`]). /// - /// This bypasses the WTF-8 surrogate joining, so `self` must not end with a - /// leading surrogate half and `other` must not start with with a trailing - /// surrogate half. + /// This bypasses the WTF-8 surrogate joining, so either `self` must not + /// end with a leading surrogate half, or `other` must not start with a + /// trailing surrogate half. #[inline] pub unsafe fn extend_from_slice_unchecked(&mut self, other: &[u8]) { self.inner.extend_from_slice(other); diff --git a/library/std/src/sys/pal/uefi/helpers.rs b/library/std/src/sys/pal/uefi/helpers.rs index 6ee3e0a8b66..e47263348db 100644 --- a/library/std/src/sys/pal/uefi/helpers.rs +++ b/library/std/src/sys/pal/uefi/helpers.rs @@ -653,7 +653,6 @@ pub(crate) struct ServiceProtocol { } impl ServiceProtocol { - #[expect(dead_code)] pub(crate) fn open(service_guid: r_efi::efi::Guid) -> io::Result<Self> { let handles = locate_handles(service_guid)?; @@ -670,7 +669,6 @@ impl ServiceProtocol { Err(io::const_error!(io::ErrorKind::NotFound, "no service binding protocol found")) } - #[expect(dead_code)] pub(crate) fn child_handle(&self) -> NonNull<crate::ffi::c_void> { self.child_handle } @@ -732,6 +730,10 @@ impl OwnedEvent { } } + pub(crate) fn as_ptr(&self) -> efi::Event { + self.0.as_ptr() + } + pub(crate) fn into_raw(self) -> *mut crate::ffi::c_void { let r = self.0.as_ptr(); crate::mem::forget(self); @@ -755,3 +757,7 @@ impl Drop for OwnedEvent { } } } + +pub(crate) const fn ipv4_to_r_efi(addr: crate::net::Ipv4Addr) -> efi::Ipv4Address { + efi::Ipv4Address { addr: addr.octets() } +} diff --git a/library/std/src/sys/pal/unix/os.rs b/library/std/src/sys/pal/unix/os.rs index 48609030aed..850bdfdf5b5 100644 --- a/library/std/src/sys/pal/unix/os.rs +++ b/library/std/src/sys/pal/unix/os.rs @@ -282,7 +282,7 @@ pub fn current_exe() -> io::Result<PathBuf> { return getcwd().map(|cwd| cwd.join(path))?.canonicalize(); } // Search PATH to infer current_exe. - if let Some(p) = getenv(OsStr::from_bytes("PATH".as_bytes())) { + if let Some(p) = env::var_os(OsStr::from_bytes("PATH".as_bytes())) { for search_path in split_paths(&p) { let pb = search_path.join(&path); if pb.is_file() diff --git a/library/std/src/sys/pal/windows/c/bindings.txt b/library/std/src/sys/pal/windows/c/bindings.txt index d5fbb453c6f..a99c474c763 100644 --- a/library/std/src/sys/pal/windows/c/bindings.txt +++ b/library/std/src/sys/pal/windows/c/bindings.txt @@ -2156,6 +2156,7 @@ GetExitCodeProcess GetFileAttributesW GetFileInformationByHandle GetFileInformationByHandleEx +GetFileSizeEx GetFileType GETFINALPATHNAMEBYHANDLE_FLAGS GetFinalPathNameByHandleW diff --git a/library/std/src/sys/pal/windows/c/windows_sys.rs b/library/std/src/sys/pal/windows/c/windows_sys.rs index eb2914b8644..95bf8040229 100644 --- a/library/std/src/sys/pal/windows/c/windows_sys.rs +++ b/library/std/src/sys/pal/windows/c/windows_sys.rs @@ -44,6 +44,7 @@ windows_targets::link!("kernel32.dll" "system" fn GetExitCodeProcess(hprocess : windows_targets::link!("kernel32.dll" "system" fn GetFileAttributesW(lpfilename : PCWSTR) -> u32); windows_targets::link!("kernel32.dll" "system" fn GetFileInformationByHandle(hfile : HANDLE, lpfileinformation : *mut BY_HANDLE_FILE_INFORMATION) -> BOOL); windows_targets::link!("kernel32.dll" "system" fn GetFileInformationByHandleEx(hfile : HANDLE, fileinformationclass : FILE_INFO_BY_HANDLE_CLASS, lpfileinformation : *mut core::ffi::c_void, dwbuffersize : u32) -> BOOL); +windows_targets::link!("kernel32.dll" "system" fn GetFileSizeEx(hfile : HANDLE, lpfilesize : *mut i64) -> BOOL); windows_targets::link!("kernel32.dll" "system" fn GetFileType(hfile : HANDLE) -> FILE_TYPE); windows_targets::link!("kernel32.dll" "system" fn GetFinalPathNameByHandleW(hfile : HANDLE, lpszfilepath : PWSTR, cchfilepath : u32, dwflags : GETFINALPATHNAMEBYHANDLE_FLAGS) -> u32); windows_targets::link!("kernel32.dll" "system" fn GetFullPathNameW(lpfilename : PCWSTR, nbufferlength : u32, lpbuffer : PWSTR, lpfilepart : *mut PWSTR) -> u32); diff --git a/library/std/src/sys/pal/windows/os.rs b/library/std/src/sys/pal/windows/os.rs index 1ebbbec9e91..f331282d2d7 100644 --- a/library/std/src/sys/pal/windows/os.rs +++ b/library/std/src/sys/pal/windows/os.rs @@ -202,8 +202,6 @@ fn home_dir_crt() -> Option<PathBuf> { |buf, mut sz| { // GetUserProfileDirectoryW does not quite use the usual protocol for // negotiating the buffer size, so we have to translate. - // FIXME(#141254): We rely on the *undocumented* property that this function will - // always set the size, not just on failure. match c::GetUserProfileDirectoryW( ptr::without_provenance_mut(CURRENT_PROCESS_TOKEN), buf, diff --git a/library/std/src/sys/personality/gcc.rs b/library/std/src/sys/personality/gcc.rs index b012e47f9aa..75e793f18b8 100644 --- a/library/std/src/sys/personality/gcc.rs +++ b/library/std/src/sys/personality/gcc.rs @@ -86,7 +86,7 @@ const UNWIND_DATA_REG: (i32, i32) = (0, 1); // R0, R1 #[cfg(any(target_arch = "riscv64", target_arch = "riscv32"))] const UNWIND_DATA_REG: (i32, i32) = (10, 11); // x10, x11 -#[cfg(target_arch = "loongarch64")] +#[cfg(any(target_arch = "loongarch32", target_arch = "loongarch64"))] const UNWIND_DATA_REG: (i32, i32) = (4, 5); // a0, a1 // The following code is based on GCC's C and C++ personality routines. For reference, see: diff --git a/library/std/src/sys/process/unix/common.rs b/library/std/src/sys/process/unix/common.rs index a9c2510e6d4..b6777b76668 100644 --- a/library/std/src/sys/process/unix/common.rs +++ b/library/std/src/sys/process/unix/common.rs @@ -1,8 +1,10 @@ #[cfg(all(test, not(target_os = "emscripten")))] mod tests; -use libc::{EXIT_FAILURE, EXIT_SUCCESS, c_char, c_int, gid_t, pid_t, uid_t}; +use libc::{EXIT_FAILURE, EXIT_SUCCESS, c_int, gid_t, pid_t, uid_t}; +pub use self::cstring_array::CStringArray; +use self::cstring_array::CStringIter; use crate::collections::BTreeMap; use crate::ffi::{CStr, CString, OsStr, OsString}; use crate::os::unix::prelude::*; @@ -14,7 +16,9 @@ use crate::sys::fs::OpenOptions; use crate::sys::pipe::{self, AnonPipe}; use crate::sys::process::env::{CommandEnv, CommandEnvs}; use crate::sys_common::{FromInner, IntoInner}; -use crate::{fmt, io, ptr}; +use crate::{fmt, io}; + +mod cstring_array; cfg_if::cfg_if! { if #[cfg(target_os = "fuchsia")] { @@ -77,17 +81,12 @@ cfg_if::cfg_if! { pub struct Command { program: CString, - args: Vec<CString>, - /// Exactly what will be passed to `execvp`. - /// - /// First element is a pointer to `program`, followed by pointers to - /// `args`, followed by a `null`. Be careful when modifying `program` or - /// `args` to properly update this as well. - argv: Argv, + args: CStringArray, env: CommandEnv, program_kind: ProgramKind, cwd: Option<CString>, + chroot: Option<CString>, uid: Option<uid_t>, gid: Option<gid_t>, saw_nul: bool, @@ -101,14 +100,6 @@ pub struct Command { pgroup: Option<pid_t>, } -// Create a new type for argv, so that we can make it `Send` and `Sync` -struct Argv(Vec<*const c_char>); - -// It is safe to make `Argv` `Send` and `Sync`, because it contains -// pointers to memory owned by `Command.args` -unsafe impl Send for Argv {} -unsafe impl Sync for Argv {} - // passed back to std::process with the pipes connected to the child, if any // were requested pub struct StdioPipes { @@ -170,42 +161,19 @@ impl ProgramKind { } impl Command { - #[cfg(not(target_os = "linux"))] pub fn new(program: &OsStr) -> Command { let mut saw_nul = false; let program_kind = ProgramKind::new(program.as_ref()); let program = os2c(program, &mut saw_nul); + let mut args = CStringArray::with_capacity(1); + args.push(program.clone()); Command { - argv: Argv(vec![program.as_ptr(), ptr::null()]), - args: vec![program.clone()], program, - program_kind, + args, env: Default::default(), - cwd: None, - uid: None, - gid: None, - saw_nul, - closures: Vec::new(), - groups: None, - stdin: None, - stdout: None, - stderr: None, - pgroup: None, - } - } - - #[cfg(target_os = "linux")] - pub fn new(program: &OsStr) -> Command { - let mut saw_nul = false; - let program_kind = ProgramKind::new(program.as_ref()); - let program = os2c(program, &mut saw_nul); - Command { - argv: Argv(vec![program.as_ptr(), ptr::null()]), - args: vec![program.clone()], - program, program_kind, - env: Default::default(), cwd: None, + chroot: None, uid: None, gid: None, saw_nul, @@ -214,6 +182,7 @@ impl Command { stdin: None, stdout: None, stderr: None, + #[cfg(target_os = "linux")] create_pidfd: false, pgroup: None, } @@ -222,20 +191,11 @@ impl Command { pub fn set_arg_0(&mut self, arg: &OsStr) { // Set a new arg0 let arg = os2c(arg, &mut self.saw_nul); - debug_assert!(self.argv.0.len() > 1); - self.argv.0[0] = arg.as_ptr(); - self.args[0] = arg; + self.args.write(0, arg); } pub fn arg(&mut self, arg: &OsStr) { - // Overwrite the trailing null pointer in `argv` and then add a new null - // pointer. let arg = os2c(arg, &mut self.saw_nul); - self.argv.0[self.args.len()] = arg.as_ptr(); - self.argv.0.push(ptr::null()); - - // Also make sure we keep track of the owned value to schedule a - // destructor for this memory. self.args.push(arg); } @@ -254,6 +214,12 @@ impl Command { pub fn pgroup(&mut self, pgroup: pid_t) { self.pgroup = Some(pgroup); } + pub fn chroot(&mut self, dir: &Path) { + self.chroot = Some(os2c(dir.as_os_str(), &mut self.saw_nul)); + if self.cwd.is_none() { + self.cwd(&OsStr::new("/")); + } + } #[cfg(target_os = "linux")] pub fn create_pidfd(&mut self, val: bool) { @@ -286,6 +252,8 @@ impl Command { pub fn get_args(&self) -> CommandArgs<'_> { let mut iter = self.args.iter(); + // argv[0] contains the program name, but we are only interested in the + // arguments so skip it. iter.next(); CommandArgs { iter } } @@ -298,12 +266,12 @@ impl Command { self.cwd.as_ref().map(|cs| Path::new(OsStr::from_bytes(cs.as_bytes()))) } - pub fn get_argv(&self) -> &Vec<*const c_char> { - &self.argv.0 + pub fn get_argv(&self) -> &CStringArray { + &self.args } pub fn get_program_cstr(&self) -> &CStr { - &*self.program + &self.program } #[allow(dead_code)] @@ -326,6 +294,10 @@ impl Command { pub fn get_pgroup(&self) -> Option<pid_t> { self.pgroup } + #[allow(dead_code)] + pub fn get_chroot(&self) -> Option<&CStr> { + self.chroot.as_deref() + } pub fn get_closures(&mut self) -> &mut Vec<Box<dyn FnMut() -> io::Result<()> + Send + Sync>> { &mut self.closures @@ -392,32 +364,6 @@ fn os2c(s: &OsStr, saw_nul: &mut bool) -> CString { }) } -// Helper type to manage ownership of the strings within a C-style array. -pub struct CStringArray { - items: Vec<CString>, - ptrs: Vec<*const c_char>, -} - -impl CStringArray { - pub fn with_capacity(capacity: usize) -> Self { - let mut result = CStringArray { - items: Vec::with_capacity(capacity), - ptrs: Vec::with_capacity(capacity + 1), - }; - result.ptrs.push(ptr::null()); - result - } - pub fn push(&mut self, item: CString) { - let l = self.ptrs.len(); - self.ptrs[l - 1] = item.as_ptr(); - self.ptrs.push(ptr::null()); - self.items.push(item); - } - pub fn as_ptr(&self) -> *const *const c_char { - self.ptrs.as_ptr() - } -} - fn construct_envp(env: BTreeMap<OsString, OsString>, saw_nul: &mut bool) -> CStringArray { let mut result = CStringArray::with_capacity(env.len()); for (mut k, v) in env { @@ -606,14 +552,16 @@ impl fmt::Debug for Command { write!(f, "{}={value:?} ", key.to_string_lossy())?; } } - if self.program != self.args[0] { + + if *self.program != self.args[0] { write!(f, "[{:?}] ", self.program)?; } - write!(f, "{:?}", self.args[0])?; + write!(f, "{:?}", &self.args[0])?; - for arg in &self.args[1..] { + for arg in self.get_args() { write!(f, " {:?}", arg)?; } + Ok(()) } } @@ -645,14 +593,16 @@ impl From<u8> for ExitCode { } pub struct CommandArgs<'a> { - iter: crate::slice::Iter<'a, CString>, + iter: CStringIter<'a>, } impl<'a> Iterator for CommandArgs<'a> { type Item = &'a OsStr; + fn next(&mut self) -> Option<&'a OsStr> { - self.iter.next().map(|cs| OsStr::from_bytes(cs.as_bytes())) + self.iter.next().map(|cs| OsStr::from_bytes(cs.to_bytes())) } + fn size_hint(&self) -> (usize, Option<usize>) { self.iter.size_hint() } @@ -662,6 +612,7 @@ impl<'a> ExactSizeIterator for CommandArgs<'a> { fn len(&self) -> usize { self.iter.len() } + fn is_empty(&self) -> bool { self.iter.is_empty() } diff --git a/library/std/src/sys/process/unix/common/cstring_array.rs b/library/std/src/sys/process/unix/common/cstring_array.rs new file mode 100644 index 00000000000..1c840a85df9 --- /dev/null +++ b/library/std/src/sys/process/unix/common/cstring_array.rs @@ -0,0 +1,115 @@ +use crate::ffi::{CStr, CString, c_char}; +use crate::ops::Index; +use crate::{fmt, mem, ptr}; + +/// Helper type to manage ownership of the strings within a C-style array. +/// +/// This type manages an array of C-string pointers terminated by a null +/// pointer. The pointer to the array (as returned by `as_ptr`) can be used as +/// a value of `argv` or `environ`. +pub struct CStringArray { + ptrs: Vec<*const c_char>, +} + +impl CStringArray { + /// Creates a new `CStringArray` with enough capacity to hold `capacity` + /// strings. + pub fn with_capacity(capacity: usize) -> Self { + let mut result = CStringArray { ptrs: Vec::with_capacity(capacity + 1) }; + result.ptrs.push(ptr::null()); + result + } + + /// Replace the string at position `index`. + pub fn write(&mut self, index: usize, item: CString) { + let argc = self.ptrs.len() - 1; + let ptr = &mut self.ptrs[..argc][index]; + let old = mem::replace(ptr, item.into_raw()); + // SAFETY: + // `CStringArray` owns all of its strings, and they were all transformed + // into pointers using `CString::into_raw`. Also, this is not the null + // pointer since the indexing above would have failed. + drop(unsafe { CString::from_raw(old.cast_mut()) }); + } + + /// Push an additional string to the array. + pub fn push(&mut self, item: CString) { + let argc = self.ptrs.len() - 1; + // Replace the null pointer at the end of the array... + self.ptrs[argc] = item.into_raw(); + // ... and recreate it to restore the data structure invariant. + self.ptrs.push(ptr::null()); + } + + /// Returns a pointer to the C-string array managed by this type. + pub fn as_ptr(&self) -> *const *const c_char { + self.ptrs.as_ptr() + } + + /// Returns an iterator over all `CStr`s contained in this array. + pub fn iter(&self) -> CStringIter<'_> { + CStringIter { iter: self.ptrs[..self.ptrs.len() - 1].iter() } + } +} + +impl Index<usize> for CStringArray { + type Output = CStr; + fn index(&self, index: usize) -> &CStr { + let ptr = self.ptrs[..self.ptrs.len() - 1][index]; + // SAFETY: + // `CStringArray` owns all of its strings. Also, this is not the null + // pointer since the indexing above would have failed. + unsafe { CStr::from_ptr(ptr) } + } +} + +impl fmt::Debug for CStringArray { + fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { + f.debug_list().entries(self.iter()).finish() + } +} + +// SAFETY: `CStringArray` is basically just a `Vec<CString>` +unsafe impl Send for CStringArray {} +// SAFETY: `CStringArray` is basically just a `Vec<CString>` +unsafe impl Sync for CStringArray {} + +impl Drop for CStringArray { + fn drop(&mut self) { + // SAFETY: + // `CStringArray` owns all of its strings, and they were all transformed + // into pointers using `CString::into_raw`. + self.ptrs[..self.ptrs.len() - 1] + .iter() + .for_each(|&p| drop(unsafe { CString::from_raw(p.cast_mut()) })) + } +} + +/// An iterator over all `CStr`s contained in a `CStringArray`. +#[derive(Clone)] +pub struct CStringIter<'a> { + iter: crate::slice::Iter<'a, *const c_char>, +} + +impl<'a> Iterator for CStringIter<'a> { + type Item = &'a CStr; + fn next(&mut self) -> Option<&'a CStr> { + // SAFETY: + // `CStringArray` owns all of its strings. Also, this is not the null + // pointer since the last element is excluded when creating `iter`. + self.iter.next().map(|&p| unsafe { CStr::from_ptr(p) }) + } + + fn size_hint(&self) -> (usize, Option<usize>) { + self.iter.size_hint() + } +} + +impl<'a> ExactSizeIterator for CStringIter<'a> { + fn len(&self) -> usize { + self.iter.len() + } + fn is_empty(&self) -> bool { + self.iter.is_empty() + } +} diff --git a/library/std/src/sys/process/unix/unix.rs b/library/std/src/sys/process/unix/unix.rs index 1b3bd2de265..4f595ac9a1c 100644 --- a/library/std/src/sys/process/unix/unix.rs +++ b/library/std/src/sys/process/unix/unix.rs @@ -323,6 +323,15 @@ impl Command { cvt(libc::setuid(u as uid_t))?; } } + if let Some(chroot) = self.get_chroot() { + #[cfg(not(target_os = "fuchsia"))] + cvt(libc::chroot(chroot.as_ptr()))?; + #[cfg(target_os = "fuchsia")] + return Err(io::const_error!( + io::ErrorKind::Unsupported, + "chroot not supported by fuchsia" + )); + } if let Some(cwd) = self.get_cwd() { cvt(libc::chdir(cwd.as_ptr()))?; } @@ -447,6 +456,7 @@ impl Command { || (self.env_saw_path() && !self.program_is_path()) || !self.get_closures().is_empty() || self.get_groups().is_some() + || self.get_chroot().is_some() { return Ok(None); } diff --git a/library/std/src/sys/process/unix/vxworks.rs b/library/std/src/sys/process/unix/vxworks.rs index fab3b36ebf3..f33b4a375da 100644 --- a/library/std/src/sys/process/unix/vxworks.rs +++ b/library/std/src/sys/process/unix/vxworks.rs @@ -27,6 +27,12 @@ impl Command { "nul byte found in provided data", )); } + if self.get_chroot().is_some() { + return Err(io::const_error!( + ErrorKind::Unsupported, + "chroot not supported by vxworks", + )); + } let (ours, theirs) = self.setup_io(default, needs_stdin)?; let mut p = Process { pid: 0, status: None }; diff --git a/library/std/src/sys/sync/mutex/futex.rs b/library/std/src/sys/sync/mutex/futex.rs index ce9b2daa5f8..70e2ea9f605 100644 --- a/library/std/src/sys/sync/mutex/futex.rs +++ b/library/std/src/sys/sync/mutex/futex.rs @@ -19,11 +19,15 @@ impl Mutex { } #[inline] + // Make this a diagnostic item for Miri's concurrency model checker. + #[cfg_attr(not(test), rustc_diagnostic_item = "sys_mutex_try_lock")] pub fn try_lock(&self) -> bool { self.futex.compare_exchange(UNLOCKED, LOCKED, Acquire, Relaxed).is_ok() } #[inline] + // Make this a diagnostic item for Miri's concurrency model checker. + #[cfg_attr(not(test), rustc_diagnostic_item = "sys_mutex_lock")] pub fn lock(&self) { if self.futex.compare_exchange(UNLOCKED, LOCKED, Acquire, Relaxed).is_err() { self.lock_contended(); @@ -80,6 +84,8 @@ impl Mutex { } #[inline] + // Make this a diagnostic item for Miri's concurrency model checker. + #[cfg_attr(not(test), rustc_diagnostic_item = "sys_mutex_unlock")] pub unsafe fn unlock(&self) { if self.futex.swap(UNLOCKED, Release) == CONTENDED { // We only wake up one thread. When that thread locks the mutex, it diff --git a/library/std/src/sys/sync/mutex/pthread.rs b/library/std/src/sys/sync/mutex/pthread.rs index 75b4b9c6dad..a7a3b47d0ec 100644 --- a/library/std/src/sys/sync/mutex/pthread.rs +++ b/library/std/src/sys/sync/mutex/pthread.rs @@ -6,7 +6,7 @@ use crate::sys::pal::sync as pal; use crate::sys::sync::OnceBox; pub struct Mutex { - pub pal: OnceBox<pal::Mutex>, + pub(in crate::sys::sync) pal: OnceBox<pal::Mutex>, } impl Mutex { @@ -28,6 +28,8 @@ impl Mutex { } #[inline] + // Make this a diagnostic item for Miri's concurrency model checker. + #[cfg_attr(not(test), rustc_diagnostic_item = "sys_mutex_lock")] pub fn lock(&self) { // SAFETY: we call `init` above, therefore reentrant locking is safe. // In `drop` we ensure that the mutex is not destroyed while locked. @@ -35,6 +37,8 @@ impl Mutex { } #[inline] + // Make this a diagnostic item for Miri's concurrency model checker. + #[cfg_attr(not(test), rustc_diagnostic_item = "sys_mutex_unlock")] pub unsafe fn unlock(&self) { // SAFETY: the mutex can only be locked if it is already initialized // and we observed this initialization since we observed the locking. @@ -42,6 +46,8 @@ impl Mutex { } #[inline] + // Make this a diagnostic item for Miri's concurrency model checker. + #[cfg_attr(not(test), rustc_diagnostic_item = "sys_mutex_try_lock")] pub fn try_lock(&self) -> bool { // SAFETY: we call `init` above, therefore reentrant locking is safe. // In `drop` we ensure that the mutex is not destroyed while locked. diff --git a/library/std/src/sys/thread_local/guard/key.rs b/library/std/src/sys/thread_local/guard/key.rs index 59581e6f281..f91471419c1 100644 --- a/library/std/src/sys/thread_local/guard/key.rs +++ b/library/std/src/sys/thread_local/guard/key.rs @@ -32,7 +32,7 @@ pub fn enable() { /// On platforms with key-based TLS, the system runs the destructors for us. /// We still have to make sure that [`crate::rt::thread_cleanup`] is called, -/// however. This is done by defering the execution of a TLS destructor to +/// however. This is done by deferring the execution of a TLS destructor to /// the next round of destruction inside the TLS destructors. #[cfg(not(target_thread_local))] pub fn enable() { @@ -46,7 +46,7 @@ pub fn enable() { unsafe extern "C" fn run(state: *mut u8) { if state == DEFER { // Make sure that this function is run again in the next round of - // TLS destruction. If there is no futher round, there will be leaks, + // TLS destruction. If there is no further round, there will be leaks, // but that's okay, `thread_cleanup` is not guaranteed to be called. unsafe { set(CLEANUP.force(), RUN) } } else { diff --git a/library/std/src/sys/thread_local/key/unix.rs b/library/std/src/sys/thread_local/key/unix.rs index 93bd0d1f668..8fa24265e43 100644 --- a/library/std/src/sys/thread_local/key/unix.rs +++ b/library/std/src/sys/thread_local/key/unix.rs @@ -25,7 +25,9 @@ pub type Key = libc::pthread_key_t; #[inline] pub fn create(dtor: Option<unsafe extern "C" fn(*mut u8)>) -> Key { let mut key = 0; - assert_eq!(unsafe { libc::pthread_key_create(&mut key, mem::transmute(dtor)) }, 0); + if unsafe { libc::pthread_key_create(&mut key, mem::transmute(dtor)) } != 0 { + rtabort!("out of TLS keys"); + } key } diff --git a/library/std/src/sys/thread_local/key/windows.rs b/library/std/src/sys/thread_local/key/windows.rs index c34c7bc204f..2ff0fd1196e 100644 --- a/library/std/src/sys/thread_local/key/windows.rs +++ b/library/std/src/sys/thread_local/key/windows.rs @@ -81,15 +81,10 @@ impl LazyKey { } else { let key = unsafe { c::TlsAlloc() }; if key == c::TLS_OUT_OF_INDEXES { - // Wakeup the waiting threads before panicking to avoid deadlock. - unsafe { - c::InitOnceComplete( - self.once.get(), - c::INIT_ONCE_INIT_FAILED, - ptr::null_mut(), - ); - } - panic!("out of TLS indexes"); + // Since we abort the process, there is no need to wake up + // the waiting threads. If this were a panic, the wakeup + // would need to occur first in order to avoid deadlock. + rtabort!("out of TLS indexes"); } unsafe { @@ -112,7 +107,9 @@ impl LazyKey { // If there is no destructor to clean up, we can use racy initialization. let key = unsafe { c::TlsAlloc() }; - assert_ne!(key, c::TLS_OUT_OF_INDEXES, "out of TLS indexes"); + if key == c::TLS_OUT_OF_INDEXES { + rtabort!("out of TLS indexes"); + } match self.key.compare_exchange(0, key + 1, AcqRel, Acquire) { Ok(_) => key, diff --git a/library/std/src/sys/thread_local/native/lazy.rs b/library/std/src/sys/thread_local/native/lazy.rs index 51294285ba0..b556dd9aa25 100644 --- a/library/std/src/sys/thread_local/native/lazy.rs +++ b/library/std/src/sys/thread_local/native/lazy.rs @@ -1,9 +1,9 @@ -use crate::cell::UnsafeCell; -use crate::hint::unreachable_unchecked; +use crate::cell::{Cell, UnsafeCell}; +use crate::mem::MaybeUninit; use crate::ptr; use crate::sys::thread_local::{abort_on_dtor_unwind, destructors}; -pub unsafe trait DestroyedState: Sized { +pub unsafe trait DestroyedState: Sized + Copy { fn register_dtor<T>(s: &Storage<T, Self>); } @@ -19,15 +19,17 @@ unsafe impl DestroyedState for () { } } -enum State<T, D> { - Initial, - Alive(T), +#[derive(Copy, Clone)] +enum State<D> { + Uninitialized, + Alive, Destroyed(D), } #[allow(missing_debug_implementations)] pub struct Storage<T, D> { - state: UnsafeCell<State<T, D>>, + state: Cell<State<D>>, + value: UnsafeCell<MaybeUninit<T>>, } impl<T, D> Storage<T, D> @@ -35,7 +37,10 @@ where D: DestroyedState, { pub const fn new() -> Storage<T, D> { - Storage { state: UnsafeCell::new(State::Initial) } + Storage { + state: Cell::new(State::Uninitialized), + value: UnsafeCell::new(MaybeUninit::uninit()), + } } /// Gets a pointer to the TLS value, potentially initializing it with the @@ -49,35 +54,49 @@ where /// The `self` reference must remain valid until the TLS destructor is run. #[inline] pub unsafe fn get_or_init(&self, i: Option<&mut Option<T>>, f: impl FnOnce() -> T) -> *const T { - let state = unsafe { &*self.state.get() }; - match state { - State::Alive(v) => v, - State::Destroyed(_) => ptr::null(), - State::Initial => unsafe { self.initialize(i, f) }, + if let State::Alive = self.state.get() { + self.value.get().cast() + } else { + unsafe { self.get_or_init_slow(i, f) } } } + /// # Safety + /// The `self` reference must remain valid until the TLS destructor is run. #[cold] - unsafe fn initialize(&self, i: Option<&mut Option<T>>, f: impl FnOnce() -> T) -> *const T { - // Perform initialization + unsafe fn get_or_init_slow( + &self, + i: Option<&mut Option<T>>, + f: impl FnOnce() -> T, + ) -> *const T { + match self.state.get() { + State::Uninitialized => {} + State::Alive => return self.value.get().cast(), + State::Destroyed(_) => return ptr::null(), + } let v = i.and_then(Option::take).unwrap_or_else(f); - let old = unsafe { self.state.get().replace(State::Alive(v)) }; - match old { + // SAFETY: we cannot be inside a `LocalKey::with` scope, as the initializer + // has already returned and the next scope only starts after we return + // the pointer. Therefore, there can be no references to the old value, + // even if it was initialized. Thus because we are !Sync we have exclusive + // access to self.value and may replace it. + let mut old_value = unsafe { self.value.get().replace(MaybeUninit::new(v)) }; + match self.state.replace(State::Alive) { // If the variable is not being recursively initialized, register // the destructor. This might be a noop if the value does not need // destruction. - State::Initial => D::register_dtor(self), - // Else, drop the old value. This might be changed to a panic. - val => drop(val), - } + State::Uninitialized => D::register_dtor(self), - // SAFETY: the state was just set to `Alive` - unsafe { - let State::Alive(v) = &*self.state.get() else { unreachable_unchecked() }; - v + // Recursive initialization, we only need to drop the old value + // as we've already registered the destructor. + State::Alive => unsafe { old_value.assume_init_drop() }, + + State::Destroyed(_) => unreachable!(), } + + self.value.get().cast() } } @@ -92,9 +111,12 @@ unsafe extern "C" fn destroy<T>(ptr: *mut u8) { // Print a nice abort message if a panic occurs. abort_on_dtor_unwind(|| { let storage = unsafe { &*(ptr as *const Storage<T, ()>) }; - // Update the state before running the destructor as it may attempt to - // access the variable. - let val = unsafe { storage.state.get().replace(State::Destroyed(())) }; - drop(val); + if let State::Alive = storage.state.replace(State::Destroyed(())) { + // SAFETY: we ensured the state was Alive so the value was initialized. + // We also updated the state to Destroyed to prevent the destructor + // from accessing the thread-local variable, as this would violate + // the exclusive access provided by &mut T in Drop::drop. + unsafe { (*storage.value.get()).assume_init_drop() } + } }) } diff --git a/library/std/src/sys_common/wtf8.rs b/library/std/src/sys_common/wtf8.rs index f9ec112b197..50bde88b5a4 100644 --- a/library/std/src/sys_common/wtf8.rs +++ b/library/std/src/sys_common/wtf8.rs @@ -209,7 +209,7 @@ impl Wtf8Buf { /// /// Since WTF-8 is a superset of UTF-8, this always succeeds. #[inline] - pub fn from_string(string: String) -> Wtf8Buf { + pub const fn from_string(string: String) -> Wtf8Buf { Wtf8Buf { bytes: string.into_bytes(), is_known_utf8: true } } |