SGX target: Expose thread id function in os module
In order to call `std::os::fortanix_sgx::usercalls::send`, you need the thread id. This exposes it through another function in `std::os::fortanix_sgx`.
I looked at how other platforms do this. On Windows and `cfg(unix)` you can get the OS handle from a `thread::JoinHandle`, but that's not sufficient, I need it for a `thread::Thread`. In the future, this functionality could be added to `thread::Thread` and this platform can follow suit.
r? @joshtriplett
Change `std::fs::copy` to use `copyfile` on MacOS and iOS
`copyfile` on MacOS is similar to `CopyFileEx` on Windows. It supports copying resource forks, extended attributes, and file ACLs, none of which are copied by the current generic unix implementation.
The API is available from MacOS 10.7 and iOS 4.3 (and possibly earlier but I haven't checked).
Closes#58895.
std: Spin for a global malloc lock on wasm32
There's lots of comments in the code, but the main gist of this commit
is that the acquisition of the global malloc lock on the
`wasm32-unknown-unknown` target when threads are enabled will not spin
on contention rather than block.
There's lots of comments in the code, but the main gist of this commit
is that the acquisition of the global malloc lock on the
`wasm32-unknown-unknown` target when threads are enabled will not spin
on contention rather than block.
Set secure flags when opening a named pipe on Windows
Fixes https://github.com/rust-lang/rust/issues/42036, see also the previous attempt in https://github.com/rust-lang/rust/pull/44556.
Whether this is correct depends on if it is somehow possible to create a symlink to a named pipe, outside the named pipe filesystem (NPFS). But as far as I can tell that should be impossible.
Also fixes that `security_qos_flags(SECURITY_ANONYMOUS)` does not set the `SECURITY_SQOS_PRESENT` flag, and the incorrect documentation about the default value of `security_qos_flags`.
Add vectored read and write support
This functionality has lived for a while in the tokio ecosystem, where
it can improve performance by minimizing copies.
r? @alexcrichton
Refactor Windows stdio and remove stdin double buffering
I was looking for something nice and small to work on, tried to tackle a few FIXME's in Windows stdio, and things grew from there.
This part of the standard library contains some tricky code, and has changed over the years to handle more corner cases. It could use some refactoring and extra comments.
Changes/fixes:
- Made `StderrRaw` `pub(crate)`, to remove the `Write` implementations on `sys::Stderr` (used unsynchronised for panic output).
- Remove the unused `Read` implementation on `sys::windows::stdin`
- The `windows::stdio::Output` enum made sense when we cached the handles, but we can use simple functions like `is_console` now that we get the handle on every read/write
- `write` can now calculate the number of written bytes as UTF-8 when we can't write all `u16`s.
- If `write` could only write one half of a surrogate pair, attempt another write for the other because user code can't reslice in any way that would allow us to write it otherwise.
- Removed the double buffering on stdin. Documentation on the unexposed `StdinRaw` says: 'This handle is not synchronized or buffered in any fashion'; which is now true.
- `sys::windows::Stdin` now always only partially fills its buffer, so we can guarantee any arbitrary UTF-16 can be re-encoded without losing any data.
- `sys::windows::STDIN_BUF_SIZE` is slightly larger to compensate. There should be no real change in the number of syscalls the buffered `Stdin` does. This buffer is a little larger, while the extra buffer on Stdin is gone.
- `sys::windows::Stdin` now attempts to handle unpaired surrogates at its buffer boundary.
- `sys::windows::Stdin` no langer allocates for its buffer, but the UTF-16 decoding still does.
### Testing
I did some manual testing of reading and writing to console. The console does support UTF-16 in some sense, but doesn't supporting displaying characters outside the BMP.
- compile stage 1 stdlib with a tiny value for `MAX_BUFFER_SIZE` to make it easier to catch corner cases
- run a simple test program that reads on stdin, and echo's to stdout
- write some lines with plenty of ASCII and emoji in a text editor
- copy and paste in console to stdin
- return with `\r\n\` or CTRL-Z
- copy and paste in text editor
- check it round-trips
-----
Fixes https://github.com/rust-lang/rust/issues/23344. All but one of the suggestions in that issue are now implemented. the missing one is:
> * When reading data, we require the entire set of input to be valid UTF-16. We should instead attempt to read as much of the input as possible as valid UTF-16, only returning an error for the actual invalid elements. For example if we read 10 elements, 5 of which are valid UTF-16, the 6th is bad, and then the remaining are all valid UTF-16, we should probably return the first 5 on a call to `read`, then return an error, then return the remaining on the next call to `read`.
Stdin in Console mode is dealing with text directly input by a user. In my opinion getting an unpaired surrogate is quite unlikely in that case, and a valid reason to error on the entire line of input (which is probably short). Dealing with it is incompatible with an unbuffered stdin, which seems the more interesting guarantee to me.
Simplify the unix `Weak` functionality
- We can avoid allocation by adding a NUL to the function name.
- We can get `Option<F>` directly, rather than aliasing the inner `AtomicUsize`.
Use posix_spawn_file_actions_addchdir_np when possible
This is a non-POSIX extension implemented in Solaris and in glibc 2.29.
With this we can still use `posix_spawn()` when `Command::current_dir()`
has been set, otherwise we fallback to `fork(); chdir(); exec()`.
This is a non-POSIX extension implemented in Solaris and in glibc 2.29.
With this we can still use `posix_spawn()` when `Command::current_dir()`
has been set, otherwise we fallback to `fork(); chdir(); exec()`.
SGX target: simplify usercall internals
This moves logic from assembly to Rust and removes the special case for exit/panic handling, merging it with regular usercall handling.
Also, this fixes a bug in the exit usercall introduced in a75ae00. The bug would make regular exits look like panics with high probability. It would also with some probability leak information through uncleared registers.
cc @VardhanThigle
r? @alexcrichton
Cosmetic improvements to doc comments
This has been factored out from https://github.com/rust-lang/rust/pull/58036 to only include changes to documentation comments (throughout the rustc codebase).
r? @steveklabnik
Once you're happy with this, maybe we could get it through with r=1, so it doesn't constantly get invalidated? (I'm not sure this will be an issue, but just in case...) Anyway, thanks for your advice so far!
Rollup of 16 pull requests
Successful merges:
- #57259 (Update reference of rlibc crate to compiler-builtins crate)
- #57740 (Use `to_ne_bytes` for converting IPv4Addr to octets)
- #57926 (Tiny expansion to docs for `core::convert`.)
- #58157 (Add Cargo.lock automatically adding message)
- #58203 (rustdoc: display sugared return types for async functions)
- #58243 (Add trait alias support in rustdoc)
- #58262 (Add #[must_use] message to Fn* traits)
- #58295 (std::sys::unix::stdio: explain why we do into_raw)
- #58297 (Cleanup JS a bit)
- #58317 (Some writing improvement, conciseness of intro)
- #58324 (miri: give non-generic functions a stable address)
- #58332 (operand-to-place copies should never be overlapping)
- #58345 (When there are multiple filenames, print what got interpreted as filenames)
- #58346 (rpath computation: explain why we pop())
- #58350 (Fix failing tidy (line endings on Windows))
- #58352 (miri value visitor: use `?` in macro)
Failed merges:
r? @ghost
Improve error message and docs for non-UTF-8 bytes in stdio on Windows
This should make debugging problems like abonander/multipart#106 significantly more straightforward in the future.
cc #23344, @retep998 @alexcrichton
Not sure who do r? so I'll let rust-highfive pick one.
This moves logic from assembly to Rust and removes the special
case for exit/panic handling, merging it with regular usercall
handling.
Also, this fixes a bug in the exit usercall introduced in a75ae00.
The bug would make regular exits look like panics with high
probability. It would also with some probability leak information
through uncleared registers.
