bors [Thu, 11 Feb 2016 01:54:15 +0000 (01:54 +0000)]
Auto merge of #31479 - kamalmarhubi:fmt-pointer-unsized, r=alexcrichton
This allows printing pointers to unsized types with the {:p} formatting
directive. The following impls are extended to unsized types:
- impl<'a, T: ?Sized> Pointer for &'a T
- impl<'a, T: ?Sized> Pointer for &'a mut T
- impl<T: ?Sized> Pointer for *const T
- impl<T: ?Sized> Pointer for *mut T
- impl<T: ?Sized> fmt::Pointer for Box<T>
- impl<T: ?Sized> fmt::Pointer for Rc<T>
- impl<T: ?Sized> fmt::Pointer for Arc<T>
bors [Wed, 10 Feb 2016 22:51:43 +0000 (22:51 +0000)]
Auto merge of #31409 - alexcrichton:command-exec, r=aturon
These commits are an implementation of https://github.com/rust-lang/rfcs/pull/1359 which is tracked via https://github.com/rust-lang/rust/issues/31398. The `before_exec` implementation fit easily with the current process spawning framework we have, but unfortunately the `exec` implementation required a bit of a larger refactoring. The stdio handles were all largely managed as implementation details of `std::process` and the `exec` function lived in `std::sys`, so the two didn't have access to one another.
I took this as a sign that a deeper refactoring was necessary, and I personally feel that the end result is cleaner for both Windows and Unix. The commits should be separated nicely for reviewing (or all at once if you're feeling ambitious), but the changes made here were:
* The process spawning on Unix was refactored in to a pre-exec and post-exec function. The post-exec function isn't allowed to do any allocations of any form, and management of transmitting errors back to the parent is managed by the pre-exec function (as it's the one that actually forks).
* Some management of the exit status was pushed into platform-specific modules. On Unix we must cache the return value of `wait` as the pid is consumed after we wait on it, but on Windows we can just keep querying the system because the handle stays valid.
* The `Stdio::None` variant was renamed to `Stdio::Null` to better reflect what it's doing.
* The global lock on `CreateProcess` is now correctly positioned to avoid unintended inheritance of pipe handles that other threads are sending to their child processes. After a more careful reading of the article referenced the race is not in `CreateProcess` itself, but rather the property that handles are unintentionally shared.
* All stdio management now happens in platform-specific modules. This provides a cleaner implementation/interpretation for `FromFraw{Fd,Handle}` for each platform as well as a cleaner transition from a configuration to what-to-do once we actually need to do the spawn.
With these refactorings in place, implementing `before_exec` and `exec` ended up both being pretty trivial! (each in their own commit)
bors [Wed, 10 Feb 2016 20:55:53 +0000 (20:55 +0000)]
Auto merge of #31455 - tmiasko:expected-tokens, r=alexcrichton
Previously when breaking tokens into smaller pieces, the replace_token
function have been used. It replaced current token and updated span
information, but it did not clear the list of expected tokens, neither
did it update remaining info about last token. This could lead to
incorrect error message, like one described in the issue #24780:
Alex Crichton [Thu, 4 Feb 2016 19:16:32 +0000 (11:16 -0800)]
std: Implement CommandExt::exec
This commit implements the `exec` function proposed in [RFC 1359][rfc] which is
a function on the `CommandExt` trait to execute all parts of a `Command::spawn`
without the `fork` on Unix. More details on the function itself can be found in
the comments in the commit.
Alex Crichton [Thu, 4 Feb 2016 19:10:37 +0000 (11:10 -0800)]
std: Push process stdio setup in std::sys
Most of this is platform-specific anyway, and we generally have to jump through
fewer hoops to do the equivalent operation on Windows. One benefit for Windows
today is that this new structure avoids an extra `DuplicateHandle` when creating
pipes. For Unix, however, the behavior should be the same.
Note that this is just a pure refactoring, no functionality was added or
removed.
Alex Crichton [Thu, 4 Feb 2016 17:59:47 +0000 (09:59 -0800)]
std: Lift out Windows' CreateProcess lock a bit
The function `CreateProcess` is not itself unsafe to call from many threads, the
article in question is pointing out that handles can be inherited by unintended
child processes. This is basically the same race as the standard Unix
open-then-set-cloexec race.
Since the intention of the lock is to protect children from inheriting
unintended handles, the lock is now lifted out to before the creation of the
child I/O handles (which will all be inheritable). This will ensure that we only
have one process in Rust at least creating inheritable handles at a time,
preventing unintended inheritance to children.
Alex Crichton [Thu, 4 Feb 2016 02:09:35 +0000 (18:09 -0800)]
std: Push Child's exit status to sys::process
On Unix we have to be careful to not call `waitpid` twice, but we don't have to
be careful on Windows due to the way process handles work there. As a result the
cached `Option<ExitStatus>` is only necessary on Unix, and it's also just an
implementation detail of the Unix module.
At the same time. also update some code in `kill` on Unix to avoid a wonky
waitpid with WNOHANG. This was added in 0e190b9a to solve #13124, but the
`signal(0)` method is not supported any more so there's no need to for this
workaround. I believe that this is no longer necessary as it's not really doing
anything.
Alex Crichton [Thu, 4 Feb 2016 00:55:59 +0000 (16:55 -0800)]
std: Implement CommandExt::before_exec
This is a Unix-specific function which adds the ability to register a closure to
run pre-exec to configure the child process as required (note that these
closures are run post-fork).
Alex Crichton [Sat, 31 Oct 2015 18:09:43 +0000 (11:09 -0700)]
std: Refactor process spawning on Unix
* Build up the argp/envp pointers while the `Command` is being constructed
rather than only when `spawn` is called. This will allow better sharing of
code between fork/exec paths.
* Rename `child_after_fork` to `exec` and have it only perform the exec half of
the spawning. This also means the return type has changed to `io::Error`
rather than `!` to represent errors that happen.
bors [Wed, 10 Feb 2016 17:23:40 +0000 (17:23 +0000)]
Auto merge of #30686 - wesleywiser:rustdoc_display_since, r=steveklabnik
Here's some screenshots after this change:
![screen shot 2016-01-03 at 11 38 30 am](https://cloud.githubusercontent.com/assets/831192/12079661/23da4e38-b20f-11e5-8c84-ba51d7a59c3f.png)
![screen shot 2016-01-03 at 11 40 39 am](https://cloud.githubusercontent.com/assets/831192/12079663/23e00012-b20f-11e5-9f01-408cc8d43687.png)
![screen shot 2016-01-03 at 11 42 17 am](https://cloud.githubusercontent.com/assets/831192/12079662/23dfe6c2-b20f-11e5-9998-53abc643e2ef.png)
I tried to click through the `std` docs and make sure everything that can have stability attributes has it rendered but I'm probably missing some. I'd also appreciate any feedback on the css changes. I had difficulty getting the `since` labels aligning correctly for enum variants. If anyone has a better idea for that, I'd be glad to implement it.
bors [Wed, 10 Feb 2016 14:24:41 +0000 (14:24 +0000)]
Auto merge of #31499 - kamalmarhubi:cfg-flag-invalid-cfgs, r=brson
A spec like `#[cfg(foo(bar))]` is not allowed as an attribute. This
makes the same spec be rejected by the compiler if passed in as a
`--cfg` argument.
bors [Wed, 10 Feb 2016 10:04:46 +0000 (10:04 +0000)]
Auto merge of #31420 - bluss:deque-equality, r=Gankro
collections: Use slice parts in PartialEq for VecDeque
This improves == for VecDeque by using the slice representation.
This will also improve further if codegen for slice comparison improves.
Benchmark run of 1000 u64 elements, comparing for equality (all equal).
Cpu time to compare the vecdeques is reduced to less than 50% of what it
was before.
bors [Wed, 10 Feb 2016 08:03:06 +0000 (08:03 +0000)]
Auto merge of #31494 - alexcrichton:ar-gnu-by-default, r=brson
The compiler currently vendors its own version of "llvm-ar" (not literally the
binary but rather the library support) and uses it for all major targets by
default (e.g. everything defined in `src/librustc_back/target`). All custom
target specs, however, still search for an `ar` tool by default. This commit
changes this default behavior to using the internally bundled llvm-ar with the
GNU format.
Currently all targets use the GNU format except for OSX which uses the BSD
format (surely makes sense, right?), and custom targets can change the format
via the `archive-format` key in custom target specs.
I suspect that we can outright remove support for invoking an external `ar`
utility, but I figure for now there may be some crazy target relying on that so
we should leave support in for now.
bors [Wed, 10 Feb 2016 01:05:42 +0000 (01:05 +0000)]
Auto merge of #31438 - aturon:stab-ip-addr, r=alexcrichton
After [considerable pushback](https://github.com/rust-lang/rfcs/issues/1451), it's clear that there is a community consensus around providing `IpAddr` in the standard library, together with other APIs using it.
This commit reverts from deprecated status directly to stable. The deprecation landed in 1.6, which has already been released, so the stabilization is marked for 1.7 (currently in beta; will require a backport).
Aaron Turon [Sat, 6 Feb 2016 00:22:45 +0000 (16:22 -0800)]
Revert deprecation of IpAddr, stabilizing for 1.7
After [considerable
pushback](https://github.com/rust-lang/rfcs/issues/1451), it's clear
that there is a community consensus around providing `IpAddr` in the
standard library, together with other APIs using it.
This commit reverts from deprecated status directly to stable. The
deprecation landed in 1.6, which has already been released, so the
stabilization is marked for 1.7 (currently in beta; will require a backport).
bors [Tue, 9 Feb 2016 15:14:25 +0000 (15:14 +0000)]
Auto merge of #31510 - dikaiosune:master, r=bluss
Since a lexicographic ordering of a struct could vary based on which struct members are compared first, I ended up doing some testing to ensure that the behavior when deriving these traits was what I expected (ordered based on the top to bottom order of declaration of the members). I wanted to add this little bit of documentation to potentially save someone else the same effort. That is, assuming that my testing correctly reflects the intended behavior of the compiler.
bors [Tue, 9 Feb 2016 04:27:42 +0000 (04:27 +0000)]
Auto merge of #31489 - ben0x539:lock-to-guard, r=alexcrichton
The comment in the next line was already talking about `_guard`, and the scope guard a couple lines further down is also called `guard`, so I assume that was just a typo.
bors [Tue, 9 Feb 2016 02:27:58 +0000 (02:27 +0000)]
Auto merge of #31500 - steveklabnik:fix_cow, r=alexcrichton
When I last did a pass through the string documentation, I focused on
consistency across similar functions. Unfortunately, I missed some
details. This example was _too_ consistent: it wasn't actually accurate!
This commit fixes the docs do both be more accurate and to explain why
the return type is a Cow<'a, str>.
First reported here:
https://www.reddit.com/r/rust/comments/44q9ms/stringfrom_utf8_lossy_doesnt_return_a_string/
bors [Tue, 9 Feb 2016 00:19:45 +0000 (00:19 +0000)]
Auto merge of #31278 - alexcrichton:print-cfg, r=brson
This commit is an implementation of the new compiler flags required by [RFC
1361][rfc]. This specifically adds a new `cfg` option to the `--print` flag to
the compiler. This new directive will print the defined `#[cfg]` directives by
the compiler for the target in question.
Alex Crichton [Mon, 25 Jan 2016 19:36:18 +0000 (11:36 -0800)]
rustc: Implement a new `--print cfg` flag
This commit is an implementation of the new compiler flags required by [RFC
1361][rfc]. This specifically adds a new `cfg` option to the `--print` flag to
the compiler. This new directive will print the defined `#[cfg]` directives by
the compiler for the target in question.
bors [Mon, 8 Feb 2016 22:19:41 +0000 (22:19 +0000)]
Auto merge of #31397 - bradfirj:arc-docfix, r=steveklabnik
The documentation for the `make_mut` function on `Arc<T>` contains a somewhat impenetrable double-negative that I was only able to fully grasp by looking at the implementation. Here's a quick rewrite that reads a lot better.
The sentence "doesn't have one strong reference and no weak references." is a
hard to understand, and it can be much more easily explained. In particular, such a double-negative
could give English as a Second Language users even more trouble than native speakers.
Kamal Marhubi [Mon, 8 Feb 2016 21:38:35 +0000 (16:38 -0500)]
driver: Disallow predicates in --cfg specs
A spec like `#[cfg(foo(bar))]` is not allowed as an attribute. This
makes the same spec be rejected by the compiler if passed in as a
`--cfg` argument.
Steve Klabnik [Mon, 8 Feb 2016 22:10:55 +0000 (17:10 -0500)]
Fix up docs for String::from_utf8_lossy()
When I last did a pass through the string documentation, I focused on
consistency across similar functions. Unfortunately, I missed some
details. This example was _too_ consistent: it wasn't actually accurate!
This commit fixes the docs do both be more accurate and to explain why
the return type is a Cow<'a, str>.
First reported here:
https://www.reddit.com/r/rust/comments/44q9ms/stringfrom_utf8_lossy_doesnt_return_a_string/
Piotr Czarnecki [Mon, 8 Feb 2016 22:08:47 +0000 (23:08 +0100)]
Cleanup based on review by @nagisa
* We don't have SEH-based unwinding yet.
For this reason we don't need operand bundles in MIR trans.
* Refactored some uses of fcx.
* Refactored some calls to `with_block`.
Tomasz Miąsko [Sat, 6 Feb 2016 17:42:17 +0000 (18:42 +0100)]
Breaking tokens into pieces should behave similar to Parser::bump.
Previously when breaking tokens into smaller pieces, the replace_token
function have been used. It replaced current token and updated span
information, but it did not clear the list of expected tokens, neither
did it update remaining info about last token. This could lead to
incorrect error message, like one described in the issue #24780:
Kamal Marhubi [Sun, 7 Feb 2016 22:57:01 +0000 (17:57 -0500)]
Implement fmt::Pointer for pointers to unsized types
This allows printing pointers to unsized types with the {:p} formatting
directive. The following impls are extended to unsized types:
- impl<'a, T: ?Sized> Pointer for &'a T
- impl<'a, T: ?Sized> Pointer for &'a mut T
- impl<T: ?Sized> Pointer for *const T
- impl<T: ?Sized> Pointer for *mut T
- impl<T: ?Sized> fmt::Pointer for Box<T>
- impl<T: ?Sized> fmt::Pointer for Rc<T>
- impl<T: ?Sized> fmt::Pointer for Arc<T>
bors [Mon, 8 Feb 2016 19:04:25 +0000 (19:04 +0000)]
Auto merge of #31324 - nagisa:mir-transforms, r=nikomatsakis
Having a `MirPass` provides literally no benefits over `MutVisitor`. Moreover using `MirPass` for
`EraseRegions` basically makes the programmer to fix breakage from changing repr twice – in the
visitor and eraseregions. Since `MutVisitor` implements all the “walking” inside the trait, that can
be reused for `EraseRegions` too, basically resulting in less code duplication.
Alex Crichton [Mon, 8 Feb 2016 18:27:03 +0000 (10:27 -0800)]
rustc: Use llvm-ar for custom targets by default
The compiler currently vendors its own version of "llvm-ar" (not literally the
binary but rather the library support) and uses it for all major targets by
default (e.g. everything defined in `src/librustc_back/target`). All custom
target specs, however, still search for an `ar` tool by default. This commit
changes this default behavior to using the internally bundled llvm-ar with the
GNU format.
Currently all targets use the GNU format except for OSX which uses the BSD
format (surely makes sense, right?), and custom targets can change the format
via the `archive-format` key in custom target specs.
I suspect that we can outright remove support for invoking an external `ar`
utility, but I figure for now there may be some crazy target relying on that so
we should leave support in for now.
Benjamin Herr [Mon, 8 Feb 2016 13:48:12 +0000 (14:48 +0100)]
std: `_lock` -> `_guard` in Mutex example
The comment in the next line was already talking about `_guard`, and the
scope guard a couple lines further down is also called `guard`, so I
assume that was just a typo.
Split dummy in region inference graph into distinct source and sink nodes.
Why do this: The RegionGraph representation previously conflated all
of the non-variable regions (i.e. the concrete regions such as
lifetime parameters to the current function) into a single dummy node.
A single dummy node leads DFS on a graph `'a -> '_#1 -> '_#0 -> 'b` to
claim that `'_#1` is reachable from `'_#0` (due to `'a` and `'b` being
conflated in the graph representation), which is incorrect (and can
lead to soundness bugs later on in compilation, see #30438).
Splitting the dummy node ensures that DFS will never introduce new
ancestor relationships between nodes for variable regions in the
graph.
bors [Sun, 7 Feb 2016 23:31:46 +0000 (23:31 +0000)]
Auto merge of #31470 - alexcrichton:lets-find-jemalloc, r=brson
Both of these targets have jemalloc disabled unconditionally right now, so using
`maybe_jemalloc` here isn't right. This fixes the case where a Linux compiler
(which is itself configured to use jemalloc) attempts to cross-compile to MinGW,
causing it to try to find an `alloc_jemalloc` crate (and failing).
Alex Crichton [Sun, 7 Feb 2016 20:03:06 +0000 (12:03 -0800)]
rustc: Tweak exe allocator for MinGW/rumprun
Both of these targets have jemalloc disabled unconditionally right now, so using
`maybe_jemalloc` here isn't right. This fixes the case where a Linux compiler
(which is itself configured to use jemalloc) attempts to cross-compile to MinGW,
causing it to try to find an `alloc_jemalloc` crate (and failing).
bors [Sun, 7 Feb 2016 00:16:58 +0000 (00:16 +0000)]
Auto merge of #31440 - reem:rwlock-map-fix, r=alexcrichton
Also update the instability reason to include a note about a possible
bad interaction with condition variables on systems that allow
waiting on a RwLock guard.
bors [Sat, 6 Feb 2016 21:18:50 +0000 (21:18 +0000)]
Auto merge of #30629 - brson:emscripten-upstream, r=alexcrichton
Here's another go at adding emscripten support. This needs to wait again on new [libc definitions](https://github.com/rust-lang-nursery/libc/pull/122) landing. To get the libc definitions right I had to add support for i686-unknown-linux-musl, which are very similar to emscripten's, which are derived from arm/musl.
This branch additionally removes the makefile dependency on the `EMSCRIPTEN` environment variable by not building the unused compiler-rt.
Again, this is not sufficient for actually compiling to asmjs since it needs additional LLVM patches.
bors [Sat, 6 Feb 2016 19:16:10 +0000 (19:16 +0000)]
Auto merge of #31428 - reem:remove-mutexguard-map, r=alexcrichton
It could return in the future if it returned a different guard type, which
could not be used with Condvar, otherwise it is unsafe as another thread
can invalidate an "inner" reference during a Condvar::wait.
bors [Sat, 6 Feb 2016 15:15:56 +0000 (15:15 +0000)]
Auto merge of #31417 - alexcrichton:cloexec-all-the-things, r=brson
These commits finish up closing out https://github.com/rust-lang/rust/issues/24237 by filling out all locations we create new file descriptors with variants that atomically create the file descriptor and set CLOEXEC where possible. Previous support for doing this in `File::open` was added in #27971 and support for `try_clone` was added in #27980. This commit fills out:
* `Socket::new` now passes `SOCK_CLOEXEC`
* `Socket::accept` now uses `accept4`
* `pipe2` is used instead of `pipe`
Unfortunately most of this support is Linux-specific, and most of it is post-2.6.18 (our oldest supported version), so all of the detection here is done dynamically. It looks like OSX does not have equivalent variants for these functions, so there's nothing more we can do there. Support for BSDs can be added over time if they also have these functions.
bors [Sat, 6 Feb 2016 09:24:04 +0000 (09:24 +0000)]
Auto merge of #31333 - lambda:31273-abort-on-stack-overflow, r=brson
Abort on stack overflow instead of re-raising SIGSEGV
We use guard pages that cause the process to abort to protect against
undefined behavior in the event of stack overflow. We have a handler
that catches segfaults, prints out an error message if the segfault was
due to a stack overflow, then unregisters itself and returns to allow
the signal to be re-raised and kill the process.
This caused some confusion, as it was unexpected that safe code would be
able to cause a segfault, while it's easy to overflow the stack in safe
code. To avoid this confusion, when we detect a segfault in the guard
page, abort instead of the previous behavior of re-raising SIGSEGV.
To test this, we need to adapt the tests for segfault to actually check
the exit status. Doing so revealed that the existing test for segfault
behavior was actually invalid; LLVM optimizes the explicit null pointer
reference down to an illegal instruction, so the program aborts with
SIGILL instead of SIGSEGV and the test didn't actually trigger the
signal handler at all. Use a C helper function to get a null pointer
that LLVM can't optimize away, so we get our segfault instead.
This is a [breaking-change] if anyone is relying on the exact signal
raised to kill a process on stack overflow.
Jonathan Reem [Sat, 6 Feb 2016 01:11:17 +0000 (17:11 -0800)]
Fix RwLock*Guard::map to not allow escaping a reference to the data.
Also update the instability reason to include a note about a possible
bad interaction with condition variables on systems that allow
waiting on a RwLock guard.
Brian Campbell [Sun, 31 Jan 2016 23:30:32 +0000 (18:30 -0500)]
Abort on stack overflow instead of re-raising SIGSEGV
We use guard pages that cause the process to abort to protect against
undefined behavior in the event of stack overflow. We have a handler
that catches segfaults, prints out an error message if the segfault was
due to a stack overflow, then unregisters itself and returns to allow
the signal to be re-raised and kill the process.
This caused some confusion, as it was unexpected that safe code would be
able to cause a segfault, while it's easy to overflow the stack in safe
code. To avoid this confusion, when we detect a segfault in the guard
page, abort instead of the previous behavior of re-raising the SIGSEGV.
To test this, we need to adapt the tests for segfault to actually check
the exit status. Doing so revealed that the existing test for segfault
behavior was actually invalid; LLVM optimizes the explicit null pointer
reference down to an illegal instruction, so the program aborts with
SIGILL instead of SIGSEGV and the test didn't actually trigger the
signal handler at all. Use a C helper function to get a null pointer
that LLVM can't optimize away, so we get our segfault instead.
This is a [breaking-change] if anyone is relying on the exact signal
raised to kill a process on stack overflow.
bors [Sat, 6 Feb 2016 01:24:22 +0000 (01:24 +0000)]
Auto merge of #31307 - nagisa:mir-drop-terminator, r=nikomatsakis
The scope of these refactorings is a little bit bigger than the title implies. See each commit for details.
I’m submitting this for nitpicking now (the first 4 commits), because I feel the basic idea/implementation is sound and should work. I will eventually expand this PR to cover the translator changes necessary for all this to work (+ tests), ~~and perhaps implement a dynamic dropping scheme while I’m at it as well.~~
Alex Crichton [Thu, 4 Feb 2016 23:23:26 +0000 (15:23 -0800)]
std: Try to use pipe2 on Linux for pipes
This commit attempts to use the `pipe2` syscall on Linux to atomically set the
CLOEXEC flag for pipes created. Unfortunately this was added in 2.6.27 so we
have to dynamically determine whether we can use it or not.
This commit also updates the `fds-are-cloexec.rs` test to test stdio handles for
spawned processes as well.
Alex Crichton [Thu, 4 Feb 2016 23:22:41 +0000 (15:22 -0800)]
std: Add support for accept4 on Linux
This is necessary to atomically accept a socket and set the CLOEXEC flag at the
same time. Support only appeared in Linux 2.6.28 so we have to dynamically
determine which syscall we're supposed to call in this case.