1 use crate::std::cmp; 2 use crate::std::ffi::CStr; 3 use crate::std::io; 4 use crate::std::mem; 5 use crate::std::num::NonZeroUsize; 6 use crate::std::ptr; 7 use crate::std::sys::{os, stack_overflow}; 8 use crate::std::time::Duration; 9 use dlibc; 10 11 #[cfg(all(target_os = "linux", target_env = "gnu"))] 12 use crate::std::sys::weak::dlsym; 13 #[cfg(any(target_os = "solaris", target_os = "illumos", target_os = "nto"))] 14 use crate::std::sys::weak::weak; 15 #[cfg(not(any(target_os = "l4re", target_os = "vxworks", target_os = "espidf")))] 16 pub const DEFAULT_MIN_STACK_SIZE: usize = 2 * 1024 * 1024; 17 #[cfg(target_os = "l4re")] 18 pub const DEFAULT_MIN_STACK_SIZE: usize = 1024 * 1024; 19 #[cfg(target_os = "vxworks")] 20 pub const DEFAULT_MIN_STACK_SIZE: usize = 256 * 1024; 21 #[cfg(target_os = "espidf")] 22 pub const DEFAULT_MIN_STACK_SIZE: usize = 0; // 0 indicates that the stack size configured in the ESP-IDF menuconfig system should be used 23 24 #[cfg(target_os = "fuchsia")] 25 mod zircon { 26 type zx_handle_t = u32; 27 type zx_status_t = i32; 28 pub const ZX_PROP_NAME: u32 = 3; 29 30 extern "C" { 31 pub fn zx_object_set_property( 32 handle: zx_handle_t, 33 property: u32, 34 value: *const dlibc::c_void, 35 value_size: dlibc::size_t, 36 ) -> zx_status_t; 37 pub fn zx_thread_self() -> zx_handle_t; 38 } 39 } 40 41 pub struct Thread { 42 id: dlibc::pthread_t, 43 } 44 45 // Some platforms may have pthread_t as a pointer in which case we still want 46 // a thread to be Send/Sync 47 unsafe impl Send for Thread {} 48 unsafe impl Sync for Thread {} 49 50 impl Thread { 51 // unsafe: see thread::Builder::spawn_unchecked for safety requirements 52 pub unsafe fn new(stack: usize, p: Box<dyn FnOnce()>) -> io::Result<Thread> { 53 let p = Box::into_raw(Box::new(p)); 54 let mut native: dlibc::pthread_t = mem::zeroed(); 55 let mut attr: dlibc::pthread_attr_t = mem::zeroed(); 56 assert_eq!(dlibc::pthread_attr_init(&mut attr), 0); 57 58 #[cfg(target_os = "espidf")] 59 if stack > 0 { 60 // Only set the stack if a non-zero value is passed 61 // 0 is used as an indication that the default stack size configured in the ESP-IDF menuconfig system should be used 62 assert_eq!( 63 dlibc::pthread_attr_setstacksize(&mut attr, cmp::max(stack, min_stack_size(&attr))), 64 0 65 ); 66 } 67 68 #[cfg(not(target_os = "espidf"))] 69 { 70 let stack_size = cmp::max(stack, min_stack_size(&attr)); 71 72 match dlibc::pthread_attr_setstacksize(&mut attr, stack_size) { 73 0 => {} 74 n => { 75 assert_eq!(n, dlibc::EINVAL); 76 // EINVAL means |stack_size| is either too small or not a 77 // multiple of the system page size. Because it's definitely 78 // >= PTHREAD_STACK_MIN, it must be an alignment issue. 79 // Round up to the nearest page and try again. 80 let page_size = os::page_size(); 81 let stack_size = 82 (stack_size + page_size - 1) & (-(page_size as isize - 1) as usize - 1); 83 assert_eq!(dlibc::pthread_attr_setstacksize(&mut attr, stack_size), 0); 84 } 85 }; 86 } 87 88 let ret = dlibc::pthread_create(&mut native, &attr, thread_start, p as *mut _); 89 // Note: if the thread creation fails and this assert fails, then p will 90 // be leaked. However, an alternative design could cause double-free 91 // which is clearly worse. 92 assert_eq!(dlibc::pthread_attr_destroy(&mut attr), 0); 93 94 return if ret != 0 { 95 // The thread failed to start and as a result p was not consumed. Therefore, it is 96 // safe to reconstruct the box so that it gets deallocated. 97 drop(Box::from_raw(p)); 98 Err(io::Error::from_raw_os_error(ret)) 99 } else { 100 Ok(Thread { id: native }) 101 }; 102 103 extern "C" fn thread_start(main: *mut dlibc::c_void) -> *mut dlibc::c_void { 104 unsafe { 105 // Next, set up our stack overflow handler which may get triggered if we run 106 // out of stack. 107 let _handler = stack_overflow::Handler::new(); 108 // Finally, let's run some code. 109 Box::from_raw(main as *mut Box<dyn FnOnce()>)(); 110 } 111 ptr::null_mut() 112 } 113 } 114 115 pub fn yield_now() { 116 let ret = unsafe { dlibc::sched_yield() }; 117 debug_assert_eq!(ret, 0); 118 } 119 120 #[cfg(target_os = "android")] 121 pub fn set_name(name: &CStr) { 122 const PR_SET_NAME: dlibc::c_int = 15; 123 unsafe { 124 dlibc::prctl( 125 PR_SET_NAME, 126 name.as_ptr(), 127 0 as dlibc::c_ulong, 128 0 as dlibc::c_ulong, 129 0 as dlibc::c_ulong, 130 ); 131 } 132 } 133 134 #[cfg(target_os = "linux")] 135 pub fn set_name(name: &CStr) { 136 const TASK_COMM_LEN: usize = 16; 137 138 unsafe { 139 // Available since glibc 2.12, musl 1.1.16, and uClibc 1.0.20. 140 let name = truncate_cstr::<{ TASK_COMM_LEN }>(name); 141 let res = dlibc::pthread_setname_np(dlibc::pthread_self(), name.as_ptr()); 142 // We have no good way of propagating errors here, but in debug-builds let's check that this actually worked. 143 debug_assert_eq!(res, 0); 144 } 145 } 146 #[cfg(target_os = "dragonos")] 147 pub fn set_name(name: &CStr) { 148 const TASK_COMM_LEN: usize = 16; 149 150 unsafe { 151 // Available since glibc 2.12, musl 1.1.16, and uClibc 1.0.20. 152 let name = truncate_cstr::<{ TASK_COMM_LEN }>(name); 153 let res = dlibc::pthread_setname_np(dlibc::pthread_self(), name.as_ptr()); 154 // We have no good way of propagating errors here, but in debug-builds let's check that this actually worked. 155 debug_assert_eq!(res, 0); 156 } 157 } 158 159 #[cfg(any(target_os = "freebsd", target_os = "dragonfly", target_os = "openbsd"))] 160 pub fn set_name(name: &CStr) { 161 unsafe { 162 dlibc::pthread_set_name_np(dlibc::pthread_self(), name.as_ptr()); 163 } 164 } 165 166 #[cfg(any( 167 target_os = "macos", 168 target_os = "ios", 169 target_os = "tvos", 170 target_os = "watchos" 171 ))] 172 pub fn set_name(name: &CStr) { 173 unsafe { 174 let name = truncate_cstr::<{ dlibc::MAXTHREADNAMESIZE }>(name); 175 let res = dlibc::pthread_setname_np(name.as_ptr()); 176 // We have no good way of propagating errors here, but in debug-builds let's check that this actually worked. 177 debug_assert_eq!(res, 0); 178 } 179 } 180 181 #[cfg(target_os = "netbsd")] 182 pub fn set_name(name: &CStr) { 183 unsafe { 184 let cname = CStr::from_bytes_with_nul_unchecked(b"%s\0".as_slice()); 185 let res = dlibc::pthread_setname_np( 186 dlibc::pthread_self(), 187 cname.as_ptr(), 188 name.as_ptr() as *mut dlibc::c_void, 189 ); 190 debug_assert_eq!(res, 0); 191 } 192 } 193 194 #[cfg(any(target_os = "solaris", target_os = "illumos", target_os = "nto"))] 195 pub fn set_name(name: &CStr) { 196 weak! { 197 fn pthread_setname_np( 198 dlibc::pthread_t, *const dlibc::c_char 199 ) -> dlibc::c_int 200 } 201 202 if let Some(f) = pthread_setname_np.get() { 203 let res = unsafe { f(dlibc::pthread_self(), name.as_ptr()) }; 204 debug_assert_eq!(res, 0); 205 } 206 } 207 208 #[cfg(target_os = "fuchsia")] 209 pub fn set_name(name: &CStr) { 210 use self::zircon::*; 211 unsafe { 212 zx_object_set_property( 213 zx_thread_self(), 214 ZX_PROP_NAME, 215 name.as_ptr() as *const dlibc::c_void, 216 name.to_bytes().len(), 217 ); 218 } 219 } 220 221 #[cfg(target_os = "haiku")] 222 pub fn set_name(name: &CStr) { 223 unsafe { 224 let thread_self = dlibc::find_thread(ptr::null_mut()); 225 dlibc::rename_thread(thread_self, name.as_ptr()); 226 } 227 } 228 229 #[cfg(any( 230 target_env = "newlib", 231 target_os = "l4re", 232 target_os = "emscripten", 233 target_os = "redox", 234 target_os = "vxworks" 235 ))] 236 pub fn set_name(_name: &CStr) { 237 // Newlib, Emscripten, and VxWorks have no way to set a thread name. 238 } 239 240 #[cfg(not(target_os = "espidf"))] 241 pub fn sleep(dur: Duration) { 242 let mut secs = dur.as_secs(); 243 let mut nsecs = dur.subsec_nanos() as _; 244 245 // If we're awoken with a signal then the return value will be -1 and 246 // nanosleep will fill in `ts` with the remaining time. 247 unsafe { 248 while secs > 0 || nsecs > 0 { 249 let mut ts = dlibc::timespec { 250 tv_sec: cmp::min(dlibc::time_t::MAX as u64, secs) as dlibc::time_t, 251 tv_nsec: nsecs, 252 }; 253 secs -= ts.tv_sec as u64; 254 let ts_ptr = &mut ts as *mut _; 255 if dlibc::nanosleep(ts_ptr, ts_ptr) == -1 { 256 assert_eq!(os::errno(), dlibc::EINTR); 257 secs += ts.tv_sec as u64; 258 nsecs = ts.tv_nsec; 259 } else { 260 nsecs = 0; 261 } 262 } 263 } 264 } 265 266 #[cfg(target_os = "espidf")] 267 pub fn sleep(dur: Duration) { 268 let mut micros = dur.as_micros(); 269 unsafe { 270 while micros > 0 { 271 let st = if micros > u32::MAX as u128 { 272 u32::MAX 273 } else { 274 micros as u32 275 }; 276 dlibc::usleep(st); 277 278 micros -= st as u128; 279 } 280 } 281 } 282 283 pub fn join(self) { 284 unsafe { 285 let ret = dlibc::pthread_join(self.id, ptr::null_mut()); 286 mem::forget(self); 287 assert!( 288 ret == 0, 289 "failed to join thread: {}", 290 io::Error::from_raw_os_error(ret) 291 ); 292 } 293 } 294 295 pub fn id(&self) -> dlibc::pthread_t { 296 self.id 297 } 298 299 pub fn into_id(self) -> dlibc::pthread_t { 300 let id = self.id; 301 mem::forget(self); 302 id 303 } 304 } 305 306 impl Drop for Thread { 307 fn drop(&mut self) { 308 let ret = unsafe { dlibc::pthread_detach(self.id) }; 309 debug_assert_eq!(ret, 0); 310 } 311 } 312 313 #[cfg(any( 314 target_os = "linux", 315 target_os = "macos", 316 target_os = "ios", 317 target_os = "tvos", 318 target_os = "watchos", 319 target_os = "dragonos", 320 ))] 321 fn truncate_cstr<const MAX_WITH_NUL: usize>(cstr: &CStr) -> [dlibc::c_char; MAX_WITH_NUL] { 322 let mut result = [0; MAX_WITH_NUL]; 323 for (src, dst) in cstr.to_bytes().iter().zip(&mut result[..MAX_WITH_NUL - 1]) { 324 *dst = *src as dlibc::c_char; 325 } 326 result 327 } 328 329 pub fn available_parallelism() -> io::Result<NonZeroUsize> { 330 cfg_if::cfg_if! { 331 if #[cfg(any( 332 target_os = "android", 333 target_os = "emscripten", 334 target_os = "fuchsia", 335 target_os = "ios", 336 target_os = "tvos", 337 target_os = "linux", 338 target_os = "macos", 339 target_os = "solaris", 340 target_os = "illumos", 341 target_os = "dragonos", 342 ))] { 343 #[cfg(any(target_os = "android", target_os = "linux",target_os = "dragonos",))] 344 { 345 let quota = cgroups::quota().max(1); 346 let mut set: dlibc::cpu_set_t = unsafe { mem::zeroed() }; 347 unsafe { 348 if dlibc::sched_getaffinity(0, mem::size_of::<dlibc::cpu_set_t>(), &mut set) == 0 { 349 let count = dlibc::CPU_COUNT(&set) as usize; 350 let count = count.min(quota); 351 // SAFETY: affinity mask can't be empty and the quota gets clamped to a minimum of 1 352 return Ok(NonZeroUsize::new_unchecked(count)); 353 } 354 } 355 } 356 match unsafe { dlibc::sysconf(dlibc::_SC_NPROCESSORS_ONLN) } { 357 -1 => Err(io::Error::last_os_error()), 358 0 => Err(io::const_io_error!(io::ErrorKind::NotFound, "The number of hardware threads is not known for the target platform")), 359 cpus => Ok(unsafe { NonZeroUsize::new_unchecked(cpus as usize) }), 360 } 361 } else if #[cfg(any(target_os = "freebsd", target_os = "dragonfly", target_os = "netbsd"))] { 362 use crate::std::ptr; 363 364 #[cfg(target_os = "freebsd")] 365 { 366 let mut set: dlibc::cpuset_t = unsafe { mem::zeroed() }; 367 unsafe { 368 if dlibc::cpuset_getaffinity( 369 dlibc::CPU_LEVEL_WHICH, 370 dlibc::CPU_WHICH_PID, 371 -1, 372 mem::size_of::<dlibc::cpuset_t>(), 373 &mut set, 374 ) == 0 { 375 let count = dlibc::CPU_COUNT(&set) as usize; 376 if count > 0 { 377 return Ok(NonZeroUsize::new_unchecked(count)); 378 } 379 } 380 } 381 } 382 383 #[cfg(target_os = "netbsd")] 384 { 385 unsafe { 386 let set = dlibc::_cpuset_create(); 387 if !set.is_null() { 388 let mut count: usize = 0; 389 if dlibc::pthread_getaffinity_np(dlibc::pthread_self(), dlibc::_cpuset_size(set), set) == 0 { 390 for i in 0..u64::MAX { 391 match dlibc::_cpuset_isset(i, set) { 392 -1 => break, 393 0 => continue, 394 _ => count = count + 1, 395 } 396 } 397 } 398 dlibc::_cpuset_destroy(set); 399 if let Some(count) = NonZeroUsize::new(count) { 400 return Ok(count); 401 } 402 } 403 } 404 } 405 406 let mut cpus: dlibc::c_uint = 0; 407 let mut cpus_size = crate::std::mem::size_of_val(&cpus); 408 409 unsafe { 410 cpus = dlibc::sysconf(dlibc::_SC_NPROCESSORS_ONLN) as dlibc::c_uint; 411 } 412 413 // Fallback approach in case of errors or no hardware threads. 414 if cpus < 1 { 415 let mut mib = [dlibc::CTL_HW, dlibc::HW_NCPU, 0, 0]; 416 let res = unsafe { 417 dlibc::sysctl( 418 mib.as_mut_ptr(), 419 2, 420 &mut cpus as *mut _ as *mut _, 421 &mut cpus_size as *mut _ as *mut _, 422 ptr::null_mut(), 423 0, 424 ) 425 }; 426 427 // Handle errors if any. 428 if res == -1 { 429 return Err(io::Error::last_os_error()); 430 } else if cpus == 0 { 431 return Err(io::const_io_error!(io::ErrorKind::NotFound, "The number of hardware threads is not known for the target platform")); 432 } 433 } 434 Ok(unsafe { NonZeroUsize::new_unchecked(cpus as usize) }) 435 } else if #[cfg(target_os = "openbsd")] { 436 use crate::std::ptr; 437 438 let mut cpus: dlibc::c_uint = 0; 439 let mut cpus_size = crate::std::mem::size_of_val(&cpus); 440 let mut mib = [dlibc::CTL_HW, dlibc::HW_NCPU, 0, 0]; 441 442 let res = unsafe { 443 dlibc::sysctl( 444 mib.as_mut_ptr(), 445 2, 446 &mut cpus as *mut _ as *mut _, 447 &mut cpus_size as *mut _ as *mut _, 448 ptr::null_mut(), 449 0, 450 ) 451 }; 452 453 // Handle errors if any. 454 if res == -1 { 455 return Err(io::Error::last_os_error()); 456 } else if cpus == 0 { 457 return Err(io::const_io_error!(io::ErrorKind::NotFound, "The number of hardware threads is not known for the target platform")); 458 } 459 460 Ok(unsafe { NonZeroUsize::new_unchecked(cpus as usize) }) 461 } else if #[cfg(target_os = "nto")] { 462 unsafe { 463 use dlibc::_syspage_ptr; 464 if _syspage_ptr.is_null() { 465 Err(io::const_io_error!(io::ErrorKind::NotFound, "No syspage available")) 466 } else { 467 let cpus = (*_syspage_ptr).num_cpu; 468 NonZeroUsize::new(cpus as usize) 469 .ok_or(io::const_io_error!(io::ErrorKind::NotFound, "The number of hardware threads is not known for the target platform")) 470 } 471 } 472 } else if #[cfg(target_os = "haiku")] { 473 // system_info cpu_count field gets the static data set at boot time with `smp_set_num_cpus` 474 // `get_system_info` calls then `smp_get_num_cpus` 475 unsafe { 476 let mut sinfo: dlibc::system_info = crate::std::mem::zeroed(); 477 let res = dlibc::get_system_info(&mut sinfo); 478 479 if res != dlibc::B_OK { 480 return Err(io::const_io_error!(io::ErrorKind::NotFound, "The number of hardware threads is not known for the target platform")); 481 } 482 483 Ok(NonZeroUsize::new_unchecked(sinfo.cpu_count as usize)) 484 } 485 } else { 486 // FIXME: implement on vxWorks, Redox, l4re 487 Err(io::const_io_error!(io::ErrorKind::Unsupported, "Getting the number of hardware threads is not supported on the target platform")) 488 } 489 } 490 } 491 492 #[cfg(any(target_os = "android", target_os = "linux", target_os = "dragonos",))] 493 mod cgroups { 494 //! Currently not covered 495 //! * cgroup v2 in non-standard mountpoints 496 //! * paths containing control characters or spaces, since those would be escaped in procfs 497 //! output and we don't unescape 498 use crate::std::borrow::Cow; 499 use crate::std::ffi::OsString; 500 use crate::std::fs::{try_exists, File}; 501 use crate::std::io::Read; 502 use crate::std::io::{BufRead, BufReader}; 503 use crate::std::os::unix::ffi::OsStringExt; 504 use crate::std::path::Path; 505 use crate::std::path::PathBuf; 506 use crate::std::str::from_utf8; 507 508 #[derive(PartialEq)] 509 enum Cgroup { 510 V1, 511 V2, 512 } 513 514 /// Returns cgroup CPU quota in core-equivalents, rounded down or usize::MAX if the quota cannot 515 /// be determined or is not set. 516 pub(super) fn quota() -> usize { 517 let mut quota = usize::MAX; 518 if cfg!(miri) { 519 // Attempting to open a file fails under default flags due to isolation. 520 // And Miri does not have parallelism anyway. 521 return quota; 522 } 523 524 let _: Option<()> = try { 525 let mut buf = Vec::with_capacity(128); 526 // find our place in the cgroup hierarchy 527 File::open("/proc/self/cgroup") 528 .ok()? 529 .read_to_end(&mut buf) 530 .ok()?; 531 let (cgroup_path, version) = 532 buf.split(|&c| c == b'\n').fold(None, |previous, line| { 533 let mut fields = line.splitn(3, |&c| c == b':'); 534 // 2nd field is a list of controllers for v1 or empty for v2 535 let version = match fields.nth(1) { 536 Some(b"") => Cgroup::V2, 537 Some(controllers) 538 if from_utf8(controllers) 539 .is_ok_and(|c| c.split(',').any(|c| c == "cpu")) => 540 { 541 Cgroup::V1 542 } 543 _ => return previous, 544 }; 545 546 // already-found v1 trumps v2 since it explicitly specifies its controllers 547 if previous.is_some() && version == Cgroup::V2 { 548 return previous; 549 } 550 551 let path = fields.last()?; 552 // skip leading slash 553 Some((path[1..].to_owned(), version)) 554 })?; 555 let cgroup_path = PathBuf::from(OsString::from_vec(cgroup_path)); 556 557 quota = match version { 558 Cgroup::V1 => quota_v1(cgroup_path), 559 Cgroup::V2 => quota_v2(cgroup_path), 560 }; 561 }; 562 563 quota 564 } 565 566 fn quota_v2(group_path: PathBuf) -> usize { 567 let mut quota = usize::MAX; 568 569 let mut path = PathBuf::with_capacity(128); 570 let mut read_buf = String::with_capacity(20); 571 572 // standard mount location defined in file-hierarchy(7) manpage 573 let cgroup_mount = "/sys/fs/cgroup"; 574 575 path.push(cgroup_mount); 576 path.push(&group_path); 577 578 path.push("cgroup.controllers"); 579 580 // skip if we're not looking at cgroup2 581 if matches!(try_exists(&path), Err(_) | Ok(false)) { 582 return usize::MAX; 583 }; 584 585 path.pop(); 586 587 let _: Option<()> = try { 588 while path.starts_with(cgroup_mount) { 589 path.push("cpu.max"); 590 591 read_buf.clear(); 592 593 if File::open(&path) 594 .and_then(|mut f| f.read_to_string(&mut read_buf)) 595 .is_ok() 596 { 597 let raw_quota = read_buf.lines().next()?; 598 let mut raw_quota = raw_quota.split(' '); 599 let limit = raw_quota.next()?; 600 let period = raw_quota.next()?; 601 match (limit.parse::<usize>(), period.parse::<usize>()) { 602 (Ok(limit), Ok(period)) if period > 0 => { 603 quota = quota.min(limit / period); 604 } 605 _ => {} 606 } 607 } 608 609 path.pop(); // pop filename 610 path.pop(); // pop dir 611 } 612 }; 613 614 quota 615 } 616 617 fn quota_v1(group_path: PathBuf) -> usize { 618 let mut quota = usize::MAX; 619 let mut path = PathBuf::with_capacity(128); 620 let mut read_buf = String::with_capacity(20); 621 622 // Hardcode commonly used locations mentioned in the cgroups(7) manpage 623 // if that doesn't work scan mountinfo and adjust `group_path` for bind-mounts 624 let mounts: &[fn(&Path) -> Option<(_, &Path)>] = &[ 625 |p| Some((Cow::Borrowed("/sys/fs/cgroup/cpu"), p)), 626 |p| Some((Cow::Borrowed("/sys/fs/cgroup/cpu,cpuacct"), p)), 627 // this can be expensive on systems with tons of mountpoints 628 // but we only get to this point when /proc/self/cgroups explicitly indicated 629 // this process belongs to a cpu-controller cgroup v1 and the defaults didn't work 630 find_mountpoint, 631 ]; 632 633 for mount in mounts { 634 let Some((mount, group_path)) = mount(&group_path) else { 635 continue; 636 }; 637 638 path.clear(); 639 path.push(mount.as_ref()); 640 path.push(&group_path); 641 642 // skip if we guessed the mount incorrectly 643 if matches!(try_exists(&path), Err(_) | Ok(false)) { 644 continue; 645 } 646 647 while path.starts_with(mount.as_ref()) { 648 let mut parse_file = |name| { 649 path.push(name); 650 read_buf.clear(); 651 652 let f = File::open(&path); 653 path.pop(); // restore buffer before any early returns 654 f.ok()?.read_to_string(&mut read_buf).ok()?; 655 let parsed = read_buf.trim().parse::<usize>().ok()?; 656 657 Some(parsed) 658 }; 659 660 let limit = parse_file("cpu.cfs_quota_us"); 661 let period = parse_file("cpu.cfs_period_us"); 662 663 match (limit, period) { 664 (Some(limit), Some(period)) if period > 0 => quota = quota.min(limit / period), 665 _ => {} 666 } 667 668 path.pop(); 669 } 670 671 // we passed the try_exists above so we should have traversed the correct hierarchy 672 // when reaching this line 673 break; 674 } 675 676 quota 677 } 678 679 /// Scan mountinfo for cgroup v1 mountpoint with a cpu controller 680 /// 681 /// If the cgroupfs is a bind mount then `group_path` is adjusted to skip 682 /// over the already-included prefix 683 fn find_mountpoint(group_path: &Path) -> Option<(Cow<'static, str>, &Path)> { 684 let mut reader = BufReader::new(File::open("/proc/self/mountinfo").ok()?); 685 let mut line = String::with_capacity(256); 686 loop { 687 line.clear(); 688 if reader.read_line(&mut line).ok()? == 0 { 689 break; 690 } 691 692 let line = line.trim(); 693 let mut items = line.split(' '); 694 695 let sub_path = items.nth(3)?; 696 let mount_point = items.next()?; 697 let mount_opts = items.next_back()?; 698 let filesystem_type = items.nth_back(1)?; 699 700 if filesystem_type != "cgroup" || !mount_opts.split(',').any(|opt| opt == "cpu") { 701 // not a cgroup / not a cpu-controller 702 continue; 703 } 704 705 let sub_path = Path::new(sub_path).strip_prefix("/").ok()?; 706 707 if !group_path.starts_with(sub_path) { 708 // this is a bind-mount and the bound subdirectory 709 // does not contain the cgroup this process belongs to 710 continue; 711 } 712 713 let trimmed_group_path = group_path.strip_prefix(sub_path).ok()?; 714 715 return Some((Cow::Owned(mount_point.to_owned()), trimmed_group_path)); 716 } 717 718 None 719 } 720 } 721 722 #[cfg(all( 723 not(target_os = "linux"), 724 not(target_os = "freebsd"), 725 not(target_os = "macos"), 726 not(target_os = "netbsd"), 727 not(target_os = "openbsd"), 728 not(target_os = "solaris") 729 ))] 730 #[cfg_attr(test, allow(dead_code))] 731 pub mod guard { 732 use crate::std::ops::Range; 733 pub type Guard = Range<usize>; 734 pub unsafe fn current() -> Option<Guard> { 735 None 736 } 737 pub unsafe fn init() -> Option<Guard> { 738 None 739 } 740 } 741 742 #[cfg(any( 743 target_os = "linux", 744 target_os = "freebsd", 745 target_os = "macos", 746 target_os = "netbsd", 747 target_os = "openbsd", 748 target_os = "solaris" 749 ))] 750 #[cfg_attr(test, allow(dead_code))] 751 pub mod guard { 752 #[cfg(not(all(target_os = "linux", target_env = "gnu")))] 753 use dlibc::{mmap as mmap64, mprotect}; 754 #[cfg(all(target_os = "linux", target_env = "gnu"))] 755 use dlibc::{mmap64, mprotect}; 756 use dlibc::{MAP_ANON, MAP_FAILED, MAP_FIXED, MAP_PRIVATE, PROT_NONE, PROT_READ, PROT_WRITE}; 757 758 use crate::std::io; 759 use crate::std::ops::Range; 760 use crate::std::sync::atomic::{AtomicUsize, Ordering}; 761 use crate::std::sys::os; 762 763 // This is initialized in init() and only read from after 764 static PAGE_SIZE: AtomicUsize = AtomicUsize::new(0); 765 766 pub type Guard = Range<usize>; 767 768 #[cfg(target_os = "solaris")] 769 unsafe fn get_stack_start() -> Option<*mut dlibc::c_void> { 770 let mut current_stack: dlibc::stack_t = crate::std::mem::zeroed(); 771 assert_eq!(dlibc::stack_getbounds(&mut current_stack), 0); 772 Some(current_stack.ss_sp) 773 } 774 775 #[cfg(target_os = "macos")] 776 unsafe fn get_stack_start() -> Option<*mut dlibc::c_void> { 777 let th = dlibc::pthread_self(); 778 let stackptr = dlibc::pthread_get_stackaddr_np(th); 779 Some(stackptr.map_addr(|addr| addr - dlibc::pthread_get_stacksize_np(th))) 780 } 781 782 #[cfg(target_os = "openbsd")] 783 unsafe fn get_stack_start() -> Option<*mut dlibc::c_void> { 784 let mut current_stack: dlibc::stack_t = crate::std::mem::zeroed(); 785 assert_eq!( 786 dlibc::pthread_stackseg_np(dlibc::pthread_self(), &mut current_stack), 787 0 788 ); 789 790 let stack_ptr = current_stack.ss_sp; 791 let stackaddr = if dlibc::pthread_main_np() == 1 { 792 // main thread 793 stack_ptr.addr() - current_stack.ss_size + PAGE_SIZE.load(Ordering::Relaxed) 794 } else { 795 // new thread 796 stack_ptr.addr() - current_stack.ss_size 797 }; 798 Some(stack_ptr.with_addr(stackaddr)) 799 } 800 801 #[cfg(any( 802 target_os = "android", 803 target_os = "freebsd", 804 target_os = "linux", 805 target_os = "netbsd", 806 target_os = "l4re" 807 ))] 808 unsafe fn get_stack_start() -> Option<*mut dlibc::c_void> { 809 let mut ret = None; 810 let mut attr: dlibc::pthread_attr_t = crate::std::mem::zeroed(); 811 #[cfg(target_os = "freebsd")] 812 assert_eq!(dlibc::pthread_attr_init(&mut attr), 0); 813 #[cfg(target_os = "freebsd")] 814 let e = dlibc::pthread_attr_get_np(dlibc::pthread_self(), &mut attr); 815 #[cfg(not(target_os = "freebsd"))] 816 let e = dlibc::pthread_getattr_np(dlibc::pthread_self(), &mut attr); 817 if e == 0 { 818 let mut stackaddr = crate::std::ptr::null_mut(); 819 let mut stacksize = 0; 820 assert_eq!( 821 dlibc::pthread_attr_getstack(&attr, &mut stackaddr, &mut stacksize), 822 0 823 ); 824 ret = Some(stackaddr); 825 } 826 if e == 0 || cfg!(target_os = "freebsd") { 827 assert_eq!(dlibc::pthread_attr_destroy(&mut attr), 0); 828 } 829 ret 830 } 831 832 // Precondition: PAGE_SIZE is initialized. 833 unsafe fn get_stack_start_aligned() -> Option<*mut dlibc::c_void> { 834 let page_size = PAGE_SIZE.load(Ordering::Relaxed); 835 assert!(page_size != 0); 836 let stackptr = get_stack_start()?; 837 let stackaddr = stackptr.addr(); 838 839 // Ensure stackaddr is page aligned! A parent process might 840 // have reset RLIMIT_STACK to be non-page aligned. The 841 // pthread_attr_getstack() reports the usable stack area 842 // stackaddr < stackaddr + stacksize, so if stackaddr is not 843 // page-aligned, calculate the fix such that stackaddr < 844 // new_page_aligned_stackaddr < stackaddr + stacksize 845 let remainder = stackaddr % page_size; 846 Some(if remainder == 0 { 847 stackptr 848 } else { 849 stackptr.with_addr(stackaddr + page_size - remainder) 850 }) 851 } 852 853 pub unsafe fn init() -> Option<Guard> { 854 let page_size = os::page_size(); 855 PAGE_SIZE.store(page_size, Ordering::Relaxed); 856 857 if cfg!(all(target_os = "linux", not(target_env = "musl"))) { 858 // Linux doesn't allocate the whole stack right away, and 859 // the kernel has its own stack-guard mechanism to fault 860 // when growing too close to an existing mapping. If we map 861 // our own guard, then the kernel starts enforcing a rather 862 // large gap above that, rendering much of the possible 863 // stack space useless. See #43052. 864 // 865 // Instead, we'll just note where we expect rlimit to start 866 // faulting, so our handler can report "stack overflow", and 867 // trust that the kernel's own stack guard will work. 868 let stackptr = get_stack_start_aligned()?; 869 let stackaddr = stackptr.addr(); 870 Some(stackaddr - page_size..stackaddr) 871 } else if cfg!(all(target_os = "linux", target_env = "musl")) { 872 // For the main thread, the musl's pthread_attr_getstack 873 // returns the current stack size, rather than maximum size 874 // it can eventually grow to. It cannot be used to determine 875 // the position of kernel's stack guard. 876 None 877 } else if cfg!(target_os = "freebsd") { 878 // FreeBSD's stack autogrows, and optionally includes a guard page 879 // at the bottom. If we try to remap the bottom of the stack 880 // ourselves, FreeBSD's guard page moves upwards. So we'll just use 881 // the builtin guard page. 882 let stackptr = get_stack_start_aligned()?; 883 let guardaddr = stackptr.addr(); 884 // Technically the number of guard pages is tunable and controlled 885 // by the security.bsd.stack_guard_page sysctl, but there are 886 // few reasons to change it from the default. The default value has 887 // been 1 ever since FreeBSD 11.1 and 10.4. 888 const GUARD_PAGES: usize = 1; 889 let guard = guardaddr..guardaddr + GUARD_PAGES * page_size; 890 Some(guard) 891 } else if cfg!(target_os = "openbsd") { 892 // OpenBSD stack already includes a guard page, and stack is 893 // immutable. 894 // 895 // We'll just note where we expect rlimit to start 896 // faulting, so our handler can report "stack overflow", and 897 // trust that the kernel's own stack guard will work. 898 let stackptr = get_stack_start_aligned()?; 899 let stackaddr = stackptr.addr(); 900 Some(stackaddr - page_size..stackaddr) 901 } else { 902 // Reallocate the last page of the stack. 903 // This ensures SIGBUS will be raised on 904 // stack overflow. 905 // Systems which enforce strict PAX MPROTECT do not allow 906 // to mprotect() a mapping with less restrictive permissions 907 // than the initial mmap() used, so we mmap() here with 908 // read/write permissions and only then mprotect() it to 909 // no permissions at all. See issue #50313. 910 let stackptr = get_stack_start_aligned()?; 911 let result = mmap64( 912 stackptr, 913 page_size, 914 PROT_READ | PROT_WRITE, 915 MAP_PRIVATE | MAP_ANON | MAP_FIXED, 916 -1, 917 0, 918 ); 919 if result != stackptr || result == MAP_FAILED { 920 panic!( 921 "failed to allocate a guard page: {}", 922 io::Error::last_os_error() 923 ); 924 } 925 926 let result = mprotect(stackptr, page_size, PROT_NONE); 927 if result != 0 { 928 panic!( 929 "failed to protect the guard page: {}", 930 io::Error::last_os_error() 931 ); 932 } 933 934 let guardaddr = stackptr.addr(); 935 936 Some(guardaddr..guardaddr + page_size) 937 } 938 } 939 940 #[cfg(any(target_os = "macos", target_os = "openbsd", target_os = "solaris"))] 941 pub unsafe fn current() -> Option<Guard> { 942 let stackptr = get_stack_start()?; 943 let stackaddr = stackptr.addr(); 944 Some(stackaddr - PAGE_SIZE.load(Ordering::Relaxed)..stackaddr) 945 } 946 947 #[cfg(any( 948 target_os = "android", 949 target_os = "freebsd", 950 target_os = "linux", 951 target_os = "netbsd", 952 target_os = "l4re" 953 ))] 954 pub unsafe fn current() -> Option<Guard> { 955 let mut ret = None; 956 let mut attr: dlibc::pthread_attr_t = crate::std::mem::zeroed(); 957 #[cfg(target_os = "freebsd")] 958 assert_eq!(dlibc::pthread_attr_init(&mut attr), 0); 959 #[cfg(target_os = "freebsd")] 960 let e = dlibc::pthread_attr_get_np(dlibc::pthread_self(), &mut attr); 961 #[cfg(not(target_os = "freebsd"))] 962 let e = dlibc::pthread_getattr_np(dlibc::pthread_self(), &mut attr); 963 if e == 0 { 964 let mut guardsize = 0; 965 assert_eq!(dlibc::pthread_attr_getguardsize(&attr, &mut guardsize), 0); 966 if guardsize == 0 { 967 if cfg!(all(target_os = "linux", target_env = "musl")) { 968 // musl versions before 1.1.19 always reported guard 969 // size obtained from pthread_attr_get_np as zero. 970 // Use page size as a fallback. 971 guardsize = PAGE_SIZE.load(Ordering::Relaxed); 972 } else { 973 panic!("there is no guard page"); 974 } 975 } 976 let mut stackptr = crate::std::ptr::null_mut::<dlibc::c_void>(); 977 let mut size = 0; 978 assert_eq!( 979 dlibc::pthread_attr_getstack(&attr, &mut stackptr, &mut size), 980 0 981 ); 982 983 let stackaddr = stackptr.addr(); 984 ret = if cfg!(any(target_os = "freebsd", target_os = "netbsd")) { 985 Some(stackaddr - guardsize..stackaddr) 986 } else if cfg!(all(target_os = "linux", target_env = "musl")) { 987 Some(stackaddr - guardsize..stackaddr) 988 } else if cfg!(all( 989 target_os = "linux", 990 any(target_env = "gnu", target_env = "uclibc") 991 )) { 992 // glibc used to include the guard area within the stack, as noted in the BUGS 993 // section of `man pthread_attr_getguardsize`. This has been corrected starting 994 // with glibc 2.27, and in some distro backports, so the guard is now placed at the 995 // end (below) the stack. There's no easy way for us to know which we have at 996 // runtime, so we'll just match any fault in the range right above or below the 997 // stack base to call that fault a stack overflow. 998 Some(stackaddr - guardsize..stackaddr + guardsize) 999 } else { 1000 Some(stackaddr..stackaddr + guardsize) 1001 }; 1002 } 1003 if e == 0 || cfg!(target_os = "freebsd") { 1004 assert_eq!(dlibc::pthread_attr_destroy(&mut attr), 0); 1005 } 1006 ret 1007 } 1008 } 1009 1010 // glibc >= 2.15 has a __pthread_get_minstack() function that returns 1011 // PTHREAD_STACK_MIN plus bytes needed for thread-local storage. 1012 // We need that information to avoid blowing up when a small stack 1013 // is created in an application with big thread-local storage requirements. 1014 // See #6233 for rationale and details. 1015 #[cfg(all(target_os = "linux", target_env = "gnu"))] 1016 fn min_stack_size(attr: *const dlibc::pthread_attr_t) -> usize { 1017 // We use dlsym to avoid an ELF version dependency on GLIBC_PRIVATE. (#23628) 1018 // We shouldn't really be using such an internal symbol, but there's currently 1019 // no other way to account for the TLS size. 1020 dlsym!(fn __pthread_get_minstack(*const dlibc::pthread_attr_t) -> dlibc::size_t); 1021 1022 match __pthread_get_minstack.get() { 1023 None => dlibc::PTHREAD_STACK_MIN, 1024 Some(f) => unsafe { f(attr) }, 1025 } 1026 } 1027 1028 // No point in looking up __pthread_get_minstack() on non-glibc platforms. 1029 #[cfg(all( 1030 not(all(target_os = "linux", target_env = "gnu")), 1031 not(target_os = "netbsd") 1032 ))] 1033 fn min_stack_size(_: *const dlibc::pthread_attr_t) -> usize { 1034 dlibc::PTHREAD_STACK_MIN 1035 } 1036 1037 #[cfg(target_os = "netbsd")] 1038 fn min_stack_size(_: *const dlibc::pthread_attr_t) -> usize { 1039 2048 // just a guess 1040 } 1041