introduce StaticRWLock wrapper to make methods safe

2021-02-08 23:34:23 +01:00 · 2021-02-08 23:34:23 +01:00 · 44abad5b12
parent 2200cf10d8
commit 44abad5b12
3 changed files with 72 additions and 60 deletions
--- a/library/std/src/sys/unix/os.rs
+++ b/library/std/src/sys/unix/os.rs
@ -22,7 +22,7 @@ use crate::str;
 use crate::sys::cvt;
 use crate::sys::fd;
 use crate::sys_common::mutex::{StaticMutex, StaticMutexGuard};
-use crate::sys_common::rwlock::{RWLock, RWLockGuard};
+use crate::sys_common::rwlock::{RWLockGuard, StaticRWLock};
 use crate::vec;

 use libc::{c_char, c_int, c_void};
@ -494,16 +494,17 @@ pub unsafe fn environ() -> *mut *const *const c_char {
    ptr::addr_of_mut!(environ)
 }

-pub unsafe fn env_rwlock(readonly: bool) -> RWLockGuard {
-    static ENV_LOCK: RWLock = RWLock::new();
-    if readonly { ENV_LOCK.read_with_guard() } else { ENV_LOCK.write_with_guard() }
+static ENV_LOCK: StaticRWLock = StaticRWLock::new();
+
+pub fn env_read_lock() -> RWLockGuard {
+    ENV_LOCK.read_with_guard()
 }

 /// Returns a vector of (variable, value) byte-vector pairs for all the
 /// environment variables of the current process.
 pub fn env() -> Env {
    unsafe {
-        let _guard = env_rwlock(true);
+        let _guard = env_read_lock();
        let mut environ = *environ();
        let mut result = Vec::new();
        if !environ.is_null() {
@ -540,7 +541,7 @@ pub fn getenv(k: &OsStr) -> io::Result<Option<OsString>> {
    // always None as well
    let k = CString::new(k.as_bytes())?;
    unsafe {
-        let _guard = env_rwlock(true);
+        let _guard = env_read_lock();
        let s = libc::getenv(k.as_ptr()) as *const libc::c_char;
        let ret = if s.is_null() {
            None
@ -556,7 +557,7 @@ pub fn setenv(k: &OsStr, v: &OsStr) -> io::Result<()> {
    let v = CString::new(v.as_bytes())?;

    unsafe {
-        let _guard = env_rwlock(false);
+        let _guard = ENV_LOCK.write_with_guard();
        cvt(libc::setenv(k.as_ptr(), v.as_ptr(), 1)).map(drop)
    }
 }
@ -565,7 +566,7 @@ pub fn unsetenv(n: &OsStr) -> io::Result<()> {
    let nbuf = CString::new(n.as_bytes())?;

    unsafe {
-        let _guard = env_rwlock(false);
+        let _guard = ENV_LOCK.write_with_guard();
        cvt(libc::unsetenv(nbuf.as_ptr())).map(drop)
    }
 }
--- a/library/std/src/sys/unix/process/process_unix.rs
+++ b/library/std/src/sys/unix/process/process_unix.rs
@ -47,7 +47,7 @@ impl Command {
        // a lock any more because the parent won't do anything and the child is
        // in its own process.
        let result = unsafe {
-            let _env_lock = sys::os::env_rwlock(true);
+            let _env_lock = sys::os::env_read_lock();
            cvt(libc::fork())?
        };

@ -124,7 +124,7 @@ impl Command {
                    // Similar to when forking, we want to ensure that access to
                    // the environment is synchronized, so make sure to grab the
                    // environment lock before we try to exec.
-                    let _lock = sys::os::env_rwlock(true);
+                    let _lock = sys::os::env_read_lock();

                    let Err(e) = self.do_exec(theirs, envp.as_ref());
                    e
@ -404,7 +404,7 @@ impl Command {
            cvt_nz(libc::posix_spawnattr_setflags(attrs.0.as_mut_ptr(), flags as _))?;

            // Make sure we synchronize access to the global `environ` resource
-            let _env_lock = sys::os::env_rwlock(true);
+            let _env_lock = sys::os::env_read_lock();
            let envp = envp.map(|c| c.as_ptr()).unwrap_or_else(|| *sys::os::environ() as *const _);
            cvt_nz(libc::posix_spawnp(
                &mut p.pid,
--- a/library/std/src/sys_common/rwlock.rs
+++ b/library/std/src/sys_common/rwlock.rs
@ -1,26 +1,5 @@
 use crate::sys::rwlock as imp;

-#[cfg(unix)]
-enum GuardType {
-    Read,
-    Write,
-}
-
-#[cfg(unix)]
-pub struct RWLockGuard(&'static RWLock, GuardType);
-
-#[cfg(unix)]
-impl Drop for RWLockGuard {
-    fn drop(&mut self) {
-        unsafe {
-            match &self.1 {
-                GuardType::Read => self.0.read_unlock(),
-                GuardType::Write => self.0.write_unlock(),
-            }
-        }
-    }
-}
-
 /// An OS-based reader-writer lock.
 ///
 /// This structure is entirely unsafe and serves as the lowest layer of a
@ -47,20 +26,6 @@ impl RWLock {
        self.0.read()
    }

-    /// Acquires shared access to the underlying lock, blocking the current
-    /// thread to do so.
-    ///
-    /// The lock is automatically unlocked when the returned guard is dropped.
-    ///
-    /// Behavior is undefined if the rwlock has been moved between this and any
-    /// previous method call.
-    #[inline]
-    #[cfg(unix)]
-    pub unsafe fn read_with_guard(&'static self) -> RWLockGuard {
-        self.read();
-        RWLockGuard(&self, GuardType::Read)
-    }
-
    /// Attempts to acquire shared access to this lock, returning whether it
    /// succeeded or not.
    ///
@ -83,20 +48,6 @@ impl RWLock {
        self.0.write()
    }

-    /// Acquires write access to the underlying lock, blocking the current thread
-    /// to do so.
-    ///
-    /// The lock is automatically unlocked when the returned guard is dropped.
-    ///
-    /// Behavior is undefined if the rwlock has been moved between this and any
-    /// previous method call.
-    #[inline]
-    #[cfg(unix)]
-    pub unsafe fn write_with_guard(&'static self) -> RWLockGuard {
-        self.write();
-        RWLockGuard(&self, GuardType::Write)
-    }
-
    /// Attempts to acquire exclusive access to this lock, returning whether it
    /// succeeded or not.
    ///
@ -135,3 +86,63 @@ impl RWLock {
        self.0.destroy()
    }
 }
+
+// the cfg annotations only exist due to dead code warnings. the code itself is portable
+#[cfg(unix)]
+pub struct StaticRWLock(RWLock);
+
+#[cfg(unix)]
+impl StaticRWLock {
+    pub const fn new() -> StaticRWLock {
+        StaticRWLock(RWLock::new())
+    }
+
+    /// Acquires shared access to the underlying lock, blocking the current
+    /// thread to do so.
+    ///
+    /// The lock is automatically unlocked when the returned guard is dropped.
+    #[inline]
+    pub fn read_with_guard(&'static self) -> RWLockGuard {
+        // Safety: All methods require static references, therefore self
+        // cannot be moved between invocations.
+        unsafe {
+            self.0.read();
+        }
+        RWLockGuard(&self.0, GuardType::Read)
+    }
+
+    /// Acquires write access to the underlying lock, blocking the current thread
+    /// to do so.
+    ///
+    /// The lock is automatically unlocked when the returned guard is dropped.
+    #[inline]
+    pub fn write_with_guard(&'static self) -> RWLockGuard {
+        // Safety: All methods require static references, therefore self
+        // cannot be moved between invocations.
+        unsafe {
+            self.0.write();
+        }
+        RWLockGuard(&self.0, GuardType::Write)
+    }
+}
+
+#[cfg(unix)]
+enum GuardType {
+    Read,
+    Write,
+}
+
+#[cfg(unix)]
+pub struct RWLockGuard(&'static RWLock, GuardType);
+
+#[cfg(unix)]
+impl Drop for RWLockGuard {
+    fn drop(&mut self) {
+        unsafe {
+            match &self.1 {
+                GuardType::Read => self.0.read_unlock(),
+                GuardType::Write => self.0.write_unlock(),
+            }
+        }
+    }
+}