Skip the main thread's manual stack guard on Linux
Linux doesn't allocate the whole stack right away, and the kernel has its own stack-guard mechanism to fault when growing too close to an existing mapping. If we map our own guard, then the kernel starts enforcing a rather large gap above that, rendering much of the possible stack space useless.
Instead, we'll just note where we expect rlimit to start faulting, so our handler can report "stack overflow", and trust that the kernel's own stack guard will work.
Fixes#43052.
r? @alexcrichton
### Kernel compatibility:
Strictly speaking, Rust claims support for Linux kernels >= 2.6.18, and stack guards were only added to mainline in 2.6.36 for [CVE-2010-2240]. But since that vulnerability was so severe, the guards were backported to many stable branches, and Red Hat patched this all the way back to RHEL3's 2.4.21! I think it's reasonable for us to assume that any *supportable* kernel should have these stack guards.
At that time, the kernel only enforced one page of padding between the stack and other mappings, but thanks to [Stack Clash] that padding is now much larger, causing #43052. The kernel side of those fixes are in [CVE-2017-1000364], which Red Hat has backported to at least RHEL5's 2.6.18 so far.
[CVE-2010-2240]: https://access.redhat.com/security/cve/CVE-2010-2240
[CVE-2017-1000364]: https://access.redhat.com/security/cve/CVE-2017-1000364
[Stack Clash]: https://access.redhat.com/security/vulnerabilities/stackguard
Replace the global fulfillment cache with the evaluation cache
This uses the new "Chalk" ParamEnv refactoring to check "global" predicates in an empty environment, which should be correct because global predicates aren't affected by a consistent environment.
Fixes#39970.
Fixes#42796.
r? @nikomatsakis
This is just duplicating the logic from the old fulfillment cache, so
I'm not sure it is 100% correct, but it should not be more wrong than
the old logic.
Linux doesn't allocate the whole stack right away, and the kernel has
its own stack-guard mechanism to fault when growing too close to an
existing mapping. If we map our own guard, then the kernel starts
enforcing a rather large gap above that, rendering much of the possible
stack space useless.
Instead, we'll just note where we expect rlimit to start faulting, so
our handler can report "stack overflow", and trust that the kernel's own
stack guard will work.
Fixes#43052.
add a built-in MSP430 target
the MSP430 backend has been enabled for a while but no target was added to rustc
to encourage out of tree experimentation.
We believe the out of tree (custom) target has been iterated long enough and is
stable enough for inclusion in the compiler. Kudos to @pftbest and @awygle for
fixing several LLVM / codegen bugs this target had!
The target name chosen is a slight variation of the triple gcc uses, which is
simply `msp430-elf`. We picked `msp430-none-elf` to leave room for custom
targets that target some embedded OS running on MSP430 devices. (cf. the
custom `thumbv7m-tockos-eabi` target TockOS uses vs the built-in
`thumbv7m-none-eabi`).
There's one expected change in the specification of the proposed target: the
`asm_args` and `no_integrated_as` fields will change to their default values.
Once the LLVM backend gains the ability to directly produce MSP430 object files
we can stop depending on `msp430-elf-gcc` for producing object files; when that
occurs the `asm` related fields will change. This change won't break existing
user code.
r? @alexcrichton
cc @brson
rustdoc: Don't run Markdown tests twice
This matches the behaviour for finding tests in Rust files.
This was a regression from 1.17 to 1.18 so it would be a good idea to backport this to beta so at least 1.19 won't also be affected.
Fixes#42726
r? @GuillaumeGomez
Implement TcpStream::connect_timeout
This breaks the "single syscall rule", but it's really annoying to hand
write and is pretty foundational.
r? @alexcrichton
cc @rust-lang/libs
Check types for privacy
This PR implements late post factum checking of type privacy, as opposed to early preventive "private-in-public" checking.
This will allow to turn private-in-public checks into a lint and make them more heuristic-based, and more aligned with what people may expect (e.g. reachability-based behavior).
Types are privacy-checked if they are written explicitly, and also if they are inferred as expression or pattern types.
This PR checks "semantic" types and does it unhygienically, this significantly restricts what macros 2.0 (as implemented in https://github.com/rust-lang/rust/pull/40847) can do (sorry @jseyfried) - they still can use private *names*, but can't use private *types*.
This is the most conservative solution, but hopefully it's temporary and can be relaxed in the future, probably using macro contexts of expression/pattern spans.
Traits are also checked in preparation for [trait aliases](https://github.com/rust-lang/rust/issues/41517), which will be able to leak private traits, and macros 2.0 which will be able to leak pretty much anything.
This is a [breaking-change], but the code that is not contrived and can be broken by this patch should be guarded by `private_in_public` lint. [Previous crater run](https://github.com/rust-lang/rust/issues/34537#issuecomment-262865768) discovered a few abandoned crates that weren't updated since `private_in_public` has been introduced in 2015.
cc https://github.com/rust-lang/rust/issues/34537https://internals.rust-lang.org/t/lang-team-minutes-private-in-public-rules/4504
Fixes https://github.com/rust-lang/rust/issues/30476
Fixes https://github.com/rust-lang/rust/issues/33479
cc @nikomatsakis
r? @eddyb
Make suggestion include the line number
When there're more than one suggestions in the same diagnostic, they are
displayed in their own block, instead of inline. In order to reduce
confusion, those blocks now display the line number.
New output:
```
error[E0308]: mismatched types
--> ../../src/test/ui/block-result/unexpected-return-on-unit.rs:19:5
|
19 | foo()
| ^^^^^ expected (), found usize
|
= note: expected type `()`
found type `usize`
help: did you mean to add a semicolon here?
|
19 | foo();
| ^
help: possibly return type missing here?
|
18 | fn bar() -> usize {
| ^^^^^^^^
error: aborting due to previous error(s)
```
Fix#39152.
When there're more than one suggestions in the same diagnostic, they are
displayed in their own block, instead of inline. In order to reduce
confusion, those blocks now display the line number.
rustc: Implement stack probes for x86
This commit implements stack probes on x86/x86_64 using the freshly landed
support upstream in LLVM. The purpose of stack probes here are to guarantee a
segfault on stack overflow rather than having a chance of running over the guard
page already present on all threads by accident.
At this time there's no support for any other architecture because LLVM itself
does not have support for other architectures.
This commit implements stack probes on x86/x86_64 using the freshly landed
support upstream in LLVM. The purpose of stack probes here are to guarantee a
segfault on stack overflow rather than having a chance of running over the guard
page already present on all threads by accident.
At this time there's no support for any other architecture because LLVM itself
does not have support for other architectures.
Suggest rustup toolchain link
The contributing instructions only explain how to build the compiler, but not how to try it out.
I found `rustup toolchain link` to be super useful for this, so I think it's good to suggest it.
use field init shorthand in src/librustc/
Commentary on #37340 [suggested](https://github.com/rust-lang/rust/issues/37340#issuecomment-255513390) using the new field init syntax in the compiler. Do we care about this? If so, here's a pull request for the librustc/ directory. While [`rustfmt` might do this in the future](https://github.com/rust-lang/rust/issues/37340#issuecomment-255513712), in the meantime, some simple Python will do:
```python
#!/usr/bin/env python3
import os, re, sys
OPPORTUNITY = re.compile(r" (\w+): \1,?\n")
def field_init_shorthand_substitution(filename):
with open(filename) as f:
text = f.read()
revised = OPPORTUNITY.sub(r" \1,\n", text)
with open(filename, 'w') as f:
f.write(revised)
def substitute_in_directory(path):
for dirname, _subdirs, basenames in os.walk(path):
for basename in basenames:
field_init_shorthand_substitution(os.path.join(dirname, basename))
if __name__ == "__main__":
substitute_in_directory(sys.argv[1])
```
**Update 3 July**: edited the search (respectively replace) regex to ` (\w+): \1,?\n` (` \1,\n`) from ` (\w+): \1,` (` \1,`)
Switch to rust-lang-nursery/compiler-builtins
This commit migrates the in-tree `libcompiler_builtins` to the upstream version
at https://github.com/rust-lang-nursery/compiler-builtins. The upstream version
has a number of intrinsics written in Rust and serves as an in-progress rewrite
of compiler-rt into Rust. Additionally it also contains all the existing
intrinsics defined in `libcompiler_builtins` for 128-bit integers.
It's been the intention since the beginning to make this transition but
previously it just lacked the manpower to get done. As this PR likely shows it
wasn't a trivial integration! Some highlight changes are:
* The PR rust-lang-nursery/compiler-builtins#166 contains a number of fixes
across platforms and also some refactorings to make the intrinsics easier to
read. The additional testing added there also fixed a number of integration
issues when pulling the repository into this tree.
* LTO with the compiler-builtins crate was fixed to link in the entire crate
after the LTO process as these intrinsics are excluded from LTO.
* Treatment of hidden symbols was updated as previously the
`#![compiler_builtins]` crate would mark all symbol *imports* as hidden
whereas it was only intended to mark *exports* as hidden.