std: use readdir on nearly all UNIX platforms#158727
Conversation
|
cc @rust-lang/miri |
|
r? @JohnTitor rustbot has assigned @JohnTitor. Use Why was this reviewer chosen?The reviewer was selected based on:
|
|
This PR was rebased onto a different main commit. Here's a range-diff highlighting what actually changed. Rebasing is a normal part of keeping PRs up to date, so no action is needed—this note is just to help reviewers. |
|
@joboet - you've linked to VxWorks docs under the QNX entry? https://www.qnx.com/developers/docs/8.0/com.qnx.doc.neutrino.lib_ref/topic/r/readdir.html says:
https://www.qnx.com/developers/docs/7.1/com.qnx.doc.neutrino.lib_ref/topic/r/readdir.html says the same thing |
|
Whoops, I got the RTOSs confused 😉 ... thanks for the link! |
Co-authored-by: Ralf Jung <post@ralfj.de>
POSIX.1-2024 formalised what was already guaranteed by a lot of implementations and required
readdirto be thread-safe as long as an individualDIR*is not accessed concurrently (whichReadDir::nextensures by taking a mutable reference). But since ourread_dirimplementation predates that standard, we currently only utilisereaddiron the platforms that guarantee thread-safety in their documentation. On other implementations – notably macOS – we use thereaddir_rfunction, which was always required to be thread-safe but is problematic because it cannot handle directory entries with names longer thanNAME_MAX.However, even the first POSIX issue, POSIX.1-1994, specified that the data in the returned
direntand that guarantee together with the requirement that the underlying syscalls need to be thread-safe already because of
readdir_rresult inreaddirbeing thread-safe on nearly all implementations, even if they predate POSIX.1-2024. Given the now formalised guarantee I think it safe to assume that currently thread-safe implementations will not be changed in a way that violates thread-safety.CC T-libs, do you agree?
@rustbot label +I-libs-nominated
I thus looked at the
readdirimplementation of all the UNIXes currently utilisingreaddir_rto check for thread-safety:DIR*it acts on.DIR*.readdiris not reentrant. CC @rfatykhov-lynxDIR*.DIR*.DIR*.readdiris not thread-safe (at least on FAT) due to caching file metadata in the VFS context without locks.opendirdoes the same thing, too?! And the cache is never invalidated, even when the file is deleted?! Honestly, this is just broken... CC @ivmarkov @MabezDev @SergioGasquezDIR*.On the implementations where I couldn't confirm thread-safety
ReadDirwill still usereaddir_r, but I've changed the code so that this edge-case is limited toReadDir::next. All other platforms now usereaddir.