refactor(fspy): gate ipc channel module on non-musl targets#328
Merged
branchseer merged 1 commit intomainfrom Apr 13, 2026
Merged
refactor(fspy): gate ipc channel module on non-musl targets#328branchseer merged 1 commit intomainfrom
branchseer merged 1 commit intomainfrom
Conversation
The shared-memory IPC channel is only used to transport path accesses from the preload library to the supervisor. On musl targets, the preload library is not built (seccomp-only tracking is used), so the channel has no senders and produces no data. Gate the entire `fspy_shared::ipc::channel` module and its downstream users behind `#[cfg(not(target_env = "musl"))]` so musl builds no longer allocate the 4 GiB shared-memory region, create the lock file, or wait for the receiver lock. - `fspy_shared::ipc::channel` module is now non-musl only - `fspy::ipc` (which re-exports `OwnedReceiverLockGuard` and `SHM_CAPACITY`) is non-musl only - `fspy::unix::SpyImpl::spawn` no longer creates a channel on musl; `PathAccessIterable` drops its `ipc_receiver_lock_guard` field on musl and `iter()` only yields arena-collected accesses - Update `Payload::seccomp_payload`'s `struct_field_names` expect so it only applies on non-musl, where `Payload` still has multiple fields (on musl it's the only field and the lint no longer fires) https://claude.ai/code/session_01VqiMHiGeViu1pGhWwJ67Qc
There was a problem hiding this comment.
Pull request overview
This PR refactors the IPC layer to avoid creating the shared-memory path-access channel on musl targets, where the preload-based sender is not built and seccomp-only tracking is used instead.
Changes:
- Gate
fspy_shared::ipc::channelandfspy::ipcbehind#[cfg(not(target_env = "musl"))]. - Skip IPC channel creation/locking on musl in
fspy::unix::SpyImpl::spawnand only iterate arena-collected accesses there. - Make the clippy
struct_field_names#[expect]conditional so it only applies on non-musl where the lint actually fires.
Reviewed changes
Copilot reviewed 4 out of 4 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| crates/fspy/src/unix/mod.rs | Removes musl IPC channel creation/locking and makes path-access iteration musl-aware. |
| crates/fspy/src/lib.rs | Gates the ipc module on non-musl targets. |
| crates/fspy_shared/src/ipc/mod.rs | Gates the ipc::channel module on non-musl targets. |
| crates/fspy_shared_unix/src/payload.rs | Makes the clippy #[expect] conditional to avoid musl-only build failures. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Gate the entire
fspy_shared::ipc::channelmodule behind#[cfg(not(target_env = "musl"))]. The shared-memory IPC channel exists to move path accesses from the preload library to the supervisor, but on musl targets the preload library isn't built (seccomp-only tracking is used). With no senders, the channel produces no data, and creating it on musl just wastes a 4 GiB shared-memory region, a lock file, and a blocking receiver-lock step after the child exits.Changes
fspy_shared::ipc::channelmodule is now non-musl onlyfspy::ipc(re-exportsOwnedReceiverLockGuard,SHM_CAPACITY) is non-musl onlyfspy::unix::SpyImpl::spawnskips channel creation on muslPathAccessIterabledrops itsipc_receiver_lock_guardfield on musl;iter()only yields arena-collected accesses therePayload::seccomp_payload'sstruct_field_names#[expect]is now#[cfg_attr(not(target_env = "musl"), ...)]since on muslPayloadhas only this one field and clippy'sstruct_field_nameslint no longer firesWindows paths are untouched — they never satisfy
target_env = "musl".Test plan
cargo check --workspace --all-featureson host (glibc)cargo check --workspace --all-features --target x86_64-unknown-linux-muslcargo clippy --workspace --all-targets --all-features -- -D warningson hostcargo fmt --checkRUSTDOCFLAGS='-D warnings' cargo doc --no-deps --document-private-itemscargo test -p fspy_shared -p fspy_shared_unix(24 pass)cargo test -p fspy --test node_fs— exercises the full spawn + IPC pipeline (8 pass)https://claude.ai/code/session_01VqiMHiGeViu1pGhWwJ67Qc