1use crate::ffi::CStr;
2use crate::mem::{self, ManuallyDrop};
3use crate::num::NonZero;
4#[cfg(all(target_os = "linux", target_env = "gnu"))]
5use crate::sys::weak::dlsym;
6#[cfg(any(target_os = "solaris", target_os = "illumos", target_os = "nto",))]
7use crate::sys::weak::weak;
8use crate::sys::{os, stack_overflow};
9use crate::time::Duration;
10use crate::{cmp, io, ptr};
11#[cfg(not(any(target_os = "l4re", target_os = "vxworks", target_os = "espidf")))]
12pub const DEFAULT_MIN_STACK_SIZE: usize = 2 * 1024 * 1024;
13#[cfg(target_os = "l4re")]
14pub const DEFAULT_MIN_STACK_SIZE: usize = 1024 * 1024;
15#[cfg(target_os = "vxworks")]
16pub const DEFAULT_MIN_STACK_SIZE: usize = 256 * 1024;
17#[cfg(target_os = "espidf")]
18pub const DEFAULT_MIN_STACK_SIZE: usize = 0; // 0 indicates that the stack size configured in the ESP-IDF menuconfig system should be used
19
20#[cfg(target_os = "fuchsia")]
21mod zircon {
22 type zx_handle_t = u32;
23 type zx_status_t = i32;
24 pub const ZX_PROP_NAME: u32 = 3;
25
26 unsafe extern "C" {
27 pub fn zx_object_set_property(
28 handle: zx_handle_t,
29 property: u32,
30 value: *const libc::c_void,
31 value_size: libc::size_t,
32 ) -> zx_status_t;
33 pub fn zx_thread_self() -> zx_handle_t;
34 }
35}
36
37pub struct Thread {
38 id: libc::pthread_t,
39}
40
41// Some platforms may have pthread_t as a pointer in which case we still want
42// a thread to be Send/Sync
43unsafe impl Send for Thread {}
44unsafe impl Sync for Thread {}
45
46impl Thread {
47 // unsafe: see thread::Builder::spawn_unchecked for safety requirements
48 #[cfg_attr(miri, track_caller)] // even without panics, this helps for Miri backtraces
49 pub unsafe fn new(stack: usize, p: Box<dyn FnOnce()>) -> io::Result<Thread> {
50 let p = Box::into_raw(Box::new(p));
51 let mut native: libc::pthread_t = mem::zeroed();
52 let mut attr: mem::MaybeUninit<libc::pthread_attr_t> = mem::MaybeUninit::uninit();
53 assert_eq!(libc::pthread_attr_init(attr.as_mut_ptr()), 0);
54
55 #[cfg(target_os = "espidf")]
56 if stack > 0 {
57 // Only set the stack if a non-zero value is passed
58 // 0 is used as an indication that the default stack size configured in the ESP-IDF menuconfig system should be used
59 assert_eq!(
60 libc::pthread_attr_setstacksize(
61 attr.as_mut_ptr(),
62 cmp::max(stack, min_stack_size(attr.as_ptr()))
63 ),
64 0
65 );
66 }
67
68 #[cfg(not(target_os = "espidf"))]
69 {
70 let stack_size = cmp::max(stack, min_stack_size(attr.as_ptr()));
71
72 match libc::pthread_attr_setstacksize(attr.as_mut_ptr(), stack_size) {
73 0 => {}
74 n => {
75 assert_eq!(n, libc::EINVAL);
76 // EINVAL means |stack_size| is either too small or not a
77 // multiple of the system page size. Because it's definitely
78 // >= PTHREAD_STACK_MIN, it must be an alignment issue.
79 // Round up to the nearest page and try again.
80 let page_size = os::page_size();
81 let stack_size =
82 (stack_size + page_size - 1) & (-(page_size as isize - 1) as usize - 1);
83 assert_eq!(libc::pthread_attr_setstacksize(attr.as_mut_ptr(), stack_size), 0);
84 }
85 };
86 }
87
88 let ret = libc::pthread_create(&mut native, attr.as_ptr(), thread_start, p as *mut _);
89 // Note: if the thread creation fails and this assert fails, then p will
90 // be leaked. However, an alternative design could cause double-free
91 // which is clearly worse.
92 assert_eq!(libc::pthread_attr_destroy(attr.as_mut_ptr()), 0);
93
94 return if ret != 0 {
95 // The thread failed to start and as a result p was not consumed. Therefore, it is
96 // safe to reconstruct the box so that it gets deallocated.
97 drop(Box::from_raw(p));
98 Err(io::Error::from_raw_os_error(ret))
99 } else {
100 Ok(Thread { id: native })
101 };
102
103 extern "C" fn thread_start(main: *mut libc::c_void) -> *mut libc::c_void {
104 unsafe {
105 // Next, set up our stack overflow handler which may get triggered if we run
106 // out of stack.
107 let _handler = stack_overflow::Handler::new();
108 // Finally, let's run some code.
109 Box::from_raw(main as *mut Box<dyn FnOnce()>)();
110 }
111 ptr::null_mut()
112 }
113 }
114
115 pub fn yield_now() {
116 let ret = unsafe { libc::sched_yield() };
117 debug_assert_eq!(ret, 0);
118 }
119
120 #[cfg(target_os = "android")]
121 pub fn set_name(name: &CStr) {
122 const PR_SET_NAME: libc::c_int = 15;
123 unsafe {
124 let res = libc::prctl(
125 PR_SET_NAME,
126 name.as_ptr(),
127 0 as libc::c_ulong,
128 0 as libc::c_ulong,
129 0 as libc::c_ulong,
130 );
131 // We have no good way of propagating errors here, but in debug-builds let's check that this actually worked.
132 debug_assert_eq!(res, 0);
133 }
134 }
135
136 #[cfg(any(
137 target_os = "linux",
138 target_os = "freebsd",
139 target_os = "dragonfly",
140 target_os = "nuttx",
141 target_os = "cygwin"
142 ))]
143 pub fn set_name(name: &CStr) {
144 unsafe {
145 cfg_if::cfg_if! {
146 if #[cfg(any(target_os = "linux", target_os = "cygwin"))] {
147 // Linux and Cygwin limits the allowed length of the name.
148 const TASK_COMM_LEN: usize = 16;
149 let name = truncate_cstr::<{ TASK_COMM_LEN }>(name);
150 } else {
151 // FreeBSD, DragonFly BSD and NuttX do not enforce length limits.
152 }
153 };
154 // Available since glibc 2.12, musl 1.1.16, and uClibc 1.0.20 for Linux,
155 // FreeBSD 12.2 and 13.0, and DragonFly BSD 6.0.
156 let res = libc::pthread_setname_np(libc::pthread_self(), name.as_ptr());
157 // We have no good way of propagating errors here, but in debug-builds let's check that this actually worked.
158 debug_assert_eq!(res, 0);
159 }
160 }
161
162 #[cfg(target_os = "openbsd")]
163 pub fn set_name(name: &CStr) {
164 unsafe {
165 libc::pthread_set_name_np(libc::pthread_self(), name.as_ptr());
166 }
167 }
168
169 #[cfg(target_vendor = "apple")]
170 pub fn set_name(name: &CStr) {
171 unsafe {
172 let name = truncate_cstr::<{ libc::MAXTHREADNAMESIZE }>(name);
173 let res = libc::pthread_setname_np(name.as_ptr());
174 // We have no good way of propagating errors here, but in debug-builds let's check that this actually worked.
175 debug_assert_eq!(res, 0);
176 }
177 }
178
179 #[cfg(target_os = "netbsd")]
180 pub fn set_name(name: &CStr) {
181 unsafe {
182 let res = libc::pthread_setname_np(
183 libc::pthread_self(),
184 c"%s".as_ptr(),
185 name.as_ptr() as *mut libc::c_void,
186 );
187 debug_assert_eq!(res, 0);
188 }
189 }
190
191 #[cfg(any(target_os = "solaris", target_os = "illumos", target_os = "nto"))]
192 // FIXME(#115199): Rust currently omits weak function definitions
193 // and its metadata from LLVM IR.
194 #[no_sanitize(cfi)]
195 pub fn set_name(name: &CStr) {
196 weak! {
197 fn pthread_setname_np(
198 libc::pthread_t, *const libc::c_char
199 ) -> libc::c_int
200 }
201
202 if let Some(f) = pthread_setname_np.get() {
203 #[cfg(target_os = "nto")]
204 const THREAD_NAME_MAX: usize = libc::_NTO_THREAD_NAME_MAX as usize;
205 #[cfg(any(target_os = "solaris", target_os = "illumos"))]
206 const THREAD_NAME_MAX: usize = 32;
207
208 let name = truncate_cstr::<{ THREAD_NAME_MAX }>(name);
209 let res = unsafe { f(libc::pthread_self(), name.as_ptr()) };
210 debug_assert_eq!(res, 0);
211 }
212 }
213
214 #[cfg(target_os = "fuchsia")]
215 pub fn set_name(name: &CStr) {
216 use self::zircon::*;
217 unsafe {
218 zx_object_set_property(
219 zx_thread_self(),
220 ZX_PROP_NAME,
221 name.as_ptr() as *const libc::c_void,
222 name.to_bytes().len(),
223 );
224 }
225 }
226
227 #[cfg(target_os = "haiku")]
228 pub fn set_name(name: &CStr) {
229 unsafe {
230 let thread_self = libc::find_thread(ptr::null_mut());
231 let res = libc::rename_thread(thread_self, name.as_ptr());
232 // We have no good way of propagating errors here, but in debug-builds let's check that this actually worked.
233 debug_assert_eq!(res, libc::B_OK);
234 }
235 }
236
237 #[cfg(target_os = "vxworks")]
238 pub fn set_name(name: &CStr) {
239 // FIXME(libc): adding real STATUS, ERROR type eventually.
240 unsafe extern "C" {
241 fn taskNameSet(task_id: libc::TASK_ID, task_name: *mut libc::c_char) -> libc::c_int;
242 }
243
244 // VX_TASK_NAME_LEN is 31 in VxWorks 7.
245 const VX_TASK_NAME_LEN: usize = 31;
246
247 let mut name = truncate_cstr::<{ VX_TASK_NAME_LEN }>(name);
248 let res = unsafe { taskNameSet(libc::taskIdSelf(), name.as_mut_ptr()) };
249 debug_assert_eq!(res, libc::OK);
250 }
251
252 #[cfg(any(
253 target_env = "newlib",
254 target_os = "l4re",
255 target_os = "emscripten",
256 target_os = "redox",
257 target_os = "hurd",
258 target_os = "aix",
259 ))]
260 pub fn set_name(_name: &CStr) {
261 // Newlib and Emscripten have no way to set a thread name.
262 }
263
264 #[cfg(not(target_os = "espidf"))]
265 pub fn sleep(dur: Duration) {
266 let mut secs = dur.as_secs();
267 let mut nsecs = dur.subsec_nanos() as _;
268
269 // If we're awoken with a signal then the return value will be -1 and
270 // nanosleep will fill in `ts` with the remaining time.
271 unsafe {
272 while secs > 0 || nsecs > 0 {
273 let mut ts = libc::timespec {
274 tv_sec: cmp::min(libc::time_t::MAX as u64, secs) as libc::time_t,
275 tv_nsec: nsecs,
276 };
277 secs -= ts.tv_sec as u64;
278 let ts_ptr = &raw mut ts;
279 if libc::nanosleep(ts_ptr, ts_ptr) == -1 {
280 assert_eq!(os::errno(), libc::EINTR);
281 secs += ts.tv_sec as u64;
282 nsecs = ts.tv_nsec;
283 } else {
284 nsecs = 0;
285 }
286 }
287 }
288 }
289
290 #[cfg(target_os = "espidf")]
291 pub fn sleep(dur: Duration) {
292 // ESP-IDF does not have `nanosleep`, so we use `usleep` instead.
293 // As per the documentation of `usleep`, it is expected to support
294 // sleep times as big as at least up to 1 second.
295 //
296 // ESP-IDF does support almost up to `u32::MAX`, but due to a potential integer overflow in its
297 // `usleep` implementation
298 // (https://github.com/espressif/esp-idf/blob/d7ca8b94c852052e3bc33292287ef4dd62c9eeb1/components/newlib/time.c#L210),
299 // we limit the sleep time to the maximum one that would not cause the underlying `usleep` implementation to overflow
300 // (`portTICK_PERIOD_MS` can be anything between 1 to 1000, and is 10 by default).
301 const MAX_MICROS: u32 = u32::MAX - 1_000_000 - 1;
302
303 // Add any nanoseconds smaller than a microsecond as an extra microsecond
304 // so as to comply with the `std::thread::sleep` contract which mandates
305 // implementations to sleep for _at least_ the provided `dur`.
306 // We can't overflow `micros` as it is a `u128`, while `Duration` is a pair of
307 // (`u64` secs, `u32` nanos), where the nanos are strictly smaller than 1 second
308 // (i.e. < 1_000_000_000)
309 let mut micros = dur.as_micros() + if dur.subsec_nanos() % 1_000 > 0 { 1 } else { 0 };
310
311 while micros > 0 {
312 let st = if micros > MAX_MICROS as u128 { MAX_MICROS } else { micros as u32 };
313 unsafe {
314 libc::usleep(st);
315 }
316
317 micros -= st as u128;
318 }
319 }
320
321 pub fn join(self) {
322 let id = self.into_id();
323 let ret = unsafe { libc::pthread_join(id, ptr::null_mut()) };
324 assert!(ret == 0, "failed to join thread: {}", io::Error::from_raw_os_error(ret));
325 }
326
327 pub fn id(&self) -> libc::pthread_t {
328 self.id
329 }
330
331 pub fn into_id(self) -> libc::pthread_t {
332 ManuallyDrop::new(self).id
333 }
334}
335
336impl Drop for Thread {
337 fn drop(&mut self) {
338 let ret: i32 = unsafe { libc::pthread_detach(self.id) };
339 debug_assert_eq!(ret, 0);
340 }
341}
342
343#[cfg(any(
344 target_os = "linux",
345 target_os = "nto",
346 target_os = "solaris",
347 target_os = "illumos",
348 target_os = "vxworks",
349 target_os = "cygwin",
350 target_vendor = "apple",
351))]
352fn truncate_cstr<const MAX_WITH_NUL: usize>(cstr: &CStr) -> [libc::c_char; MAX_WITH_NUL] {
353 let mut result: [i8; MAX_WITH_NUL] = [0; MAX_WITH_NUL];
354 for (src: &u8, dst: &mut i8) in cstr.to_bytes().iter().zip(&mut result[..MAX_WITH_NUL - 1]) {
355 *dst = *src as libc::c_char;
356 }
357 result
358}
359
360pub fn available_parallelism() -> io::Result<NonZero<usize>> {
361 cfg_if::cfg_if! {
362 if #[cfg(any(
363 target_os = "android",
364 target_os = "emscripten",
365 target_os = "fuchsia",
366 target_os = "hurd",
367 target_os = "linux",
368 target_os = "aix",
369 target_vendor = "apple",
370 target_os = "cygwin",
371 ))] {
372 #[allow(unused_assignments)]
373 #[allow(unused_mut)]
374 let mut quota = usize::MAX;
375
376 #[cfg(any(target_os = "android", target_os = "linux"))]
377 {
378 quota = cgroups::quota().max(1);
379 let mut set: libc::cpu_set_t = unsafe { mem::zeroed() };
380 unsafe {
381 if libc::sched_getaffinity(0, size_of::<libc::cpu_set_t>(), &mut set) == 0 {
382 let count = libc::CPU_COUNT(&set) as usize;
383 let count = count.min(quota);
384
385 // According to sched_getaffinity's API it should always be non-zero, but
386 // some old MIPS kernels were buggy and zero-initialized the mask if
387 // none was explicitly set.
388 // In that case we use the sysconf fallback.
389 if let Some(count) = NonZero::new(count) {
390 return Ok(count)
391 }
392 }
393 }
394 }
395 match unsafe { libc::sysconf(libc::_SC_NPROCESSORS_ONLN) } {
396 -1 => Err(io::Error::last_os_error()),
397 0 => Err(io::Error::UNKNOWN_THREAD_COUNT),
398 cpus => {
399 let count = cpus as usize;
400 // Cover the unusual situation where we were able to get the quota but not the affinity mask
401 let count = count.min(quota);
402 Ok(unsafe { NonZero::new_unchecked(count) })
403 }
404 }
405 } else if #[cfg(any(
406 target_os = "freebsd",
407 target_os = "dragonfly",
408 target_os = "openbsd",
409 target_os = "netbsd",
410 ))] {
411 use crate::ptr;
412
413 #[cfg(target_os = "freebsd")]
414 {
415 let mut set: libc::cpuset_t = unsafe { mem::zeroed() };
416 unsafe {
417 if libc::cpuset_getaffinity(
418 libc::CPU_LEVEL_WHICH,
419 libc::CPU_WHICH_PID,
420 -1,
421 size_of::<libc::cpuset_t>(),
422 &mut set,
423 ) == 0 {
424 let count = libc::CPU_COUNT(&set) as usize;
425 if count > 0 {
426 return Ok(NonZero::new_unchecked(count));
427 }
428 }
429 }
430 }
431
432 #[cfg(target_os = "netbsd")]
433 {
434 unsafe {
435 let set = libc::_cpuset_create();
436 if !set.is_null() {
437 let mut count: usize = 0;
438 if libc::pthread_getaffinity_np(libc::pthread_self(), libc::_cpuset_size(set), set) == 0 {
439 for i in 0..libc::cpuid_t::MAX {
440 match libc::_cpuset_isset(i, set) {
441 -1 => break,
442 0 => continue,
443 _ => count = count + 1,
444 }
445 }
446 }
447 libc::_cpuset_destroy(set);
448 if let Some(count) = NonZero::new(count) {
449 return Ok(count);
450 }
451 }
452 }
453 }
454
455 let mut cpus: libc::c_uint = 0;
456 let mut cpus_size = size_of_val(&cpus);
457
458 unsafe {
459 cpus = libc::sysconf(libc::_SC_NPROCESSORS_ONLN) as libc::c_uint;
460 }
461
462 // Fallback approach in case of errors or no hardware threads.
463 if cpus < 1 {
464 let mut mib = [libc::CTL_HW, libc::HW_NCPU, 0, 0];
465 let res = unsafe {
466 libc::sysctl(
467 mib.as_mut_ptr(),
468 2,
469 (&raw mut cpus) as *mut _,
470 (&raw mut cpus_size) as *mut _,
471 ptr::null_mut(),
472 0,
473 )
474 };
475
476 // Handle errors if any.
477 if res == -1 {
478 return Err(io::Error::last_os_error());
479 } else if cpus == 0 {
480 return Err(io::Error::UNKNOWN_THREAD_COUNT);
481 }
482 }
483
484 Ok(unsafe { NonZero::new_unchecked(cpus as usize) })
485 } else if #[cfg(target_os = "nto")] {
486 unsafe {
487 use libc::_syspage_ptr;
488 if _syspage_ptr.is_null() {
489 Err(io::const_error!(io::ErrorKind::NotFound, "no syspage available"))
490 } else {
491 let cpus = (*_syspage_ptr).num_cpu;
492 NonZero::new(cpus as usize)
493 .ok_or(io::Error::UNKNOWN_THREAD_COUNT)
494 }
495 }
496 } else if #[cfg(any(target_os = "solaris", target_os = "illumos"))] {
497 let mut cpus = 0u32;
498 if unsafe { libc::pset_info(libc::PS_MYID, core::ptr::null_mut(), &mut cpus, core::ptr::null_mut()) } != 0 {
499 return Err(io::Error::UNKNOWN_THREAD_COUNT);
500 }
501 Ok(unsafe { NonZero::new_unchecked(cpus as usize) })
502 } else if #[cfg(target_os = "haiku")] {
503 // system_info cpu_count field gets the static data set at boot time with `smp_set_num_cpus`
504 // `get_system_info` calls then `smp_get_num_cpus`
505 unsafe {
506 let mut sinfo: libc::system_info = crate::mem::zeroed();
507 let res = libc::get_system_info(&mut sinfo);
508
509 if res != libc::B_OK {
510 return Err(io::Error::UNKNOWN_THREAD_COUNT);
511 }
512
513 Ok(NonZero::new_unchecked(sinfo.cpu_count as usize))
514 }
515 } else if #[cfg(target_os = "vxworks")] {
516 // Note: there is also `vxCpuConfiguredGet`, closer to _SC_NPROCESSORS_CONF
517 // expectations than the actual cores availability.
518 unsafe extern "C" {
519 fn vxCpuEnabledGet() -> libc::cpuset_t;
520 }
521
522 // SAFETY: `vxCpuEnabledGet` always fetches a mask with at least one bit set
523 unsafe{
524 let set = vxCpuEnabledGet();
525 Ok(NonZero::new_unchecked(set.count_ones() as usize))
526 }
527 } else {
528 // FIXME: implement on Redox, l4re
529 Err(io::const_error!(io::ErrorKind::Unsupported, "getting the number of hardware threads is not supported on the target platform"))
530 }
531 }
532}
533
534#[cfg(any(target_os = "android", target_os = "linux"))]
535mod cgroups {
536 //! Currently not covered
537 //! * cgroup v2 in non-standard mountpoints
538 //! * paths containing control characters or spaces, since those would be escaped in procfs
539 //! output and we don't unescape
540
541 use crate::borrow::Cow;
542 use crate::ffi::OsString;
543 use crate::fs::{File, exists};
544 use crate::io::{BufRead, Read};
545 use crate::os::unix::ffi::OsStringExt;
546 use crate::path::{Path, PathBuf};
547 use crate::str::from_utf8;
548
549 #[derive(PartialEq)]
550 enum Cgroup {
551 V1,
552 V2,
553 }
554
555 /// Returns cgroup CPU quota in core-equivalents, rounded down or usize::MAX if the quota cannot
556 /// be determined or is not set.
557 pub(super) fn quota() -> usize {
558 let mut quota = usize::MAX;
559 if cfg!(miri) {
560 // Attempting to open a file fails under default flags due to isolation.
561 // And Miri does not have parallelism anyway.
562 return quota;
563 }
564
565 let _: Option<()> = try {
566 let mut buf = Vec::with_capacity(128);
567 // find our place in the cgroup hierarchy
568 File::open("/proc/self/cgroup").ok()?.read_to_end(&mut buf).ok()?;
569 let (cgroup_path, version) =
570 buf.split(|&c| c == b'\n').fold(None, |previous, line| {
571 let mut fields = line.splitn(3, |&c| c == b':');
572 // 2nd field is a list of controllers for v1 or empty for v2
573 let version = match fields.nth(1) {
574 Some(b"") => Cgroup::V2,
575 Some(controllers)
576 if from_utf8(controllers)
577 .is_ok_and(|c| c.split(',').any(|c| c == "cpu")) =>
578 {
579 Cgroup::V1
580 }
581 _ => return previous,
582 };
583
584 // already-found v1 trumps v2 since it explicitly specifies its controllers
585 if previous.is_some() && version == Cgroup::V2 {
586 return previous;
587 }
588
589 let path = fields.last()?;
590 // skip leading slash
591 Some((path[1..].to_owned(), version))
592 })?;
593 let cgroup_path = PathBuf::from(OsString::from_vec(cgroup_path));
594
595 quota = match version {
596 Cgroup::V1 => quota_v1(cgroup_path),
597 Cgroup::V2 => quota_v2(cgroup_path),
598 };
599 };
600
601 quota
602 }
603
604 fn quota_v2(group_path: PathBuf) -> usize {
605 let mut quota = usize::MAX;
606
607 let mut path = PathBuf::with_capacity(128);
608 let mut read_buf = String::with_capacity(20);
609
610 // standard mount location defined in file-hierarchy(7) manpage
611 let cgroup_mount = "/sys/fs/cgroup";
612
613 path.push(cgroup_mount);
614 path.push(&group_path);
615
616 path.push("cgroup.controllers");
617
618 // skip if we're not looking at cgroup2
619 if matches!(exists(&path), Err(_) | Ok(false)) {
620 return usize::MAX;
621 };
622
623 path.pop();
624
625 let _: Option<()> = try {
626 while path.starts_with(cgroup_mount) {
627 path.push("cpu.max");
628
629 read_buf.clear();
630
631 if File::open(&path).and_then(|mut f| f.read_to_string(&mut read_buf)).is_ok() {
632 let raw_quota = read_buf.lines().next()?;
633 let mut raw_quota = raw_quota.split(' ');
634 let limit = raw_quota.next()?;
635 let period = raw_quota.next()?;
636 match (limit.parse::<usize>(), period.parse::<usize>()) {
637 (Ok(limit), Ok(period)) if period > 0 => {
638 quota = quota.min(limit / period);
639 }
640 _ => {}
641 }
642 }
643
644 path.pop(); // pop filename
645 path.pop(); // pop dir
646 }
647 };
648
649 quota
650 }
651
652 fn quota_v1(group_path: PathBuf) -> usize {
653 let mut quota = usize::MAX;
654 let mut path = PathBuf::with_capacity(128);
655 let mut read_buf = String::with_capacity(20);
656
657 // Hardcode commonly used locations mentioned in the cgroups(7) manpage
658 // if that doesn't work scan mountinfo and adjust `group_path` for bind-mounts
659 let mounts: &[fn(&Path) -> Option<(_, &Path)>] = &[
660 |p| Some((Cow::Borrowed("/sys/fs/cgroup/cpu"), p)),
661 |p| Some((Cow::Borrowed("/sys/fs/cgroup/cpu,cpuacct"), p)),
662 // this can be expensive on systems with tons of mountpoints
663 // but we only get to this point when /proc/self/cgroups explicitly indicated
664 // this process belongs to a cpu-controller cgroup v1 and the defaults didn't work
665 find_mountpoint,
666 ];
667
668 for mount in mounts {
669 let Some((mount, group_path)) = mount(&group_path) else { continue };
670
671 path.clear();
672 path.push(mount.as_ref());
673 path.push(&group_path);
674
675 // skip if we guessed the mount incorrectly
676 if matches!(exists(&path), Err(_) | Ok(false)) {
677 continue;
678 }
679
680 while path.starts_with(mount.as_ref()) {
681 let mut parse_file = |name| {
682 path.push(name);
683 read_buf.clear();
684
685 let f = File::open(&path);
686 path.pop(); // restore buffer before any early returns
687 f.ok()?.read_to_string(&mut read_buf).ok()?;
688 let parsed = read_buf.trim().parse::<usize>().ok()?;
689
690 Some(parsed)
691 };
692
693 let limit = parse_file("cpu.cfs_quota_us");
694 let period = parse_file("cpu.cfs_period_us");
695
696 match (limit, period) {
697 (Some(limit), Some(period)) if period > 0 => quota = quota.min(limit / period),
698 _ => {}
699 }
700
701 path.pop();
702 }
703
704 // we passed the try_exists above so we should have traversed the correct hierarchy
705 // when reaching this line
706 break;
707 }
708
709 quota
710 }
711
712 /// Scan mountinfo for cgroup v1 mountpoint with a cpu controller
713 ///
714 /// If the cgroupfs is a bind mount then `group_path` is adjusted to skip
715 /// over the already-included prefix
716 fn find_mountpoint(group_path: &Path) -> Option<(Cow<'static, str>, &Path)> {
717 let mut reader = File::open_buffered("/proc/self/mountinfo").ok()?;
718 let mut line = String::with_capacity(256);
719 loop {
720 line.clear();
721 if reader.read_line(&mut line).ok()? == 0 {
722 break;
723 }
724
725 let line = line.trim();
726 let mut items = line.split(' ');
727
728 let sub_path = items.nth(3)?;
729 let mount_point = items.next()?;
730 let mount_opts = items.next_back()?;
731 let filesystem_type = items.nth_back(1)?;
732
733 if filesystem_type != "cgroup" || !mount_opts.split(',').any(|opt| opt == "cpu") {
734 // not a cgroup / not a cpu-controller
735 continue;
736 }
737
738 let sub_path = Path::new(sub_path).strip_prefix("/").ok()?;
739
740 if !group_path.starts_with(sub_path) {
741 // this is a bind-mount and the bound subdirectory
742 // does not contain the cgroup this process belongs to
743 continue;
744 }
745
746 let trimmed_group_path = group_path.strip_prefix(sub_path).ok()?;
747
748 return Some((Cow::Owned(mount_point.to_owned()), trimmed_group_path));
749 }
750
751 None
752 }
753}
754
755// glibc >= 2.15 has a __pthread_get_minstack() function that returns
756// PTHREAD_STACK_MIN plus bytes needed for thread-local storage.
757// We need that information to avoid blowing up when a small stack
758// is created in an application with big thread-local storage requirements.
759// See #6233 for rationale and details.
760#[cfg(all(target_os = "linux", target_env = "gnu"))]
761unsafe fn min_stack_size(attr: *const libc::pthread_attr_t) -> usize {
762 // We use dlsym to avoid an ELF version dependency on GLIBC_PRIVATE. (#23628)
763 // We shouldn't really be using such an internal symbol, but there's currently
764 // no other way to account for the TLS size.
765 dlsym!(fn __pthread_get_minstack(*const libc::pthread_attr_t) -> libc::size_t);
766
767 match __pthread_get_minstack.get() {
768 None => libc::PTHREAD_STACK_MIN,
769 Some(f) => unsafe { f(attr) },
770 }
771}
772
773// No point in looking up __pthread_get_minstack() on non-glibc platforms.
774#[cfg(all(
775 not(all(target_os = "linux", target_env = "gnu")),
776 not(any(target_os = "netbsd", target_os = "nuttx"))
777))]
778unsafe fn min_stack_size(_: *const libc::pthread_attr_t) -> usize {
779 libc::PTHREAD_STACK_MIN
780}
781
782#[cfg(any(target_os = "netbsd", target_os = "nuttx"))]
783unsafe fn min_stack_size(_: *const libc::pthread_attr_t) -> usize {
784 static STACK: crate::sync::OnceLock<usize> = crate::sync::OnceLock::new();
785
786 *STACK.get_or_init(|| {
787 let mut stack = unsafe { libc::sysconf(libc::_SC_THREAD_STACK_MIN) };
788 if stack < 0 {
789 stack = 2048; // just a guess
790 }
791
792 stack as usize
793 })
794}
795