Commit graph

36 commits

Author SHA1 Message Date
Johannes Altmanninger
a2dc0ef377 Revert "Lock history file before reading it"
Commit 5db0bd5 (Lock history file before reading it, 2024-10-09)
rewrites the history file in place instead of using rename().
By writing to the same file (with the same inode), it corrupts
our memory-mapped snapshot; mmap(3) says:

> It is unspecified whether modifications to the underlying object done
> after the MAP_PRIVATE mapping is established are visible through the
> MAP_PRIVATE mapping.

Revert it (it was misguided anyway).

Closes #10777
Closes #10782
2024-10-14 11:13:46 +02:00
Peter Ammon
9337c20c2e
Stop using the getrandom feature of the rand crate
This feature uses the "getentropy" function which is not supported on
macOS < 10.12.
2024-10-13 12:39:54 -07:00
Johannes Altmanninger
5db0bd5874 Lock history file before reading it
We use optimistic concurrency when rewriting the history file to
minimize the lock scope. Unfortunately, old.mtime == new.mtime
does not imply that file is unchanged; we don't have guarantees
on the granularity of the modification time timestamp, see
https://stackoverflow.com/questions/14392975/timestamp-accuracy-on-ext4-sub-millsecond

So let's lock before reading any old contents and use the other
"write-to-tempfile-and-rename" code path only when locking fails.

Potentially fixes #10300
(untested) which probably happens because read_zero_padded() attempts to
read bytes that have not been flushed yet.
2024-10-09 14:51:54 +02:00
Johannes Altmanninger
35ee5e661f history: rename target_fd_after to target_file_after
This was forgotten in decf99f71 (Use `File` instead of `OwnedFd` in a few
places (#10355), 2024-03-17).
2024-10-09 14:51:54 +02:00
Johannes Altmanninger
13e5d8097c Log more history_file errors, and add more context
See #10300
2024-10-09 14:51:54 +02:00
Johannes Altmanninger
29a01eb3cf Fix EINTR handling when importing history from bash 2024-10-09 14:48:58 +02:00
Johannes Altmanninger
9c4d31f89a Make errors in the history_file log category human-readable 2024-10-06 11:42:30 +02:00
Johannes Altmanninger
f36f757fa6 Never rewrite history file when adding ephemeral items
When I run a command with leading space, it is not added to the on-disk
history.  However we still call History::save().  After 25 of such calls,
we rewrite the history file (even though nothing was written by us).

This is annoying when diagnosing #10300 where the history of the current
shell (but not other shells) is broken; because the history rewrite will
make the problem go away. Let's not save in this case, to make it easier to
run commands to inspect the state of the history file.
2024-10-06 08:30:53 +02:00
Johannes Altmanninger
33bcf4d0ce Remove redundant drop 2024-10-06 08:30:53 +02:00
Fabian Boehm
48a6550688 Remove obsolete workaround for strftime on BSD
This was added in libc 0.2.152, see aff5e66e54
2024-09-24 21:38:15 +02:00
Peter Ammon
8f3a034264
History to store old item offsets in Vec and not VecDeque
We used deque in C++ because this vector may be large, and so it avoids
repeated re-allocations. But VecDeque is different in Rust - it's contiguous -
so there's no benefit. Just use Vec.
2024-09-14 13:26:34 -07:00
Peter Ammon
7ac62bbca4
Remove a redundant "unsafe" specifier 2024-09-14 13:15:21 -07:00
Fabian Boehm
7b7d16da48 Revert libc time_t changes
This was based on a misunderstanding.

On musl, 64-bit time_t on 32-bit architectures was introduced in version 1.2.0,
by introducing new symbols. The old symbols still exist, to allow programs compiled against older versions
to keep running on 1.2.0+, preserving ABI-compatibility. (see musl commit 38143339646a4ccce8afe298c34467767c899f51)

Programs compiled against 1.2.0+ will get the new symbols, and will therefore think time_t is 64-bit.

Unfortunately, rust's libc crate uses its own definition of these types, and does not check for musl version.
Currently, it includes the pre-1.2.0 32-bit type.

That means:

- If you run on a 32-bit system like i686
- ... and compile against a C-library other than libc
- ... and pass it a time_t-containing struct like timespec or stat

... you need to arrange for that library to be built against musl <1.2.0.

Or, as https://github.com/ericonr/rust-time64 says:

> Therefore, for "old" 32-bit targets (riscv32 is supposed to default to time64),
> any Rust code that interacts with C code built on musl after 1.2.0,
> using types based on time_t (arguably, the main ones are struct timespec and struct stat) in their interface,
> will be completely miscompiled.

However, while fish runs on i686 and compiles against pcre2, we do not pass pcre2 a time_t.
Our only uses of time_t are confined to interactions with libc, in which case with musl we would simply use the legacy ABI.

I have compiled an i686 fish against musl to confirm and can find no issue.

This reverts commit 55196ee2a0.
This reverts commit 4992f88966.
This reverts commit 46c8ba2c9f.
This reverts commit 3a9b4149da.
This reverts commit 5f9e9cbe74.
This reverts commit 338579b78c.
This reverts commit d19e5508d7.
This reverts commit b64045dc18.

Closes #10634
2024-08-27 14:28:00 +02:00
Johannes Altmanninger
3a9b4149da Replace localtime_r with a 64-bit-time_t wrapper
Part of #10634
2024-08-07 13:11:22 +02:00
Johannes Altmanninger
ff47c2c628 Remove non-portable use of fstat
Part of #10634
2024-08-06 14:15:57 +02:00
ridiculousfish
a996cafeeb Make history::remove take a &wstr instead of a WString
While it does need to store the string, we also need to use the string after
storing it, so we aren't getting any advantage from passing by value. Just pass
by reference to simplify the call sites.
2024-04-15 09:47:46 -07:00
Anurag Singh
c044d5e3f0 add history append subcommand 2024-04-15 08:31:16 +02:00
Johannes Altmanninger
29b309dd5f shift-delete to delete current history search match
Popular operating systems support shift-delete to delete the selected item
in an autocompletion widgets.  We already support this in the history pager.
Let's do the same for up-arrow history search.

Related discussion: https://github.com/fish-shell/fish-shell/pull/9515
2024-04-13 20:23:51 +02:00
Mahmoud Al-Qudsi
0ca199ef98 Change wopen_cloexec() to return File 2024-03-23 01:34:23 -05:00
Mahmoud Al-Qudsi
6ed4d09c93 Switch more to File/BorrowedFd from OwnedFd/RawFd
More work in prep for having wopen_cloexec() return `File` directly.

This eliminates checking for an invalid fd and makes both ownership and
mutability clear (some more operations that involve changes to the underlying
state of the fd now require `&mut File` instead of just a `RawFd`).

Code that clearly does not use non-blocking IO is ported to use
`Write::write_all()` directly instead of our rusty port of the `write_loop()`
function (which handles EAGAIN/EWOULDBLOCK in addition to EINTR, while
`write_all()` only handles the latter).
2024-03-23 00:01:57 -05:00
Mahmoud Al-Qudsi
decf99f71b
Use File instead of OwnedFd in a few places (#10355)
This is a step towards converting `wopen_cloexec()` to return `File` instead of
`OwnedFd`/`AutocloseFd`.¹

In addition to letting us use native standard library functions instead of
unsafe libc calls, we gain additional semantic safety because `File` operations
that manipulate the state of the fd (e.g. `File::seek()`) require a `&mut`
reference to the `File`, whereas using `RawFd` or `OwnedFd` everywhere leaves us
in a position where it's not clear whether or not other references to the same
fd will manipulate its underlying state.

¹ We actually wouldn't even need `wopen_cloexec()` at all (just a widechar
wrapper) as Rust's native `File::open()`/`File::create()` functionality uses
`FD_CLOEXEC` internally.
2024-03-17 11:20:44 -05:00
Fabian Boehm
ffc4372cad History: Change an assert into return None
I was able to trigger this by flipping around the history pager.

Since the only applicable caller here already stops if it gets None,
just don't assert.
2024-03-10 16:55:43 +01:00
Mahmoud Al-Qudsi
58a6eb6e45 Convert fish_mkstemp_cloexec() to return an OwnedFd 2024-03-09 15:21:47 -06:00
The0x539
4c3e814a50 Address clippy lints 2024-03-09 13:49:25 +01:00
Mahmoud Al-Qudsi
50ff6b8a34 Remove using statements already imported by preludes 2024-02-28 09:41:51 -06:00
Johannes Altmanninger
2915c525fa Revert "history: Skip lines with tabs when importing from bash"
We still don't support tabs but as of the parent commit, there are no more
weird glitches, so it should be fine to recall those lines?

This reverts commit cc0e366037.
2024-02-15 01:39:45 +01:00
Mahmoud Al-Qudsi
99bd2e71d0 Unify how file mode is specified
The lines of code I commented on in #10254 were meant to serve only as examples
of the changes I was requesting, not the only instances.

Also just use `Mode::from_bits_truncate()` instead of unsafe or unwrapping since
we know the modes are correct.
2024-01-28 18:09:52 -06:00
PolyMeilex
05ac1b770c Use AsFd for maybe_lock_file 2024-01-27 20:42:13 +01:00
PolyMeilex
6ef8125c96 Return OwnedFd from open_cloexec 2024-01-27 20:42:13 +01:00
PolyMeilex
2512849ece Use nix OFlag for open_cloexec 2024-01-27 20:42:13 +01:00
PolyMeilex
6915aeb44c Use nix mode for open_cloexec 2024-01-27 20:42:13 +01:00
PolyMeilex
23301e4895 Return Result from wopen_cloexec 2024-01-27 20:42:13 +01:00
Johannes Altmanninger
68d1207d53 Rename flag that fails expansions with command substitutions
SKIP_CMDSUBST does not pass through command substitutions, unlike
SKIP_VARIABLES and SKIP_WILDCARDS.
2024-01-14 13:19:38 +01:00
Mahmoud Al-Qudsi
6e002b6d80 Use cfg directly instead of going through features
Features should be for user-specifiable build configurations but our dynamic,
target-based conditional compilation is something else.
2024-01-13 15:16:47 -06:00
Fabian Boehm
09cd7c7ad9 Remove widestring-suffix uses
This removes both the `#[widestrs]` annotation as well as all `"foo"L`
suffixes, and does a `cargo fmt` run on the result
2024-01-13 08:52:54 +01:00
Johannes Altmanninger
3ae20bdba0 Move fish-rust to project root 2024-01-13 03:58:33 +01:00
Renamed from fish-rust/src/history.rs (Browse further)