std\sys\pal\windows/
mod.rs

1#![allow(missing_docs, nonstandard_style)]
2#![forbid(unsafe_op_in_unsafe_fn)]
3
4use crate::ffi::{OsStr, OsString};
5use crate::io::ErrorKind;
6use crate::mem::MaybeUninit;
7use crate::os::windows::ffi::{OsStrExt, OsStringExt};
8use crate::path::PathBuf;
9use crate::sys::pal::windows::api::wide_str;
10use crate::time::Duration;
11
12#[macro_use]
13pub mod compat;
14
15pub mod api;
16
17pub mod args;
18pub mod c;
19pub mod env;
20#[cfg(not(target_vendor = "win7"))]
21pub mod futex;
22pub mod handle;
23pub mod os;
24pub mod pipe;
25pub mod thread;
26pub mod time;
27cfg_if::cfg_if! {
28    if #[cfg(not(target_vendor = "uwp"))] {
29        pub mod stack_overflow;
30    } else {
31        pub mod stack_overflow_uwp;
32        pub use self::stack_overflow_uwp as stack_overflow;
33    }
34}
35
36/// Map a [`Result<T, WinError>`] to [`io::Result<T>`](crate::io::Result<T>).
37pub trait IoResult<T> {
38    fn io_result(self) -> crate::io::Result<T>;
39}
40impl<T> IoResult<T> for Result<T, api::WinError> {
41    fn io_result(self) -> crate::io::Result<T> {
42        self.map_err(|e| crate::io::Error::from_raw_os_error(e.code as i32))
43    }
44}
45
46// SAFETY: must be called only once during runtime initialization.
47// NOTE: this is not guaranteed to run, for example when Rust code is called externally.
48pub unsafe fn init(_argc: isize, _argv: *const *const u8, _sigpipe: u8) {
49    unsafe {
50        stack_overflow::init();
51
52        // Normally, `thread::spawn` will call `Thread::set_name` but since this thread already
53        // exists, we have to call it ourselves.
54        thread::Thread::set_name_wide(wide_str!("main"));
55    }
56}
57
58// SAFETY: must be called only once during runtime cleanup.
59// NOTE: this is not guaranteed to run, for example when the program aborts.
60pub unsafe fn cleanup() {
61    crate::sys::net::cleanup();
62}
63
64#[inline]
65pub fn is_interrupted(_errno: i32) -> bool {
66    false
67}
68
69pub fn decode_error_kind(errno: i32) -> ErrorKind {
70    use ErrorKind::*;
71
72    match errno as u32 {
73        c::ERROR_ACCESS_DENIED => return PermissionDenied,
74        c::ERROR_ALREADY_EXISTS => return AlreadyExists,
75        c::ERROR_FILE_EXISTS => return AlreadyExists,
76        c::ERROR_BROKEN_PIPE => return BrokenPipe,
77        c::ERROR_FILE_NOT_FOUND
78        | c::ERROR_PATH_NOT_FOUND
79        | c::ERROR_INVALID_DRIVE
80        | c::ERROR_BAD_NETPATH
81        | c::ERROR_BAD_NET_NAME => return NotFound,
82        c::ERROR_NO_DATA => return BrokenPipe,
83        c::ERROR_INVALID_NAME | c::ERROR_BAD_PATHNAME => return InvalidFilename,
84        c::ERROR_INVALID_PARAMETER => return InvalidInput,
85        c::ERROR_NOT_ENOUGH_MEMORY | c::ERROR_OUTOFMEMORY => return OutOfMemory,
86        c::ERROR_SEM_TIMEOUT
87        | c::WAIT_TIMEOUT
88        | c::ERROR_DRIVER_CANCEL_TIMEOUT
89        | c::ERROR_OPERATION_ABORTED
90        | c::ERROR_SERVICE_REQUEST_TIMEOUT
91        | c::ERROR_COUNTER_TIMEOUT
92        | c::ERROR_TIMEOUT
93        | c::ERROR_RESOURCE_CALL_TIMED_OUT
94        | c::ERROR_CTX_MODEM_RESPONSE_TIMEOUT
95        | c::ERROR_CTX_CLIENT_QUERY_TIMEOUT
96        | c::FRS_ERR_SYSVOL_POPULATE_TIMEOUT
97        | c::ERROR_DS_TIMELIMIT_EXCEEDED
98        | c::DNS_ERROR_RECORD_TIMED_OUT
99        | c::ERROR_IPSEC_IKE_TIMED_OUT
100        | c::ERROR_RUNLEVEL_SWITCH_TIMEOUT
101        | c::ERROR_RUNLEVEL_SWITCH_AGENT_TIMEOUT => return TimedOut,
102        c::ERROR_CALL_NOT_IMPLEMENTED => return Unsupported,
103        c::ERROR_HOST_UNREACHABLE => return HostUnreachable,
104        c::ERROR_NETWORK_UNREACHABLE => return NetworkUnreachable,
105        c::ERROR_DIRECTORY => return NotADirectory,
106        c::ERROR_DIRECTORY_NOT_SUPPORTED => return IsADirectory,
107        c::ERROR_DIR_NOT_EMPTY => return DirectoryNotEmpty,
108        c::ERROR_WRITE_PROTECT => return ReadOnlyFilesystem,
109        c::ERROR_DISK_FULL | c::ERROR_HANDLE_DISK_FULL => return StorageFull,
110        c::ERROR_SEEK_ON_DEVICE => return NotSeekable,
111        c::ERROR_DISK_QUOTA_EXCEEDED => return QuotaExceeded,
112        c::ERROR_FILE_TOO_LARGE => return FileTooLarge,
113        c::ERROR_BUSY => return ResourceBusy,
114        c::ERROR_POSSIBLE_DEADLOCK => return Deadlock,
115        c::ERROR_NOT_SAME_DEVICE => return CrossesDevices,
116        c::ERROR_TOO_MANY_LINKS => return TooManyLinks,
117        c::ERROR_FILENAME_EXCED_RANGE => return InvalidFilename,
118        c::ERROR_CANT_RESOLVE_FILENAME => return FilesystemLoop,
119        _ => {}
120    }
121
122    match errno {
123        c::WSAEACCES => PermissionDenied,
124        c::WSAEADDRINUSE => AddrInUse,
125        c::WSAEADDRNOTAVAIL => AddrNotAvailable,
126        c::WSAECONNABORTED => ConnectionAborted,
127        c::WSAECONNREFUSED => ConnectionRefused,
128        c::WSAECONNRESET => ConnectionReset,
129        c::WSAEINVAL => InvalidInput,
130        c::WSAENOTCONN => NotConnected,
131        c::WSAEWOULDBLOCK => WouldBlock,
132        c::WSAETIMEDOUT => TimedOut,
133        c::WSAEHOSTUNREACH => HostUnreachable,
134        c::WSAENETDOWN => NetworkDown,
135        c::WSAENETUNREACH => NetworkUnreachable,
136        c::WSAEDQUOT => QuotaExceeded,
137
138        _ => Uncategorized,
139    }
140}
141
142pub fn unrolled_find_u16s(needle: u16, haystack: &[u16]) -> Option<usize> {
143    let ptr = haystack.as_ptr();
144    let mut start = haystack;
145
146    // For performance reasons unfold the loop eight times.
147    while start.len() >= 8 {
148        macro_rules! if_return {
149            ($($n:literal,)+) => {
150                $(
151                    if start[$n] == needle {
152                        return Some(((&start[$n] as *const u16).addr() - ptr.addr()) / 2);
153                    }
154                )+
155            }
156        }
157
158        if_return!(0, 1, 2, 3, 4, 5, 6, 7,);
159
160        start = &start[8..];
161    }
162
163    for c in start {
164        if *c == needle {
165            return Some(((c as *const u16).addr() - ptr.addr()) / 2);
166        }
167    }
168    None
169}
170
171pub fn to_u16s<S: AsRef<OsStr>>(s: S) -> crate::io::Result<Vec<u16>> {
172    fn inner(s: &OsStr) -> crate::io::Result<Vec<u16>> {
173        // Most paths are ASCII, so reserve capacity for as much as there are bytes
174        // in the OsStr plus one for the null-terminating character. We are not
175        // wasting bytes here as paths created by this function are primarily used
176        // in an ephemeral fashion.
177        let mut maybe_result = Vec::with_capacity(s.len() + 1);
178        maybe_result.extend(s.encode_wide());
179
180        if unrolled_find_u16s(0, &maybe_result).is_some() {
181            return Err(crate::io::const_error!(
182                ErrorKind::InvalidInput,
183                "strings passed to WinAPI cannot contain NULs",
184            ));
185        }
186        maybe_result.push(0);
187        Ok(maybe_result)
188    }
189    inner(s.as_ref())
190}
191
192// Many Windows APIs follow a pattern of where we hand a buffer and then they
193// will report back to us how large the buffer should be or how many bytes
194// currently reside in the buffer. This function is an abstraction over these
195// functions by making them easier to call.
196//
197// The first callback, `f1`, is passed a (pointer, len) pair which can be
198// passed to a syscall. The `ptr` is valid for `len` items (u16 in this case).
199// The closure is expected to:
200// - On success, return the actual length of the written data *without* the null terminator.
201//   This can be 0. In this case the last_error must be left unchanged.
202// - On insufficient buffer space,
203//   - either return the required length *with* the null terminator,
204//   - or set the last-error to ERROR_INSUFFICIENT_BUFFER and return `len`.
205// - On other failure, return 0 and set last_error.
206//
207// This is how most but not all syscalls indicate the required buffer space.
208// Other syscalls may need translation to match this protocol.
209//
210// Once the syscall has completed (errors bail out early) the second closure is
211// passed the data which has been read from the syscall. The return value
212// from this closure is then the return value of the function.
213pub fn fill_utf16_buf<F1, F2, T>(mut f1: F1, f2: F2) -> crate::io::Result<T>
214where
215    F1: FnMut(*mut u16, u32) -> u32,
216    F2: FnOnce(&[u16]) -> T,
217{
218    // Start off with a stack buf but then spill over to the heap if we end up
219    // needing more space.
220    //
221    // This initial size also works around `GetFullPathNameW` returning
222    // incorrect size hints for some short paths:
223    // https://github.com/dylni/normpath/issues/5
224    let mut stack_buf: [MaybeUninit<u16>; 512] = [MaybeUninit::uninit(); 512];
225    let mut heap_buf: Vec<MaybeUninit<u16>> = Vec::new();
226    unsafe {
227        let mut n = stack_buf.len();
228        loop {
229            let buf = if n <= stack_buf.len() {
230                &mut stack_buf[..]
231            } else {
232                let extra = n - heap_buf.len();
233                heap_buf.reserve(extra);
234                // We used `reserve` and not `reserve_exact`, so in theory we
235                // may have gotten more than requested. If so, we'd like to use
236                // it... so long as we won't cause overflow.
237                n = heap_buf.capacity().min(u32::MAX as usize);
238                // Safety: MaybeUninit<u16> does not need initialization
239                heap_buf.set_len(n);
240                &mut heap_buf[..]
241            };
242
243            // This function is typically called on windows API functions which
244            // will return the correct length of the string, but these functions
245            // also return the `0` on error. In some cases, however, the
246            // returned "correct length" may actually be 0!
247            //
248            // To handle this case we call `SetLastError` to reset it to 0 and
249            // then check it again if we get the "0 error value". If the "last
250            // error" is still 0 then we interpret it as a 0 length buffer and
251            // not an actual error.
252            c::SetLastError(0);
253            let k = match f1(buf.as_mut_ptr().cast::<u16>(), n as u32) {
254                0 if api::get_last_error().code == 0 => 0,
255                0 => return Err(crate::io::Error::last_os_error()),
256                n => n,
257            } as usize;
258            if k == n && api::get_last_error().code == c::ERROR_INSUFFICIENT_BUFFER {
259                n = n.saturating_mul(2).min(u32::MAX as usize);
260            } else if k > n {
261                n = k;
262            } else if k == n {
263                // It is impossible to reach this point.
264                // On success, k is the returned string length excluding the null.
265                // On failure, k is the required buffer length including the null.
266                // Therefore k never equals n.
267                unreachable!();
268            } else {
269                // Safety: First `k` values are initialized.
270                let slice: &[u16] = buf[..k].assume_init_ref();
271                return Ok(f2(slice));
272            }
273        }
274    }
275}
276
277pub fn os2path(s: &[u16]) -> PathBuf {
278    PathBuf::from(OsString::from_wide(s))
279}
280
281pub fn truncate_utf16_at_nul(v: &[u16]) -> &[u16] {
282    match unrolled_find_u16s(0, v) {
283        // don't include the 0
284        Some(i) => &v[..i],
285        None => v,
286    }
287}
288
289pub fn ensure_no_nuls<T: AsRef<OsStr>>(s: T) -> crate::io::Result<T> {
290    if s.as_ref().encode_wide().any(|b| b == 0) {
291        Err(crate::io::const_error!(ErrorKind::InvalidInput, "nul byte found in provided data"))
292    } else {
293        Ok(s)
294    }
295}
296
297pub trait IsZero {
298    fn is_zero(&self) -> bool;
299}
300
301macro_rules! impl_is_zero {
302    ($($t:ident)*) => ($(impl IsZero for $t {
303        fn is_zero(&self) -> bool {
304            *self == 0
305        }
306    })*)
307}
308
309impl_is_zero! { i8 i16 i32 i64 isize u8 u16 u32 u64 usize }
310
311pub fn cvt<I: IsZero>(i: I) -> crate::io::Result<I> {
312    if i.is_zero() { Err(crate::io::Error::last_os_error()) } else { Ok(i) }
313}
314
315pub fn dur2timeout(dur: Duration) -> u32 {
316    // Note that a duration is a (u64, u32) (seconds, nanoseconds) pair, and the
317    // timeouts in windows APIs are typically u32 milliseconds. To translate, we
318    // have two pieces to take care of:
319    //
320    // * Nanosecond precision is rounded up
321    // * Greater than u32::MAX milliseconds (50 days) is rounded up to INFINITE
322    //   (never time out).
323    dur.as_secs()
324        .checked_mul(1000)
325        .and_then(|ms| ms.checked_add((dur.subsec_nanos() as u64) / 1_000_000))
326        .and_then(|ms| ms.checked_add(if dur.subsec_nanos() % 1_000_000 > 0 { 1 } else { 0 }))
327        .map(|ms| if ms > <u32>::MAX as u64 { c::INFINITE } else { ms as u32 })
328        .unwrap_or(c::INFINITE)
329}
330
331/// Use `__fastfail` to abort the process
332///
333/// This is the same implementation as in libpanic_abort's `__rust_start_panic`. See
334/// that function for more information on `__fastfail`
335#[cfg(not(miri))] // inline assembly does not work in Miri
336pub fn abort_internal() -> ! {
337    unsafe {
338        cfg_if::cfg_if! {
339            if #[cfg(any(target_arch = "x86", target_arch = "x86_64"))] {
340                core::arch::asm!("int $$0x29", in("ecx") c::FAST_FAIL_FATAL_APP_EXIT, options(noreturn, nostack));
341            } else if #[cfg(all(target_arch = "arm", target_feature = "thumb-mode"))] {
342                core::arch::asm!(".inst 0xDEFB", in("r0") c::FAST_FAIL_FATAL_APP_EXIT, options(noreturn, nostack));
343            } else if #[cfg(any(target_arch = "aarch64", target_arch = "arm64ec"))] {
344                core::arch::asm!("brk 0xF003", in("x0") c::FAST_FAIL_FATAL_APP_EXIT, options(noreturn, nostack));
345            } else {
346                core::intrinsics::abort();
347            }
348        }
349    }
350}
351
352#[cfg(miri)]
353pub fn abort_internal() -> ! {
354    crate::intrinsics::abort();
355}
356
357/// Align the inner value to 8 bytes.
358///
359/// This is enough for almost all of the buffers we're likely to work with in
360/// the Windows APIs we use.
361#[repr(C, align(8))]
362#[derive(Copy, Clone)]
363pub(crate) struct Align8<T: ?Sized>(pub T);