@@ -52,21 +52,21 @@ impl Supervisor {
5252 // If the supervisor is not initialised for whatever reason, fast-fail.
5353 // This might be desired behaviour, as even on platforms where ptracing
5454 // is not implemented it enables us to enforce that only one FFI call
55- // happens at a time
55+ // happens at a time.
5656 let Some ( sv) = sv_guard. take ( ) else {
5757 return ( sv_guard, None ) ;
5858 } ;
5959
6060 // Get pointers to all the pages the supervisor must allow accesses in
61- // and prepare the fake stack
61+ // and prepare the fake stack.
6262 let page_ptrs = alloc. borrow ( ) . pages ( ) ;
6363 let raw_stack_ptr: * mut [ u8 ; FAKE_STACK_SIZE ] =
6464 Box :: leak ( Box :: new ( [ 0u8 ; FAKE_STACK_SIZE ] ) ) . as_mut_ptr ( ) . cast ( ) ;
6565 let stack_ptr = raw_stack_ptr. expose_provenance ( ) ;
6666 let start_info = StartFfiInfo { page_ptrs, stack_ptr } ;
6767
6868 // SAFETY: We do not access machine memory past this point until the
69- // supervisor is ready to allow it
69+ // supervisor is ready to allow it.
7070 unsafe {
7171 if alloc. borrow_mut ( ) . prepare_ffi ( ) . is_err ( ) {
7272 // Don't mess up unwinding by maybe leaving the memory partly protected
@@ -79,13 +79,13 @@ impl Supervisor {
7979 // NB: if we do not wait to receive a blank confirmation response, it is
8080 // possible that the supervisor is alerted of the SIGSTOP *before* it has
8181 // actually received the start_info, thus deadlocking! This way, we can
82- // enforce an ordering for these events
82+ // enforce an ordering for these events.
8383 sv. message_tx . send ( TraceRequest :: StartFfi ( start_info) ) . unwrap ( ) ;
8484 sv. confirm_rx . recv ( ) . unwrap ( ) ;
8585 * sv_guard = Some ( sv) ;
8686 // We need to be stopped for the supervisor to be able to make certain
8787 // modifications to our memory - simply waiting on the recv() doesn't
88- // count
88+ // count.
8989 signal:: raise ( signal:: SIGSTOP ) . unwrap ( ) ;
9090 ( sv_guard, Some ( raw_stack_ptr) )
9191 }
@@ -109,22 +109,22 @@ impl Supervisor {
109109 // simpler and more robust to simply use the signals which are left for
110110 // arbitrary usage. Since this will block until we are continued by the
111111 // supervisor, we can assume past this point that everything is back to
112- // normal
112+ // normal.
113113 signal:: raise ( signal:: SIGUSR1 ) . unwrap ( ) ;
114114
115- // This is safe! It just sets memory to normal expected permissions
115+ // This is safe! It just sets memory to normal expected permissions.
116116 alloc. borrow_mut ( ) . unprep_ffi ( ) ;
117117
118118 // If this is `None`, then `raw_stack_ptr` is None and does not need to
119119 // be deallocated (and there's no need to worry about the guard, since
120- // it contains nothing)
120+ // it contains nothing).
121121 let sv = sv_guard. take ( ) ?;
122122 // SAFETY: Caller upholds that this pointer was allocated as a box with
123- // this type
123+ // this type.
124124 unsafe {
125125 drop ( Box :: from_raw ( raw_stack_ptr. unwrap ( ) ) ) ;
126126 }
127- // On the off-chance something really weird happens, don't block forever
127+ // On the off-chance something really weird happens, don't block forever.
128128 let ret = sv
129129 . event_rx
130130 . try_recv_timeout ( std:: time:: Duration :: from_secs ( 5 ) )
@@ -151,32 +151,32 @@ impl Supervisor {
151151/// The invariants for `fork()` must be upheld by the caller.
152152pub unsafe fn init_sv ( ) -> Result < ( ) , SvInitError > {
153153 // FIXME: Much of this could be reimplemented via the mitosis crate if we upstream the
154- // relevant missing bits
154+ // relevant missing bits.
155155
156156 // On Linux, this will check whether ptrace is fully disabled by the Yama module.
157157 // If Yama isn't running or we're not on Linux, we'll still error later, but
158- // this saves a very expensive fork call
158+ // this saves a very expensive fork call.
159159 let ptrace_status = std:: fs:: read_to_string ( "/proc/sys/kernel/yama/ptrace_scope" ) ;
160160 if let Ok ( stat) = ptrace_status {
161161 if let Some ( stat) = stat. chars ( ) . next ( ) {
162- // Fast-error if ptrace is fully disabled on the system
162+ // Fast-error if ptrace is fully disabled on the system.
163163 if stat == '3' {
164164 return Err ( SvInitError ) ;
165165 }
166166 }
167167 }
168168
169- // Initialise the supervisor if it isn't already, placing it into SUPERVISOR
169+ // Initialise the supervisor if it isn't already, placing it into SUPERVISOR.
170170 let mut lock = SUPERVISOR . lock ( ) . unwrap ( ) ;
171171 if lock. is_some ( ) {
172172 return Ok ( ( ) ) ;
173173 }
174174
175- // Prepare the IPC channels we need
175+ // Prepare the IPC channels we need.
176176 let ( message_tx, message_rx) = ipc:: channel ( ) . unwrap ( ) ;
177177 let ( confirm_tx, confirm_rx) = ipc:: channel ( ) . unwrap ( ) ;
178178 let ( event_tx, event_rx) = ipc:: channel ( ) . unwrap ( ) ;
179- // SAFETY: Calling sysconf(_SC_PAGESIZE) is always safe and cannot error
179+ // SAFETY: Calling sysconf(_SC_PAGESIZE) is always safe and cannot error.
180180 let page_size = unsafe { libc:: sysconf ( libc:: _SC_PAGESIZE) } . try_into ( ) . unwrap ( ) ;
181181
182182 unsafe {
@@ -185,37 +185,37 @@ pub unsafe fn init_sv() -> Result<(), SvInitError> {
185185 match unistd:: fork ( ) . unwrap ( ) {
186186 unistd:: ForkResult :: Parent { child } => {
187187 // If somehow another thread does exist, prevent it from accessing the lock
188- // and thus breaking our safety invariants
188+ // and thus breaking our safety invariants.
189189 std:: mem:: forget ( lock) ;
190190 // The child process is free to unwind, so we won't to avoid doubly freeing
191- // system resources
191+ // system resources.
192192 let init = std:: panic:: catch_unwind ( || {
193193 let listener =
194194 ChildListener { message_rx, attached : false , override_retcode : None } ;
195- // Trace as many things as possible, to be able to handle them as needed
195+ // Trace as many things as possible, to be able to handle them as needed.
196196 let options = ptrace:: Options :: PTRACE_O_TRACESYSGOOD
197197 | ptrace:: Options :: PTRACE_O_TRACECLONE
198198 | ptrace:: Options :: PTRACE_O_TRACEFORK ;
199- // Attach to the child process without stopping it
199+ // Attach to the child process without stopping it.
200200 match ptrace:: seize ( child, options) {
201201 // Ptrace works :D
202202 Ok ( _) => {
203203 let code = sv_loop ( listener, child, event_tx, confirm_tx, page_size)
204204 . unwrap_err ( ) ;
205205 // If a return code of 0 is not explicitly given, assume something went
206- // wrong and return 1
206+ // wrong and return 1.
207207 std:: process:: exit ( code. unwrap_or ( 1 ) )
208208 }
209- // Ptrace does not work and we failed to catch that
209+ // Ptrace does not work and we failed to catch that.
210210 Err ( _) => {
211- // If we can't ptrace, Miri continues being the parent
211+ // If we can't ptrace, Miri continues being the parent.
212212 signal:: kill ( child, signal:: SIGKILL ) . unwrap ( ) ;
213213 SvInitError
214214 }
215215 }
216216 } ) ;
217217 match init {
218- // The "Ok" case means that we couldn't ptrace
218+ // The "Ok" case means that we couldn't ptrace.
219219 Ok ( e) => return Err ( e) ,
220220 Err ( p) => {
221221 eprintln ! ( "Supervisor process panicked!\n {p:?}" ) ;
@@ -225,12 +225,12 @@ pub unsafe fn init_sv() -> Result<(), SvInitError> {
225225 }
226226 unistd:: ForkResult :: Child => {
227227 // Make sure we never get orphaned and stuck in SIGSTOP or similar
228- // SAFETY: prctl PR_SET_PDEATHSIG is always safe to call
228+ // SAFETY: prctl PR_SET_PDEATHSIG is always safe to call.
229229 let ret = libc:: prctl ( libc:: PR_SET_PDEATHSIG , libc:: SIGTERM ) ;
230230 assert_eq ! ( ret, 0 ) ;
231231 // First make sure the parent succeeded with ptracing us!
232232 signal:: raise ( signal:: SIGSTOP ) . unwrap ( ) ;
233- // If we're the child process, save the supervisor info
233+ // If we're the child process, save the supervisor info.
234234 * lock = Some ( Supervisor { message_tx, confirm_rx, event_rx } ) ;
235235 }
236236 }
0 commit comments