Support fstat on non-file-backed FDs

[enthropy7]

Implement fstat support for sockets, pipes, eventfd, epoll, and stdin/stdout/stderr file descriptors. Fixes scalar size mismatch error by using to_uint with scalar's own size instead of to_u32().

Fixes #4753

[rustbot]

Thank you for contributing to Miri! A reviewer will take a look at your PR, typically within a week or two.
Please remember to not force-push to the PR branch except when you need to rebase due to a conflict or when the reviewer asks you for it.

[RalfJung]

Sorry for the long wait! The test looks good overall, but I think we should use a different implementation strategy. See the comments for details.

View changes since this review

[RalfJung]

This basically bypasses the sanity check that made has the right type. Why is this needed?

[rustbot]

Reminder, once the PR becomes ready for a review, use @rustbot ready.

[enthropy7]

Hi, thanks for your answer! i’m still here, just a little busy with my work. i will answer to your comments as soon as i can and optimise my PR better. I think it would took around 3 days for me to fix this

[enthropy7]

I reworked fstat for non-file-backed FDs so it no longer depends on host metadata: for socketpair/pipe/eventfd/epoll we now return synthetic metadata based on the FD type (correct S_IF*, size 0, and no misleading host dev/uid/gid).
I also removed the Unix-only host-metadata path in unnamed_socket::metadata that was breaking Windows CI. removed fd.name() matching in fstat logic (so it no longer relies on diagnostic strings), applied the requested test cleanup (libc-fstat-non-file: extracted repeated checks into a helper and tightened stdout/stderr expectations).

upd: fixed a cross-host issue that showed up in CI: on Windows hosts running Linux targets, fstat for stdio (stdin/stdout/stderr) could fail because host metadata is unavailable there.
To make this host-independent, I added a synthetic stdio fallback in the Unix fstat path (same approach as for other non-file-backed FDs)

[RalfJung]

So I take it you mean this is
@rustbot ready
? Please help us keep track of the PR state by using that command when the PR is ready for review again. :)

[RalfJung]

That said, with all the cfg usage this is definitely not the right approach. The way we implement these APIs is by reading the documentation (ideally the POSIX documentation, not the glibc/Linux one), and then manually implementing what the docs say. If the docs aren't precise enough, we do experiments to figure out what happens on real systems. Ideally we do these experiments on multiple platforms (in the issue description you said you already did this). Then again we implement manually what the experiments showed the behavior is. Either way, there should be comments in the code explaining how the behavior was determined to be what eventually got implemented.

@rustbot author

[enthropy7]

Reworked approach based on review - replaced the downcast chain and fd.name() matching in from_fd_num with a synthetic_stat_mode() trait method, so each FD type provides its own mode via proper dynamic dispatch. Removed all cfg blocks, host operations, /tmp metadata fetching, and permission bit computation. synthetic metadata now just uses the mode constant and zeros. Re eval_libc_u32 for mode: mode_t is u16 on macOS in the libc crate, so to_u32() panics. kept eval_libc with Scalar.

[enthropy7]

@rustbot ready

[RalfJung]

Sorry for the slow reply. This looks much better, thanks a lot! I still have some suggestions, but we're getting there. :)

@rustbot author

View changes since this review

[RalfJung]

This API makes me wonder, why are those separate functions? Why don't have have a single function that returns something like Either<io::Result<fs::Metadata>, &'static str>?

Or even better, make it Result<FileMetadata, IoError>. Then file-backed FDs will call FileMetadata::from_meta and others can call FileMetadata::synthetic.

[enthropy7]

Done, merged into a single fstat() trait method returning Result<FileMetadata, IoError>. FileHandle calls FileMetadata::from_meta, non-file FDs call FileMetadata::synthetic. FileMetadata is re-exported through unix/mod.rs.

[RalfJung]

Now we still have both metadata and fstat. The point was to merge them, to avoid duplication. Does that not work?

[enthropy7]

fully merged now. refactored FileMetadata to be cross-platform: mode is stored as &'static str name (e.g. "S_IFREG") and resolved to a target-specific Scalar only at write time; timestamps are stored as raw Option<SystemTime> and converted to Unix-epoch-secs or Windows-epoch-ticks at their respective writers. Single fstat() trait method on FileDescription, no more host_metadata. Windows GetFileInformationByHandle now goes through fstat() too.

[enthropy7]

and yes, FileMetadata wasn't cross-platform at all. mode: Scalar came from eval_libc, which panics on Windows. timestamps were kept as (u64, u32) in Unix epoch, Windows uses a different approach. fixed both, now fstat() is the only method and GetFileInformationByHandle goes through it too.

[RalfJung]

Ah it's because of Windows support -- makes sense.

Thanks for putting in all this work! However, it's generally better to discuss design decisions with the maintainers and get their feedback before running ahead and implement something suboptimal. FileMetadata is still not target-independent if it has a mode_name field that stores a libc name (which doesn't cover Windows). Having the Windows code match on libc names is an abstraction layering violation.

I'll take over from here to avoid further miscommunication.

[RalfJung]

What is the point of this change? (I have asked about this before.)

[RalfJung]

Oh you replied elsewhere. Please put the replies in the proper threads so that I have a chance to find them.

Re eval_libc_u32 for mode: mode_t is u16 on macOS in the libc crate, so to_u32() panics. kept eval_libc with Scalar.

Why was this not a problem before? We're already running tests like this on macOS, aren't we?

[RalfJung]

But the &-masking still doesn't make sense to me. This should then be

metadata.mode.to_uint(this.libc_ty_layout("mode_t").size)?.try_into().unwrap_or_else(...)

[enthropy7]

replaced the & u16::MAX mask with libc_ty_layout("mode_t").size to read the scalar at mode_t's actual target width (u16 on macOS, u32 on Linux). same fix applied in the statx writer. sorry about the misplaced reply earlier.

[RalfJung]

Please have a look at this for how to write this case distinction with less code duplication.

[enthropy7]

extracted a free function file_type_to_mode_name(FileType) -> &'static str using #[cfg(unix)] per arm, matching the shape of file_type_to_d_type. the cfg_select! block is gone.

[RalfJung]

Why do we actively ignore the metadata info from the host here if this is not a regular file/dir/symlink?

[enthropy7]

my mistake, removed the is_regular_fs_entry zeroing. from_meta now always use MetadataExt::dev/uid/gid as we always called with real host metadata.

[RalfJung]

We don't actually know that stdin/stdout/stderr are S_IFCHR, right? It could be a file if some redirected the output there.

I'd propose to skip stdin/stdout/stderr in this first PR. We have to either use non-portable APIs to give a correct answer or make a guess, neither of which is great, so until we have a clear usecase IMO it's better to just not support them.

[enthropy7]

agreed, dropped stdio support from this PR. Removed the fstat impls on io::Stdin/Stdout/Stderr/NullOutput and the corresponding tests.

[rustbot]

This PR was rebased onto a different master commit. Here's a range-diff highlighting what actually changed.

Rebasing is a normal part of keeping PRs up to date, so no action is needed—this note is just to help reviewers.

resolved

[RalfJung]

I took the version of this PR before your mos recent changes and did a slightly different refactor., to avoid funneling the Windows logic through something from the unix shims. Thanks a lot for all your help!

[enthropy7]

I took the version of this PR before your mos recent changes and did a slightly different refactor., to avoid funneling the Windows logic through something from the unix shims. Thanks a lot for all your help!

Thank you too for collaborating! It was a pleasure to work on Miri. Will try to find new issues when I have free time and work together again. And about FileMetadata - I agree with your approach, I just thought you knew it's different for Windows and Unix and unifying it was on purpose.

[RalfJung]

That's fair, but I had indeed entirely forgotten this and was just making guesses in this PR. :)