Issue 122262: MAP_PRIVATE for more reliability on virtualised filesys…

…tems.

Adding support of quirky filesystems occuring in virtualised settings not
having full POSIX support for memory mapped files. Example: current virtiofs
with cache disabled, occuring in Incus/LXD or Kata Containers. Has been
hitting various virtualised filesystems since 2016, depending on their levels
of maturity at the time. The situation will perhaps improve when virtiofs DAX
support patches will have made it into the qemu mainline.

On a reliability level, using the MAP_PRIVATE sycall flag instead of the
MAP_SHARED syscall flag for the mmap() system call does have some undefined
behaviour when the caller update the memory mapping of the mmap()ed file, but
MAP_SHARED does allow not only the calling process but other processes to
modify the memory mapping. Thus, in the current context, using MAP_PRIVATE
copy-on-write is marginally more reliable than MAP_SHARED.

This discussion of reliability is orthogonal to the type system enforced safety
policy of rust, which does not claim to handle memory modification of memory
mapped files triggered through the operating system and not the running rust
process.

compiler/rustc_data_structures/src/memmap.rs

@@ -20,7 +20,8 @@ impl Mmap {
     pub unsafe fn map(file: File) -> io::Result<Self> {
         // Safety: the caller must ensure that this is safe. The memory mapping is here set up to
         // ensure that updates by external processes do not alter the mapped data. This enables
-        // support by file systems such as virtiofs that are not fully POSIX compliant.
+        // support by rustc of some non fully POSIX compliant file systems such as cacheless virtiofs.
+        // https://github.com/rust-lang/rust/issues/122262
         unsafe { memmap2::MmapOptions::new().map_copy_read_only(&file).map(Mmap) }
     }
 }