diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-17 12:02:58 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-17 12:02:58 +0000 |
commit | 698f8c2f01ea549d77d7dc3338a12e04c11057b9 (patch) | |
tree | 173a775858bd501c378080a10dca74132f05bc50 /library/panic_abort | |
parent | Initial commit. (diff) | |
download | rustc-698f8c2f01ea549d77d7dc3338a12e04c11057b9.tar.xz rustc-698f8c2f01ea549d77d7dc3338a12e04c11057b9.zip |
Adding upstream version 1.64.0+dfsg1.upstream/1.64.0+dfsg1
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'library/panic_abort')
-rw-r--r-- | library/panic_abort/Cargo.toml | 19 | ||||
-rw-r--r-- | library/panic_abort/src/android.rs | 49 | ||||
-rw-r--r-- | library/panic_abort/src/lib.rs | 155 |
3 files changed, 223 insertions, 0 deletions
diff --git a/library/panic_abort/Cargo.toml b/library/panic_abort/Cargo.toml new file mode 100644 index 000000000..46183d1ad --- /dev/null +++ b/library/panic_abort/Cargo.toml @@ -0,0 +1,19 @@ +[package] +name = "panic_abort" +version = "0.0.0" +license = "MIT OR Apache-2.0" +repository = "https://github.com/rust-lang/rust.git" +description = "Implementation of Rust panics via process aborts" +edition = "2021" + +[lib] +test = false +bench = false +doc = false + +[dependencies] +alloc = { path = "../alloc" } +cfg-if = { version = "0.1.8", features = ['rustc-dep-of-std'] } +core = { path = "../core" } +libc = { version = "0.2", default-features = false } +compiler_builtins = "0.1.0" diff --git a/library/panic_abort/src/android.rs b/library/panic_abort/src/android.rs new file mode 100644 index 000000000..18bb932f1 --- /dev/null +++ b/library/panic_abort/src/android.rs @@ -0,0 +1,49 @@ +use alloc::string::String; +use core::mem::transmute; +use core::panic::BoxMeUp; +use core::ptr::copy_nonoverlapping; + +const ANDROID_SET_ABORT_MESSAGE: &[u8] = b"android_set_abort_message\0"; +type SetAbortMessageType = unsafe extern "C" fn(*const libc::c_char) -> (); + +// Forward the abort message to libc's android_set_abort_message. We try our best to populate the +// message but as this function may already be called as part of a failed allocation, it might not be +// possible to do so. +// +// Some methods of core are on purpose avoided (such as try_reserve) as these rely on the correct +// resolution of rust_eh_personality which is loosely defined in panic_abort. +// +// Weakly resolve the symbol for android_set_abort_message. This function is only available +// for API >= 21. +pub(crate) unsafe fn android_set_abort_message(payload: *mut &mut dyn BoxMeUp) { + let func_addr = + libc::dlsym(libc::RTLD_DEFAULT, ANDROID_SET_ABORT_MESSAGE.as_ptr() as *const libc::c_char) + as usize; + if func_addr == 0 { + return; + } + + let payload = (*payload).get(); + let msg = match payload.downcast_ref::<&'static str>() { + Some(msg) => msg.as_bytes(), + None => match payload.downcast_ref::<String>() { + Some(msg) => msg.as_bytes(), + None => &[], + }, + }; + if msg.is_empty() { + return; + } + + // Allocate a new buffer to append the null byte. + let size = msg.len() + 1usize; + let buf = libc::malloc(size) as *mut libc::c_char; + if buf.is_null() { + return; // allocation failure + } + copy_nonoverlapping(msg.as_ptr(), buf as *mut u8, msg.len()); + buf.offset(msg.len() as isize).write(0); + + let func = transmute::<usize, SetAbortMessageType>(func_addr); + func(buf); +} diff --git a/library/panic_abort/src/lib.rs b/library/panic_abort/src/lib.rs new file mode 100644 index 000000000..8801c670b --- /dev/null +++ b/library/panic_abort/src/lib.rs @@ -0,0 +1,155 @@ +//! Implementation of Rust panics via process aborts +//! +//! When compared to the implementation via unwinding, this crate is *much* +//! simpler! That being said, it's not quite as versatile, but here goes! + +#![no_std] +#![unstable(feature = "panic_abort", issue = "32837")] +#![doc(issue_tracker_base_url = "https://github.com/rust-lang/rust/issues/")] +#![panic_runtime] +#![allow(unused_features)] +#![feature(core_intrinsics)] +#![feature(panic_runtime)] +#![feature(std_internals)] +#![feature(staged_api)] +#![feature(rustc_attrs)] +#![feature(c_unwind)] + +#[cfg(target_os = "android")] +mod android; + +use core::any::Any; +use core::panic::BoxMeUp; + +#[rustc_std_internal_symbol] +#[allow(improper_ctypes_definitions)] +pub unsafe extern "C" fn __rust_panic_cleanup(_: *mut u8) -> *mut (dyn Any + Send + 'static) { + unreachable!() +} + +// "Leak" the payload and shim to the relevant abort on the platform in question. +#[rustc_std_internal_symbol] +pub unsafe fn __rust_start_panic(_payload: *mut &mut dyn BoxMeUp) -> u32 { + // Android has the ability to attach a message as part of the abort. + #[cfg(target_os = "android")] + android::android_set_abort_message(_payload); + + abort(); + + cfg_if::cfg_if! { + if #[cfg(any(unix, target_os = "solid_asp3"))] { + unsafe fn abort() -> ! { + libc::abort(); + } + } else if #[cfg(any(target_os = "hermit", + all(target_vendor = "fortanix", target_env = "sgx") + ))] { + unsafe fn abort() -> ! { + // call std::sys::abort_internal + extern "C" { + pub fn __rust_abort() -> !; + } + __rust_abort(); + } + } else if #[cfg(all(windows, not(miri)))] { + // On Windows, use the processor-specific __fastfail mechanism. In Windows 8 + // and later, this will terminate the process immediately without running any + // in-process exception handlers. In earlier versions of Windows, this + // sequence of instructions will be treated as an access violation, + // terminating the process but without necessarily bypassing all exception + // handlers. + // + // https://docs.microsoft.com/en-us/cpp/intrinsics/fastfail + // + // Note: this is the same implementation as in libstd's `abort_internal` + unsafe fn abort() -> ! { + #[allow(unused)] + const FAST_FAIL_FATAL_APP_EXIT: usize = 7; + cfg_if::cfg_if! { + if #[cfg(any(target_arch = "x86", target_arch = "x86_64"))] { + core::arch::asm!("int $$0x29", in("ecx") FAST_FAIL_FATAL_APP_EXIT); + } else if #[cfg(all(target_arch = "arm", target_feature = "thumb-mode"))] { + core::arch::asm!(".inst 0xDEFB", in("r0") FAST_FAIL_FATAL_APP_EXIT); + } else if #[cfg(target_arch = "aarch64")] { + core::arch::asm!("brk 0xF003", in("x0") FAST_FAIL_FATAL_APP_EXIT); + } else { + core::intrinsics::abort(); + } + } + core::intrinsics::unreachable(); + } + } else { + unsafe fn abort() -> ! { + core::intrinsics::abort(); + } + } + } +} + +// This... is a bit of an oddity. The tl;dr; is that this is required to link +// correctly, the longer explanation is below. +// +// Right now the binaries of libcore/libstd that we ship are all compiled with +// `-C panic=unwind`. This is done to ensure that the binaries are maximally +// compatible with as many situations as possible. The compiler, however, +// requires a "personality function" for all functions compiled with `-C +// panic=unwind`. This personality function is hardcoded to the symbol +// `rust_eh_personality` and is defined by the `eh_personality` lang item. +// +// So... why not just define that lang item here? Good question! The way that +// panic runtimes are linked in is actually a little subtle in that they're +// "sort of" in the compiler's crate store, but only actually linked if another +// isn't actually linked. This ends up meaning that both this crate and the +// panic_unwind crate can appear in the compiler's crate store, and if both +// define the `eh_personality` lang item then that'll hit an error. +// +// To handle this the compiler only requires the `eh_personality` is defined if +// the panic runtime being linked in is the unwinding runtime, and otherwise +// it's not required to be defined (rightfully so). In this case, however, this +// library just defines this symbol so there's at least some personality +// somewhere. +// +// Essentially this symbol is just defined to get wired up to libcore/libstd +// binaries, but it should never be called as we don't link in an unwinding +// runtime at all. +pub mod personalities { + #[rustc_std_internal_symbol] + #[cfg(not(any( + all(target_family = "wasm", not(target_os = "emscripten")), + all(target_os = "windows", target_env = "gnu", target_arch = "x86_64",), + )))] + pub extern "C" fn rust_eh_personality() {} + + // On x86_64-pc-windows-gnu we use our own personality function that needs + // to return `ExceptionContinueSearch` as we're passing on all our frames. + #[rustc_std_internal_symbol] + #[cfg(all(target_os = "windows", target_env = "gnu", target_arch = "x86_64"))] + pub extern "C" fn rust_eh_personality( + _record: usize, + _frame: usize, + _context: usize, + _dispatcher: usize, + ) -> u32 { + 1 // `ExceptionContinueSearch` + } + + // Similar to above, this corresponds to the `eh_catch_typeinfo` lang item + // that's only used on Emscripten currently. + // + // Since panics don't generate exceptions and foreign exceptions are + // currently UB with -C panic=abort (although this may be subject to + // change), any catch_unwind calls will never use this typeinfo. + #[rustc_std_internal_symbol] + #[allow(non_upper_case_globals)] + #[cfg(target_os = "emscripten")] + static rust_eh_catch_typeinfo: [usize; 2] = [0; 2]; + + // These two are called by our startup objects on i686-pc-windows-gnu, but + // they don't need to do anything so the bodies are nops. + #[rustc_std_internal_symbol] + #[cfg(all(target_os = "windows", target_env = "gnu", target_arch = "x86"))] + pub extern "C" fn rust_eh_register_frames() {} + #[rustc_std_internal_symbol] + #[cfg(all(target_os = "windows", target_env = "gnu", target_arch = "x86"))] + pub extern "C" fn rust_eh_unregister_frames() {} +} |