lib.rs source code [crates/panic_abort/src/lib.rs]

1	//! Implementation of Rust panics via process aborts
2	//!
3	//! When compared to the implementation via unwinding, this crate is much
4	//! simpler! That being said, it's not quite as versatile, but here goes!
5
6	#![no_std]
7	#![unstable(feature = "panic_abort", issue = "32837")]
8	#![doc(issue_tracker_base_url = "https://github.com/rust-lang/rust/issues/")]
9	#![panic_runtime]
10	#![allow(unused_features)]
11	#![feature(asm_experimental_arch)]
12	#![feature(core_intrinsics)]
13	#![feature(panic_runtime)]
14	#![feature(std_internals)]
15	#![feature(staged_api)]
16	#![feature(rustc_attrs)]
17	#![feature(c_unwind)]
18	#![allow(internal_features)]
19
20	#[cfg(target_os = "android")]
21	mod android;
22
23	#[cfg(target_os = "zkvm")]
24	mod zkvm;
25
26	use core::any::Any;
27	use core::panic::PanicPayload;
28
29	#[rustc_std_internal_symbol]
30	#[allow(improper_ctypes_definitions)]
31	pub unsafe extern "C" fn __rust_panic_cleanup(_: *mut u8) -> *mut (dyn Any + Send + 'static) {
32	unreachable!()
33	}
34
35	// "Leak" the payload and shim to the relevant abort on the platform in question.
36	#[rustc_std_internal_symbol]
37	pub unsafe fn __rust_start_panic(_payload: &mut dyn PanicPayload) -> u32 {
38	// Android has the ability to attach a message as part of the abort.
39	#[cfg(target_os = "android")]
40	android::android_set_abort_message(_payload);
41	#[cfg(target_os = "zkvm")]
42	zkvm::zkvm_set_abort_message(_payload);
43
44	abort();
45
46	cfg_if::cfg_if! {
47	if #[cfg(any(unix, target_os = "solid_asp3"))] {
48	unsafe fn abort() -> ! {
49	libc::abort();
50	}
51	} else if #[cfg(any(target_os = "hermit",
52	all(target_vendor = "fortanix", target_env = "sgx"),
53	target_os = "xous",
54	target_os = "uefi",
55	))] {
56	unsafe fn abort() -> ! {
57	// call std::sys::abort_internal
58	extern "C" {
59	pub fn __rust_abort() -> !;
60	}
61	__rust_abort();
62	}
63	} else if #[cfg(all(windows, not(miri)))] {
64	// On Windows, use the processor-specific __fastfail mechanism. In Windows 8
65	// and later, this will terminate the process immediately without running any
66	// in-process exception handlers. In earlier versions of Windows, this
67	// sequence of instructions will be treated as an access violation,
68	// terminating the process but without necessarily bypassing all exception
69	// handlers.
70	//
71	// https://docs.microsoft.com/en-us/cpp/intrinsics/fastfail
72	//
73	// Note: this is the same implementation as in std's `abort_internal`
74	unsafe fn abort() -> ! {
75	#[allow(unused)]
76	const FAST_FAIL_FATAL_APP_EXIT: usize = `7`;
77	cfg_if::cfg_if! {
78	if #[cfg(any(target_arch = "x86", target_arch = "x86_64"))] {
79	core::arch::asm!("int $$0x29", in("ecx") FAST_FAIL_FATAL_APP_EXIT, options(noreturn, nostack));
80	} else if #[cfg(all(target_arch = "arm", target_feature = "thumb-mode"))] {
81	core::arch::asm!(".inst 0xDEFB", in("r0") FAST_FAIL_FATAL_APP_EXIT, options(noreturn, nostack));
82	} else if #[cfg(any(target_arch = "aarch64", target_arch = "arm64ec"))] {
83	core::arch::asm!("brk 0xF003", in("x0") FAST_FAIL_FATAL_APP_EXIT, options(noreturn, nostack));
84	} else {
85	core::intrinsics::abort();
86	}
87	}
88	}
89	} else if #[cfg(target_os = "teeos")] {
90	mod teeos {
91	extern "C" {
92	pub fn TEE_Panic(code: u32) -> !;
93	}
94	}
95
96	unsafe fn abort() -> ! {
97	teeos::TEE_Panic(`1`);
98	}
99	} else {
100	unsafe fn abort() -> ! {
101	core::intrinsics::abort();
102	}
103	}
104	}
105	}
106
107	// This... is a bit of an oddity. The tl;dr; is that this is required to link
108	// correctly, the longer explanation is below.
109	//
110	// Right now the binaries of core/std that we ship are all compiled with
111	// `-C panic=unwind`. This is done to ensure that the binaries are maximally
112	// compatible with as many situations as possible. The compiler, however,
113	// requires a "personality function" for all functions compiled with `-C
114	// panic=unwind`. This personality function is hardcoded to the symbol
115	// `rust_eh_personality` and is defined by the `eh_personality` lang item.
116	//
117	// So... why not just define that lang item here? Good question! The way that
118	// panic runtimes are linked in is actually a little subtle in that they're
119	// "sort of" in the compiler's crate store, but only actually linked if another
120	// isn't actually linked. This ends up meaning that both this crate and the
121	// panic_unwind crate can appear in the compiler's crate store, and if both
122	// define the `eh_personality` lang item then that'll hit an error.
123	//
124	// To handle this the compiler only requires the `eh_personality` is defined if
125	// the panic runtime being linked in is the unwinding runtime, and otherwise
126	// it's not required to be defined (rightfully so). In this case, however, this
127	// library just defines this symbol so there's at least some personality
128	// somewhere.
129	//
130	// Essentially this symbol is just defined to get wired up to core/std
131	// binaries, but it should never be called as we don't link in an unwinding
132	// runtime at all.
133	pub mod personalities {
134	// In the past this module used to contain stubs for the personality
135	// functions of various platforms, but these where removed when personality
136	// functions were moved to std.
137
138	// This corresponds to the `eh_catch_typeinfo` lang item
139	// that's only used on Emscripten currently.
140	//
141	// Since panics don't generate exceptions and foreign exceptions are
142	// currently UB with -C panic=abort (although this may be subject to
143	// change), any catch_unwind calls will never use this typeinfo.
144	#[rustc_std_internal_symbol]
145	#[allow(non_upper_case_globals)]
146	#[cfg(target_os = "emscripten")]
147	static rust_eh_catch_typeinfo: [usize; `2`] = [`0`; `2`];
148	}
149