lib.rs source code [crates/panic_abort/src/lib.rs]

1	//! Implementation of Rust panics via process aborts
2	//!
3	//! When compared to the implementation via unwinding, this crate is much
4	//! simpler! That being said, it's not quite as versatile, but here goes!
5
6	#![no_std]
7	#![unstable(feature = "panic_abort", issue = "32837")]
8	#![doc(issue_tracker_base_url = "https://github.com/rust-lang/rust/issues/")]
9	#![panic_runtime]
10	#![allow(unused_features)]
11	#![feature(core_intrinsics)]
12	#![feature(panic_runtime)]
13	#![feature(std_internals)]
14	#![feature(staged_api)]
15	#![feature(rustc_attrs)]
16	#![feature(c_unwind)]
17	#![allow(internal_features)]
18
19	#[cfg(target_os = "android")]
20	mod android;
21
22	#[cfg(target_os = "zkvm")]
23	mod zkvm;
24
25	use core::any::Any;
26	use core::panic::PanicPayload;
27
28	#[rustc_std_internal_symbol]
29	#[allow(improper_ctypes_definitions)]
30	pub unsafe extern "C" fn __rust_panic_cleanup(_: *mut u8) -> *mut (dyn Any + Send + 'static) {
31	unreachable!()
32	}
33
34	// "Leak" the payload and shim to the relevant abort on the platform in question.
35	#[rustc_std_internal_symbol]
36	pub unsafe fn __rust_start_panic(_payload: &mut dyn PanicPayload) -> u32 {
37	// Android has the ability to attach a message as part of the abort.
38	#[cfg(target_os = "android")]
39	android::android_set_abort_message(_payload);
40	#[cfg(target_os = "zkvm")]
41	zkvm::zkvm_set_abort_message(_payload);
42
43	abort();
44
45	cfg_if::cfg_if! {
46	if #[cfg(any(unix, target_os = "solid_asp3"))] {
47	unsafe fn abort() -> ! {
48	libc::abort();
49	}
50	} else if #[cfg(any(target_os = "hermit",
51	all(target_vendor = "fortanix", target_env = "sgx"),
52	target_os = "xous",
53	target_os = "uefi",
54	))] {
55	unsafe fn abort() -> ! {
56	// call std::sys::abort_internal
57	extern "C" {
58	pub fn __rust_abort() -> !;
59	}
60	__rust_abort();
61	}
62	} else if #[cfg(all(windows, not(miri)))] {
63	// On Windows, use the processor-specific __fastfail mechanism. In Windows 8
64	// and later, this will terminate the process immediately without running any
65	// in-process exception handlers. In earlier versions of Windows, this
66	// sequence of instructions will be treated as an access violation,
67	// terminating the process but without necessarily bypassing all exception
68	// handlers.
69	//
70	// https://docs.microsoft.com/en-us/cpp/intrinsics/fastfail
71	//
72	// Note: this is the same implementation as in std's `abort_internal`
73	unsafe fn abort() -> ! {
74	#[allow(unused)]
75	const FAST_FAIL_FATAL_APP_EXIT: usize = `7`;
76	cfg_if::cfg_if! {
77	if #[cfg(any(target_arch = "x86", target_arch = "x86_64"))] {
78	core::arch::asm!("int $$0x29", in("ecx") FAST_FAIL_FATAL_APP_EXIT);
79	} else if #[cfg(all(target_arch = "arm", target_feature = "thumb-mode"))] {
80	core::arch::asm!(".inst 0xDEFB", in("r0") FAST_FAIL_FATAL_APP_EXIT);
81	} else if #[cfg(target_arch = "aarch64")] {
82	core::arch::asm!("brk 0xF003", in("x0") FAST_FAIL_FATAL_APP_EXIT);
83	} else {
84	core::intrinsics::abort();
85	}
86	}
87	core::intrinsics::unreachable();
88	}
89	} else if #[cfg(target_os = "teeos")] {
90	mod teeos {
91	extern "C" {
92	pub fn TEE_Panic(code: u32) -> !;
93	}
94	}
95
96	unsafe fn abort() -> ! {
97	teeos::TEE_Panic(`1`);
98	}
99	} else {
100	unsafe fn abort() -> ! {
101	core::intrinsics::abort();
102	}
103	}
104	}
105	}
106
107	// This... is a bit of an oddity. The tl;dr; is that this is required to link
108	// correctly, the longer explanation is below.
109	//
110	// Right now the binaries of core/std that we ship are all compiled with
111	// `-C panic=unwind`. This is done to ensure that the binaries are maximally
112	// compatible with as many situations as possible. The compiler, however,
113	// requires a "personality function" for all functions compiled with `-C
114	// panic=unwind`. This personality function is hardcoded to the symbol
115	// `rust_eh_personality` and is defined by the `eh_personality` lang item.
116	//
117	// So... why not just define that lang item here? Good question! The way that
118	// panic runtimes are linked in is actually a little subtle in that they're
119	// "sort of" in the compiler's crate store, but only actually linked if another
120	// isn't actually linked. This ends up meaning that both this crate and the
121	// panic_unwind crate can appear in the compiler's crate store, and if both
122	// define the `eh_personality` lang item then that'll hit an error.
123	//
124	// To handle this the compiler only requires the `eh_personality` is defined if
125	// the panic runtime being linked in is the unwinding runtime, and otherwise
126	// it's not required to be defined (rightfully so). In this case, however, this
127	// library just defines this symbol so there's at least some personality
128	// somewhere.
129	//
130	// Essentially this symbol is just defined to get wired up to core/std
131	// binaries, but it should never be called as we don't link in an unwinding
132	// runtime at all.
133	pub mod personalities {
134	// In the past this module used to contain stubs for the personality
135	// functions of various platforms, but these where removed when personality
136	// functions were moved to std.
137
138	// This corresponds to the `eh_catch_typeinfo` lang item
139	// that's only used on Emscripten currently.
140	//
141	// Since panics don't generate exceptions and foreign exceptions are
142	// currently UB with -C panic=abort (although this may be subject to
143	// change), any catch_unwind calls will never use this typeinfo.
144	#[rustc_std_internal_symbol]
145	#[allow(non_upper_case_globals)]
146	#[cfg(target_os = "emscripten")]
147	static rust_eh_catch_typeinfo: [usize; `2`] = [`0`; `2`];
148	}
149