std/sys/personality/gcc.rs
1//! Implementation of panics backed by libgcc/libunwind (in some form).
2//!
3//! For background on exception handling and stack unwinding please see
4//! "Exception Handling in LLVM" (llvm.org/docs/ExceptionHandling.html) and
5//! documents linked from it.
6//! These are also good reads:
7//! * <https://itanium-cxx-abi.github.io/cxx-abi/abi-eh.html>
8//! * <https://nicolasbrailo.github.io/blog/projects_texts/13exceptionsunderthehood.html>
9//! * <https://www.airs.com/blog/index.php?s=exception+frames>
10//!
11//! ## A brief summary
12//!
13//! Exception handling happens in two phases: a search phase and a cleanup
14//! phase.
15//!
16//! In both phases the unwinder walks stack frames from top to bottom using
17//! information from the stack frame unwind sections of the current process's
18//! modules ("module" here refers to an OS module, i.e., an executable or a
19//! dynamic library).
20//!
21//! For each stack frame, it invokes the associated "personality routine", whose
22//! address is also stored in the unwind info section.
23//!
24//! In the search phase, the job of a personality routine is to examine
25//! exception object being thrown, and to decide whether it should be caught at
26//! that stack frame. Once the handler frame has been identified, cleanup phase
27//! begins.
28//!
29//! In the cleanup phase, the unwinder invokes each personality routine again.
30//! This time it decides which (if any) cleanup code needs to be run for
31//! the current stack frame. If so, the control is transferred to a special
32//! branch in the function body, the "landing pad", which invokes destructors,
33//! frees memory, etc. At the end of the landing pad, control is transferred
34//! back to the unwinder and unwinding resumes.
35//!
36//! Once stack has been unwound down to the handler frame level, unwinding stops
37//! and the last personality routine transfers control to the catch block.
38#![forbid(unsafe_op_in_unsafe_fn)]
39
40use unwind as uw;
41
42use super::dwarf::eh::{self, EHAction, EHContext};
43use crate::ffi::c_int;
44
45// Register ids were lifted from LLVM's TargetLowering::getExceptionPointerRegister()
46// and TargetLowering::getExceptionSelectorRegister() for each architecture,
47// then mapped to DWARF register numbers via register definition tables
48// (typically <arch>RegisterInfo.td, search for "DwarfRegNum").
49// See also https://llvm.org/docs/WritingAnLLVMBackend.html#defining-a-register.
50
51#[cfg(target_arch = "x86")]
52const UNWIND_DATA_REG: (i32, i32) = (0, 2); // EAX, EDX
53
54#[cfg(target_arch = "x86_64")]
55const UNWIND_DATA_REG: (i32, i32) = (0, 1); // RAX, RDX
56
57#[cfg(any(target_arch = "arm", target_arch = "aarch64"))]
58const UNWIND_DATA_REG: (i32, i32) = (0, 1); // R0, R1 / X0, X1
59
60#[cfg(target_arch = "m68k")]
61const UNWIND_DATA_REG: (i32, i32) = (0, 1); // D0, D1
62
63#[cfg(any(
64 target_arch = "mips",
65 target_arch = "mips32r6",
66 target_arch = "mips64",
67 target_arch = "mips64r6"
68))]
69const UNWIND_DATA_REG: (i32, i32) = (4, 5); // A0, A1
70
71#[cfg(target_arch = "csky")]
72const UNWIND_DATA_REG: (i32, i32) = (0, 1); // R0, R1
73
74#[cfg(any(target_arch = "powerpc", target_arch = "powerpc64"))]
75const UNWIND_DATA_REG: (i32, i32) = (3, 4); // R3, R4 / X3, X4
76
77#[cfg(target_arch = "s390x")]
78const UNWIND_DATA_REG: (i32, i32) = (6, 7); // R6, R7
79
80#[cfg(any(target_arch = "sparc", target_arch = "sparc64"))]
81const UNWIND_DATA_REG: (i32, i32) = (24, 25); // I0, I1
82
83#[cfg(target_arch = "hexagon")]
84const UNWIND_DATA_REG: (i32, i32) = (0, 1); // R0, R1
85
86#[cfg(any(target_arch = "riscv64", target_arch = "riscv32"))]
87const UNWIND_DATA_REG: (i32, i32) = (10, 11); // x10, x11
88
89#[cfg(any(target_arch = "loongarch32", target_arch = "loongarch64"))]
90const UNWIND_DATA_REG: (i32, i32) = (4, 5); // a0, a1
91
92// The following code is based on GCC's C and C++ personality routines. For reference, see:
93// https://github.com/gcc-mirror/gcc/blob/master/libstdc++-v3/libsupc++/eh_personality.cc
94// https://github.com/gcc-mirror/gcc/blob/trunk/libgcc/unwind-c.c
95
96cfg_select! {
97 all(
98 target_arch = "arm",
99 not(target_vendor = "apple"),
100 not(target_os = "netbsd"),
101 ) => {
102 /// personality fn called by [ARM EHABI][armeabi-eh]
103 ///
104 /// 32-bit ARM on iOS/tvOS/watchOS does not use ARM EHABI, it uses
105 /// either "setjmp-longjmp" unwinding or DWARF CFI unwinding, which is
106 /// handled by the default routine.
107 ///
108 /// [armeabi-eh]: https://web.archive.org/web/20190728160938/https://infocenter.arm.com/help/topic/com.arm.doc.ihi0038b/IHI0038B_ehabi.pdf
109 #[lang = "eh_personality"]
110 unsafe extern "C" fn rust_eh_personality(
111 state: uw::_Unwind_State,
112 exception_object: *mut uw::_Unwind_Exception,
113 context: *mut uw::_Unwind_Context,
114 ) -> uw::_Unwind_Reason_Code {
115 unsafe {
116 let state = state as c_int;
117 let action = state & uw::_US_ACTION_MASK as c_int;
118 let search_phase = if action == uw::_US_VIRTUAL_UNWIND_FRAME as c_int {
119 // Backtraces on ARM will call the personality routine with
120 // state == _US_VIRTUAL_UNWIND_FRAME | _US_FORCE_UNWIND. In those cases
121 // we want to continue unwinding the stack, otherwise all our backtraces
122 // would end at __rust_try
123 if state & uw::_US_FORCE_UNWIND as c_int != 0 {
124 return continue_unwind(exception_object, context);
125 }
126 true
127 } else if action == uw::_US_UNWIND_FRAME_STARTING as c_int {
128 false
129 } else if action == uw::_US_UNWIND_FRAME_RESUME as c_int {
130 return continue_unwind(exception_object, context);
131 } else {
132 return uw::_URC_FAILURE;
133 };
134
135 // The DWARF unwinder assumes that _Unwind_Context holds things like the function
136 // and LSDA pointers, however ARM EHABI places them into the exception object.
137 // To preserve signatures of functions like _Unwind_GetLanguageSpecificData(), which
138 // take only the context pointer, GCC personality routines stash a pointer to
139 // exception_object in the context, using location reserved for ARM's
140 // "scratch register" (r12).
141 uw::_Unwind_SetGR(context, uw::UNWIND_POINTER_REG, exception_object as uw::_Unwind_Ptr);
142 // ...A more principled approach would be to provide the full definition of ARM's
143 // _Unwind_Context in our libunwind bindings and fetch the required data from there
144 // directly, bypassing DWARF compatibility functions.
145
146 let eh_action = match find_eh_action(context) {
147 Ok(action) => action,
148 Err(_) => return uw::_URC_FAILURE,
149 };
150 if search_phase {
151 match eh_action {
152 EHAction::None | EHAction::Cleanup(_) => {
153 return continue_unwind(exception_object, context);
154 }
155 EHAction::Catch(_) | EHAction::Filter(_) => {
156 // EHABI requires the personality routine to update the
157 // SP value in the barrier cache of the exception object.
158 (*exception_object).private[5] =
159 uw::_Unwind_GetGR(context, uw::UNWIND_SP_REG);
160 return uw::_URC_HANDLER_FOUND;
161 }
162 EHAction::Terminate => return uw::_URC_FAILURE,
163 }
164 } else {
165 match eh_action {
166 EHAction::None => return continue_unwind(exception_object, context),
167 EHAction::Filter(_) if state & uw::_US_FORCE_UNWIND as c_int != 0 => return continue_unwind(exception_object, context),
168 EHAction::Cleanup(lpad) | EHAction::Catch(lpad) | EHAction::Filter(lpad) => {
169 uw::_Unwind_SetGR(
170 context,
171 UNWIND_DATA_REG.0,
172 exception_object as uw::_Unwind_Ptr,
173 );
174 uw::_Unwind_SetGR(context, UNWIND_DATA_REG.1, core::ptr::null());
175 uw::_Unwind_SetIP(context, lpad);
176 return uw::_URC_INSTALL_CONTEXT;
177 }
178 EHAction::Terminate => return uw::_URC_FAILURE,
179 }
180 }
181
182 // On ARM EHABI the personality routine is responsible for actually
183 // unwinding a single stack frame before returning (ARM EHABI Sec. 6.1).
184 unsafe fn continue_unwind(
185 exception_object: *mut uw::_Unwind_Exception,
186 context: *mut uw::_Unwind_Context,
187 ) -> uw::_Unwind_Reason_Code {
188 unsafe {
189 if __gnu_unwind_frame(exception_object, context) == uw::_URC_NO_REASON {
190 uw::_URC_CONTINUE_UNWIND
191 } else {
192 uw::_URC_FAILURE
193 }
194 }
195 }
196 // defined in libgcc
197 unsafe extern "C" {
198 fn __gnu_unwind_frame(
199 exception_object: *mut uw::_Unwind_Exception,
200 context: *mut uw::_Unwind_Context,
201 ) -> uw::_Unwind_Reason_Code;
202 }
203 }
204 }
205 }
206 _ => {
207 /// Default personality routine, which is used directly on most targets
208 /// and indirectly on Windows x86_64 and AArch64 via SEH.
209 unsafe extern "C" fn rust_eh_personality_impl(
210 version: c_int,
211 actions: uw::_Unwind_Action,
212 _exception_class: uw::_Unwind_Exception_Class,
213 exception_object: *mut uw::_Unwind_Exception,
214 context: *mut uw::_Unwind_Context,
215 ) -> uw::_Unwind_Reason_Code {
216 unsafe {
217 if version != 1 {
218 return uw::_URC_FATAL_PHASE1_ERROR;
219 }
220 let eh_action = match find_eh_action(context) {
221 Ok(action) => action,
222 Err(_) => return uw::_URC_FATAL_PHASE1_ERROR,
223 };
224 if actions & uw::_UA_SEARCH_PHASE != 0 {
225 match eh_action {
226 EHAction::None | EHAction::Cleanup(_) => uw::_URC_CONTINUE_UNWIND,
227 EHAction::Catch(_) | EHAction::Filter(_) => uw::_URC_HANDLER_FOUND,
228 EHAction::Terminate => uw::_URC_FATAL_PHASE1_ERROR,
229 }
230 } else {
231 match eh_action {
232 EHAction::None => uw::_URC_CONTINUE_UNWIND,
233 // Forced unwinding hits a terminate action.
234 EHAction::Filter(_) if actions & uw::_UA_FORCE_UNWIND != 0 => uw::_URC_CONTINUE_UNWIND,
235 EHAction::Cleanup(lpad) | EHAction::Catch(lpad) | EHAction::Filter(lpad) => {
236 uw::_Unwind_SetGR(
237 context,
238 UNWIND_DATA_REG.0,
239 exception_object.cast(),
240 );
241 uw::_Unwind_SetGR(context, UNWIND_DATA_REG.1, core::ptr::null());
242 uw::_Unwind_SetIP(context, lpad);
243 uw::_URC_INSTALL_CONTEXT
244 }
245 EHAction::Terminate => uw::_URC_FATAL_PHASE2_ERROR,
246 }
247 }
248 }
249 }
250
251 cfg_select! {
252 any(
253 all(windows, any(target_arch = "aarch64", target_arch = "x86_64"), target_env = "gnu"),
254 target_os = "cygwin",
255 ) => {
256 /// personality fn called by [Windows Structured Exception Handling][windows-eh]
257 ///
258 /// On x86_64 and AArch64 MinGW targets, the unwinding mechanism is SEH,
259 /// however the unwind handler data (aka LSDA) uses GCC-compatible encoding
260 ///
261 /// [windows-eh]: https://learn.microsoft.com/en-us/cpp/cpp/structured-exception-handling-c-cpp?view=msvc-170
262 #[lang = "eh_personality"]
263 #[allow(nonstandard_style)]
264 unsafe extern "C" fn rust_eh_personality(
265 exceptionRecord: *mut uw::EXCEPTION_RECORD,
266 establisherFrame: uw::LPVOID,
267 contextRecord: *mut uw::CONTEXT,
268 dispatcherContext: *mut uw::DISPATCHER_CONTEXT,
269 ) -> uw::EXCEPTION_DISPOSITION {
270 // SAFETY: the cfg is still target_os = "windows" and target_env = "gnu",
271 // which means that this is the correct function to call, passing our impl fn
272 // as the callback which gets actually used
273 unsafe {
274 uw::_GCC_specific_handler(
275 exceptionRecord,
276 establisherFrame,
277 contextRecord,
278 dispatcherContext,
279 rust_eh_personality_impl,
280 )
281 }
282 }
283 }
284 _ => {
285 /// personality fn called by [Itanium C++ ABI Exception Handling][itanium-eh]
286 ///
287 /// The personality routine for most non-Windows targets. This will be called by
288 /// the unwinding library:
289 /// - "In the search phase, the framework repeatedly calls the personality routine,
290 /// with the _UA_SEARCH_PHASE flag as described below, first for the current PC
291 /// and register state, and then unwinding a frame to a new PC at each step..."
292 /// - "If the search phase reports success, the framework restarts in the cleanup
293 /// phase. Again, it repeatedly calls the personality routine, with the
294 /// _UA_CLEANUP_PHASE flag as described below, first for the current PC and
295 /// register state, and then unwinding a frame to a new PC at each step..."i
296 ///
297 /// [itanium-eh]: https://itanium-cxx-abi.github.io/cxx-abi/abi-eh.html
298 #[lang = "eh_personality"]
299 unsafe extern "C" fn rust_eh_personality(
300 version: c_int,
301 actions: uw::_Unwind_Action,
302 exception_class: uw::_Unwind_Exception_Class,
303 exception_object: *mut uw::_Unwind_Exception,
304 context: *mut uw::_Unwind_Context,
305 ) -> uw::_Unwind_Reason_Code {
306 // SAFETY: the platform support must modify the cfg for the inner fn
307 // if it needs something different than what is currently invoked.
308 unsafe {
309 rust_eh_personality_impl(
310 version,
311 actions,
312 exception_class,
313 exception_object,
314 context,
315 )
316 }
317 }
318 }
319 }
320 }
321}
322
323unsafe fn find_eh_action(context: *mut uw::_Unwind_Context) -> Result<EHAction, ()> {
324 unsafe {
325 let lsda = uw::_Unwind_GetLanguageSpecificData(context) as *const u8;
326 let mut ip_before_instr: c_int = 0;
327 let ip = uw::_Unwind_GetIPInfo(context, &mut ip_before_instr);
328 let eh_context = EHContext {
329 // The return address points 1 byte past the call instruction,
330 // which could be in the next IP range in LSDA range table.
331 //
332 // `ip = -1` has special meaning, so use wrapping sub to allow for that
333 ip: if ip_before_instr != 0 { ip } else { ip.wrapping_sub(1) },
334 func_start: uw::_Unwind_GetRegionStart(context),
335 get_text_start: &|| uw::_Unwind_GetTextRelBase(context),
336 get_data_start: &|| uw::_Unwind_GetDataRelBase(context),
337 };
338 eh::find_eh_action(lsda, &eh_context)
339 }
340}