mikros/rust
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Auto merge of #3319 - bjorn3:some_more_shims, r=RalfJung

Browse Source 
Directly implement native exception raise methods in miri

This implements the `_Unwind_RaiseException` function used on pretty much every unix system for starting unwinding. This allows removing the miri special case from libpanic_unwind for unix.

Windows still needs `miri_start_unwind` as SEH unwinding isn't supported by miri. Unlike DWARF unwinding, SEH preserves all stack frames until right after the do_catch function has executed. Because of this panic_unwind stack allocates the exception object. Miri can't currently model unwinding without destroying stack frames and as such will report a use-after-free of the exception object.
This commit is contained in:
bors 2024-05-19 17:35:20 +00:00
commit 85ed056888
26 changed files with 168 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/tools/miri/ci/ci.sh
View File

@ -145,7 +145,7 @@ case $HOST_TARGET in
TEST_TARGET=s390x-unknown-linux-gnu run_tests # big-endian architecture of choice
# Partially supported targets (tier 2)
BASIC="empty_main integer vec string btreemap hello hashmap heap_alloc align" # ensures we have the basics: stdout/stderr, system allocator, randomness (for HashMap initialization)
UNIX="panic/panic concurrency/simple atomic libc-mem libc-misc libc-random env num_cpus" # the things that are very similar across all Unixes, and hence easily supported there
UNIX="panic/panic panic/unwind concurrency/simple atomic libc-mem libc-misc libc-random env num_cpus" # the things that are very similar across all Unixes, and hence easily supported there
TEST_TARGET=x86_64-unknown-freebsd run_tests_minimal $BASIC $UNIX threadname libc-time fs
TEST_TARGET=i686-unknown-freebsd run_tests_minimal $BASIC $UNIX threadname libc-time fs
TEST_TARGET=x86_64-unknown-illumos run_tests_minimal $BASIC $UNIX pthread-sync

2
src/tools/miri/src/intrinsics/atomic.rs
View File

@ -116,7 +116,7 @@ fn fence_ord(ord: &str) -> AtomicFenceOrd {
_ => return Ok(EmulateItemResult::NotSupported),
}
Ok(EmulateItemResult::NeedsJumping)
Ok(EmulateItemResult::NeedsReturn)
}
}

11
src/tools/miri/src/intrinsics/mod.rs
View File

@ -26,7 +26,7 @@ fn call_intrinsic(
args: &[OpTy<'tcx, Provenance>],
dest: &MPlaceTy<'tcx, Provenance>,
ret: Option<mir::BasicBlock>,
_unwind: mir::UnwindAction,
unwind: mir::UnwindAction,
) -> InterpResult<'tcx, Option<ty::Instance<'tcx>>> {
let this = self.eval_context_mut();
@ -62,11 +62,16 @@ fn call_intrinsic(
args: instance.args,
}))
}
EmulateItemResult::NeedsJumping => {
EmulateItemResult::NeedsReturn => {
trace!("{:?}", this.dump_place(&dest.clone().into()));
this.return_to_block(ret)?;
Ok(None)
}
EmulateItemResult::NeedsUnwind => {
// Jump to the unwind block to begin unwinding.
this.unwind_to_block(unwind)?;
Ok(None)
}
EmulateItemResult::AlreadyJumped => Ok(None),
}
}
@ -441,6 +446,6 @@ fn emulate_intrinsic_by_name(
_ => return Ok(EmulateItemResult::NotSupported),
}
Ok(EmulateItemResult::NeedsJumping)
Ok(EmulateItemResult::NeedsReturn)
}
}

2
src/tools/miri/src/intrinsics/simd.rs
View File

@ -746,7 +746,7 @@ enum Op {
_ => return Ok(EmulateItemResult::NotSupported),
}
Ok(EmulateItemResult::NeedsJumping)
Ok(EmulateItemResult::NeedsReturn)
}
fn fminmax_op(

2
src/tools/miri/src/shims/alloc.rs
View File

@ -87,7 +87,7 @@ fn emulate_allocator(
}
AllocatorKind::Default => {
default(this)?;
Ok(EmulateItemResult::NeedsJumping)
Ok(EmulateItemResult::NeedsReturn)
}
}
}

23
src/tools/miri/src/shims/foreign_items.rs
View File

@ -82,11 +82,15 @@ fn emulate_foreign_item(
}
// The rest either implements the logic, or falls back to `lookup_exported_symbol`.
match this.emulate_foreign_item_inner(link_name, abi, args, dest, unwind)? {
EmulateItemResult::NeedsJumping => {
match this.emulate_foreign_item_inner(link_name, abi, args, dest)? {
EmulateItemResult::NeedsReturn => {
trace!("{:?}", this.dump_place(&dest.clone().into()));
this.return_to_block(ret)?;
}
EmulateItemResult::NeedsUnwind => {
// Jump to the unwind block to begin unwinding.
this.unwind_to_block(unwind)?;
}
EmulateItemResult::AlreadyJumped => (),
EmulateItemResult::NotSupported => {
if let Some(body) = this.lookup_exported_symbol(link_name)? {
@ -206,7 +210,6 @@ fn emulate_foreign_item_inner(
abi: Abi,
args: &[OpTy<'tcx, Provenance>],
dest: &MPlaceTy<'tcx, Provenance>,
unwind: mir::UnwindAction,
) -> InterpResult<'tcx, EmulateItemResult> {
let this = self.eval_context_mut();
@ -218,7 +221,7 @@ fn emulate_foreign_item_inner(
// by the specified `.so` file; we should continue and check if it corresponds to
// a provided shim.
if this.call_native_fn(link_name, dest, args)? {
return Ok(EmulateItemResult::NeedsJumping);
return Ok(EmulateItemResult::NeedsReturn);
}
}
@ -263,9 +266,9 @@ fn emulate_foreign_item_inner(
match link_name.as_str() {
// Miri-specific extern functions
"miri_start_unwind" => {
// `check_shim` happens inside `handle_miri_start_unwind`.
this.handle_miri_start_unwind(abi, link_name, args, unwind)?;
return Ok(EmulateItemResult::AlreadyJumped);
let [payload] = this.check_shim(abi, Abi::Rust, link_name, args)?;
this.handle_miri_start_unwind(payload)?;
return Ok(EmulateItemResult::NeedsUnwind);
}
"miri_run_provenance_gc" => {
let [] = this.check_shim(abi, Abi::Rust, link_name, args)?;
@ -480,7 +483,7 @@ fn emulate_foreign_item_inner(
"__rust_alloc" => return this.emulate_allocator(default),
"miri_alloc" => {
default(this)?;
return Ok(EmulateItemResult::NeedsJumping);
return Ok(EmulateItemResult::NeedsReturn);
}
_ => unreachable!(),
}
@ -540,7 +543,7 @@ fn emulate_foreign_item_inner(
}
"miri_dealloc" => {
default(this)?;
return Ok(EmulateItemResult::NeedsJumping);
return Ok(EmulateItemResult::NeedsReturn);
}
_ => unreachable!(),
}
@ -961,6 +964,6 @@ fn emulate_foreign_item_inner(
};
// We only fall through to here if we did *not* hit the `_` arm above,
// i.e., if we actually emulated the function with one of the shims.
Ok(EmulateItemResult::NeedsJumping)
Ok(EmulateItemResult::NeedsReturn)
}
}

6
src/tools/miri/src/shims/mod.rs
View File

@ -22,8 +22,10 @@
/// What needs to be done after emulating an item (a shim or an intrinsic) is done.
pub enum EmulateItemResult {
/// The caller is expected to jump to the return block.
NeedsJumping,
/// Jumping has already been taken care of.
NeedsReturn,
/// The caller is expected to jump to the unwind block.
NeedsUnwind,
/// Jumping to the next block has already been taken care of.
AlreadyJumped,
/// The item is not supported.
NotSupported,

13
src/tools/miri/src/shims/panic.rs
View File

@ -13,7 +13,6 @@
use rustc_ast::Mutability;
use rustc_middle::{mir, ty};
use rustc_span::Symbol;
use rustc_target::spec::abi::Abi;
use rustc_target::spec::PanicStrategy;
@ -46,25 +45,15 @@ impl<'mir, 'tcx: 'mir> EvalContextExt<'mir, 'tcx> for crate::MiriInterpCx<'mir,
pub trait EvalContextExt<'mir, 'tcx: 'mir>: crate::MiriInterpCxExt<'mir, 'tcx> {
/// Handles the special `miri_start_unwind` intrinsic, which is called
/// by libpanic_unwind to delegate the actual unwinding process to Miri.
fn handle_miri_start_unwind(
&mut self,
abi: Abi,
link_name: Symbol,
args: &[OpTy<'tcx, Provenance>],
unwind: mir::UnwindAction,
) -> InterpResult<'tcx> {
fn handle_miri_start_unwind(&mut self, payload: &OpTy<'tcx, Provenance>) -> InterpResult<'tcx> {
let this = self.eval_context_mut();
trace!("miri_start_unwind: {:?}", this.frame().instance);
// Get the raw pointer stored in arg[0] (the panic payload).
let [payload] = this.check_shim(abi, Abi::Rust, link_name, args)?;
let payload = this.read_scalar(payload)?;
let thread = this.active_thread_mut();
thread.panic_payloads.push(payload);
// Jump to the unwind block to begin unwinding.
this.unwind_to_block(unwind)?;
Ok(())
}

2
src/tools/miri/src/shims/unix/android/foreign_items.rs
View File

@ -27,6 +27,6 @@ fn emulate_foreign_item_inner(
_ => return Ok(EmulateItemResult::NotSupported),
}
Ok(EmulateItemResult::NeedsJumping)
Ok(EmulateItemResult::NeedsReturn)
}
}

27
src/tools/miri/src/shims/unix/foreign_items.rs
View File

@ -639,6 +639,31 @@ fn emulate_foreign_item_inner(
this.gen_random(ptr, len)?;
this.write_scalar(Scalar::from_target_usize(len, this), dest)?;
}
"_Unwind_RaiseException" => {
// This is not formally part of POSIX, but it is very wide-spread on POSIX systems.
// It was originally specified as part of the Itanium C++ ABI:
// https://itanium-cxx-abi.github.io/cxx-abi/abi-eh.html#base-throw.
// On Linux it is
// documented as part of the LSB:
// https://refspecs.linuxfoundation.org/LSB_5.0.0/LSB-Core-generic/LSB-Core-generic/baselib--unwind-raiseexception.html
// Basically every other UNIX uses the exact same api though. Arm also references
// back to the Itanium C++ ABI for the definition of `_Unwind_RaiseException` for
// arm64:
// https://github.com/ARM-software/abi-aa/blob/main/cppabi64/cppabi64.rst#toc-entry-35
// For arm32 they did something custom, but similar enough that the same
// `_Unwind_RaiseException` impl in miri should work:
// https://github.com/ARM-software/abi-aa/blob/main/ehabi32/ehabi32.rst
if !matches!(&*this.tcx.sess.target.os, "linux" | "freebsd" | "illumos" | "solaris" | "android" | "macos") {
throw_unsup_format!(
"`_Unwind_RaiseException` is not supported on {}",
this.tcx.sess.target.os
);
}
// This function looks and behaves excatly like miri_start_unwind.
let [payload] = this.check_shim(abi, Abi::C { unwind: true }, link_name, args)?;
this.handle_miri_start_unwind(payload)?;
return Ok(EmulateItemResult::NeedsUnwind);
}
// Incomplete shims that we "stub out" just to get pre-main initialization code to work.
// These shims are enabled only when the caller is in the standard library.
@ -760,6 +785,6 @@ fn emulate_foreign_item_inner(
}
};
Ok(EmulateItemResult::NeedsJumping)
Ok(EmulateItemResult::NeedsReturn)
}
}

2
src/tools/miri/src/shims/unix/freebsd/foreign_items.rs
View File

@ -86,6 +86,6 @@ fn emulate_foreign_item_inner(
_ => return Ok(EmulateItemResult::NotSupported),
}
Ok(EmulateItemResult::NeedsJumping)
Ok(EmulateItemResult::NeedsReturn)
}
}

2
src/tools/miri/src/shims/unix/linux/foreign_items.rs
View File

@ -203,6 +203,6 @@ fn emulate_foreign_item_inner(
_ => return Ok(EmulateItemResult::NotSupported),
};
Ok(EmulateItemResult::NeedsJumping)
Ok(EmulateItemResult::NeedsReturn)
}
}

2
src/tools/miri/src/shims/unix/macos/foreign_items.rs
View File

@ -177,6 +177,6 @@ fn emulate_foreign_item_inner(
_ => return Ok(EmulateItemResult::NotSupported),
};
Ok(EmulateItemResult::NeedsJumping)
Ok(EmulateItemResult::NeedsReturn)
}
}

2
src/tools/miri/src/shims/unix/solarish/foreign_items.rs
View File

@ -45,6 +45,6 @@ fn emulate_foreign_item_inner(
_ => return Ok(EmulateItemResult::NotSupported),
}
Ok(EmulateItemResult::NeedsJumping)
Ok(EmulateItemResult::NeedsReturn)
}
}

2
src/tools/miri/src/shims/wasi/foreign_items.rs
View File

@ -35,6 +35,6 @@ fn emulate_foreign_item_inner(
_ => return Ok(EmulateItemResult::NotSupported),
}
Ok(EmulateItemResult::NeedsJumping)
Ok(EmulateItemResult::NeedsReturn)
}
}

2
src/tools/miri/src/shims/windows/foreign_items.rs
View File

@ -762,6 +762,6 @@ fn emulate_foreign_item_inner(
_ => return Ok(EmulateItemResult::NotSupported),
}
Ok(EmulateItemResult::NeedsJumping)
Ok(EmulateItemResult::NeedsReturn)
}
}

2
src/tools/miri/src/shims/x86/aesni.rs
View File

@ -127,7 +127,7 @@ fn emulate_x86_aesni_intrinsic(
// with an external crate.
_ => return Ok(EmulateItemResult::NotSupported),
}
Ok(EmulateItemResult::NeedsJumping)
Ok(EmulateItemResult::NeedsReturn)
}
}

2
src/tools/miri/src/shims/x86/avx.rs
View File

@ -344,6 +344,6 @@ fn emulate_x86_avx_intrinsic(
}
_ => return Ok(EmulateItemResult::NotSupported),
}
Ok(EmulateItemResult::NeedsJumping)
Ok(EmulateItemResult::NeedsReturn)
}
}

2
src/tools/miri/src/shims/x86/avx2.rs
View File

@ -440,6 +440,6 @@ fn emulate_x86_avx2_intrinsic(
}
_ => return Ok(EmulateItemResult::NotSupported),
}
Ok(EmulateItemResult::NeedsJumping)
Ok(EmulateItemResult::NeedsReturn)
}
}

2
src/tools/miri/src/shims/x86/mod.rs
View File

@ -144,7 +144,7 @@ fn emulate_x86_intrinsic(
_ => return Ok(EmulateItemResult::NotSupported),
}
Ok(EmulateItemResult::NeedsJumping)
Ok(EmulateItemResult::NeedsReturn)
}
}

2
src/tools/miri/src/shims/x86/sse.rs
View File

@ -212,6 +212,6 @@ fn emulate_x86_sse_intrinsic(
}
_ => return Ok(EmulateItemResult::NotSupported),
}
Ok(EmulateItemResult::NeedsJumping)
Ok(EmulateItemResult::NeedsReturn)
}
}

2
src/tools/miri/src/shims/x86/sse2.rs
View File

@ -388,6 +388,6 @@ fn emulate_x86_sse2_intrinsic(
}
_ => return Ok(EmulateItemResult::NotSupported),
}
Ok(EmulateItemResult::NeedsJumping)
Ok(EmulateItemResult::NeedsReturn)
}
}

2
src/tools/miri/src/shims/x86/sse3.rs
View File

@ -51,6 +51,6 @@ fn emulate_x86_sse3_intrinsic(
}
_ => return Ok(EmulateItemResult::NotSupported),
}
Ok(EmulateItemResult::NeedsJumping)
Ok(EmulateItemResult::NeedsReturn)
}
}

2
src/tools/miri/src/shims/x86/sse41.rs
View File

@ -176,6 +176,6 @@ fn emulate_x86_sse41_intrinsic(
}
_ => return Ok(EmulateItemResult::NotSupported),
}
Ok(EmulateItemResult::NeedsJumping)
Ok(EmulateItemResult::NeedsReturn)
}
}

2
src/tools/miri/src/shims/x86/ssse3.rs
View File

@ -137,6 +137,6 @@ fn emulate_x86_ssse3_intrinsic(
}
_ => return Ok(EmulateItemResult::NotSupported),
}
Ok(EmulateItemResult::NeedsJumping)
Ok(EmulateItemResult::NeedsReturn)
}
}

96
src/tools/miri/tests/pass/panic/unwind_dwarf.rs Normal file
View File

@ -0,0 +1,96 @@
//@ignore-target-windows: Windows uses a different unwinding mechanism
#![feature(core_intrinsics, panic_unwind, rustc_attrs)]
#![allow(internal_features)]
//! Unwinding using `_Unwind_RaiseException`
extern crate unwind as uw;
use std::any::Any;
use std::ptr;
#[repr(C)]
struct Exception {
_uwe: uw::_Unwind_Exception,
cause: Box<dyn Any + Send>,
}
pub fn panic(data: Box<dyn Any + Send>) -> u32 {
extern "C" fn exception_cleanup(
_unwind_code: uw::_Unwind_Reason_Code,
_exception: *mut uw::_Unwind_Exception,
) {
std::process::abort();
}
let exception = Box::new(Exception {
_uwe: uw::_Unwind_Exception {
exception_class: miri_exception_class(),
exception_cleanup: Some(exception_cleanup),
private: [core::ptr::null(); uw::unwinder_private_data_size],
},
cause: data,
});
let exception_param = Box::into_raw(exception) as *mut uw::_Unwind_Exception;
return unsafe { uw::_Unwind_RaiseException(exception_param) as u32 };
}
pub unsafe fn rust_panic_cleanup(ptr: *mut u8) -> Box<dyn Any + Send> {
let exception = ptr as *mut uw::_Unwind_Exception;
if (*exception).exception_class != miri_exception_class() {
std::process::abort();
}
let exception = exception.cast::<Exception>();
let exception = Box::from_raw(exception as *mut Exception);
exception.cause
}
fn miri_exception_class() -> uw::_Unwind_Exception_Class {
// M O Z \0 M I R I -- vendor, language
// (Miri's own exception class is just used for testing)
0x4d4f5a_00_4d495249
}
pub fn catch_unwind<R, F: FnOnce() -> R>(f: F) -> Result<R, Box<dyn Any + Send>> {
struct Data<F, R> {
f: Option<F>,
r: Option<R>,
p: Option<Box<dyn Any + Send>>,
}
let mut data = Data { f: Some(f), r: None, p: None };
let data_ptr = ptr::addr_of_mut!(data) as *mut u8;
unsafe {
return if std::intrinsics::catch_unwind(do_call::<F, R>, data_ptr, do_catch::<F, R>) == 0 {
Ok(data.r.take().unwrap())
} else {
Err(data.p.take().unwrap())
};
}
fn do_call<F: FnOnce() -> R, R>(data: *mut u8) {
unsafe {
let data = &mut *data.cast::<Data<F, R>>();
let f = data.f.take().unwrap();
data.r = Some(f());
}
}
#[rustc_nounwind]
fn do_catch<F: FnOnce() -> R, R>(data: *mut u8, payload: *mut u8) {
unsafe {
let obj = rust_panic_cleanup(payload);
(*data.cast::<Data<F, R>>()).p = Some(obj);
}
}
}
fn main() {
assert_eq!(
catch_unwind(|| panic(Box::new(42))).unwrap_err().downcast::<i32>().unwrap(),
Box::new(42)
);
}