diff --git a/library/panic_unwind/src/emcc.rs b/library/panic_unwind/src/emcc.rs index 4140b004ad13..1569c26c9de4 100644 --- a/library/panic_unwind/src/emcc.rs +++ b/library/panic_unwind/src/emcc.rs @@ -71,42 +71,46 @@ pub(crate) unsafe fn cleanup(ptr: *mut u8) -> Box { ptr: *mut u8, is_rust_panic: bool, } - let catch_data = &*(ptr as *mut CatchData); + unsafe { + let catch_data = &*(ptr as *mut CatchData); - let adjusted_ptr = __cxa_begin_catch(catch_data.ptr as *mut libc::c_void) as *mut Exception; - if !catch_data.is_rust_panic { - super::__rust_foreign_exception(); - } + let adjusted_ptr = __cxa_begin_catch(catch_data.ptr as *mut libc::c_void) as *mut Exception; + if !catch_data.is_rust_panic { + super::__rust_foreign_exception(); + } - let canary = (&raw const (*adjusted_ptr).canary).read(); - if !ptr::eq(canary, &EXCEPTION_TYPE_INFO) { - super::__rust_foreign_exception(); - } + let canary = (&raw const (*adjusted_ptr).canary).read(); + if !ptr::eq(canary, &EXCEPTION_TYPE_INFO) { + super::__rust_foreign_exception(); + } - let was_caught = (*adjusted_ptr).caught.swap(true, Ordering::Relaxed); - if was_caught { - // Since cleanup() isn't allowed to panic, we just abort instead. - intrinsics::abort(); + let was_caught = (*adjusted_ptr).caught.swap(true, Ordering::Relaxed); + if was_caught { + // Since cleanup() isn't allowed to panic, we just abort instead. + intrinsics::abort(); + } + let out = (*adjusted_ptr).data.take().unwrap(); + __cxa_end_catch(); + out } - let out = (*adjusted_ptr).data.take().unwrap(); - __cxa_end_catch(); - out } pub(crate) unsafe fn panic(data: Box) -> u32 { - let exception = __cxa_allocate_exception(mem::size_of::()) as *mut Exception; - if exception.is_null() { - return uw::_URC_FATAL_PHASE1_ERROR as u32; + unsafe { + let exception = __cxa_allocate_exception(mem::size_of::()) as *mut Exception; + if exception.is_null() { + return uw::_URC_FATAL_PHASE1_ERROR as u32; + } + ptr::write( + exception, + Exception { + canary: &EXCEPTION_TYPE_INFO, + caught: AtomicBool::new(false), + data: Some(data), + }, + ); + __cxa_throw(exception as *mut _, &EXCEPTION_TYPE_INFO, exception_cleanup); } - ptr::write( - exception, - Exception { - canary: &EXCEPTION_TYPE_INFO, - caught: AtomicBool::new(false), - data: Some(data), - }, - ); - __cxa_throw(exception as *mut _, &EXCEPTION_TYPE_INFO, exception_cleanup); } extern "C" fn exception_cleanup(ptr: *mut libc::c_void) -> *mut libc::c_void { diff --git a/library/panic_unwind/src/gcc.rs b/library/panic_unwind/src/gcc.rs index e478f6c5fc86..5f95870069dc 100644 --- a/library/panic_unwind/src/gcc.rs +++ b/library/panic_unwind/src/gcc.rs @@ -69,7 +69,7 @@ pub(crate) unsafe fn panic(data: Box) -> u32 { cause: data, }); let exception_param = Box::into_raw(exception) as *mut uw::_Unwind_Exception; - return uw::_Unwind_RaiseException(exception_param) as u32; + return unsafe { uw::_Unwind_RaiseException(exception_param) as u32 }; extern "C" fn exception_cleanup( _unwind_code: uw::_Unwind_Reason_Code, @@ -83,26 +83,28 @@ pub(crate) unsafe fn panic(data: Box) -> u32 { } pub(crate) unsafe fn cleanup(ptr: *mut u8) -> Box { - let exception = ptr as *mut uw::_Unwind_Exception; - if (*exception).exception_class != RUST_EXCEPTION_CLASS { - uw::_Unwind_DeleteException(exception); - super::__rust_foreign_exception(); - } + unsafe { + let exception = ptr as *mut uw::_Unwind_Exception; + if (*exception).exception_class != RUST_EXCEPTION_CLASS { + uw::_Unwind_DeleteException(exception); + super::__rust_foreign_exception(); + } - let exception = exception.cast::(); - // Just access the canary field, avoid accessing the entire `Exception` as - // it can be a foreign Rust exception. - let canary = (&raw const (*exception).canary).read(); - if !ptr::eq(canary, &CANARY) { - // A foreign Rust exception, treat it slightly differently from other - // foreign exceptions, because call into `_Unwind_DeleteException` will - // call into `__rust_drop_panic` which produces a confusing - // "Rust panic must be rethrown" message. - super::__rust_foreign_exception(); - } + let exception = exception.cast::(); + // Just access the canary field, avoid accessing the entire `Exception` as + // it can be a foreign Rust exception. + let canary = (&raw const (*exception).canary).read(); + if !ptr::eq(canary, &CANARY) { + // A foreign Rust exception, treat it slightly differently from other + // foreign exceptions, because call into `_Unwind_DeleteException` will + // call into `__rust_drop_panic` which produces a confusing + // "Rust panic must be rethrown" message. + super::__rust_foreign_exception(); + } - let exception = Box::from_raw(exception as *mut Exception); - exception.cause + let exception = Box::from_raw(exception as *mut Exception); + exception.cause + } } // Rust's exception class identifier. This is used by personality routines to diff --git a/library/panic_unwind/src/hermit.rs b/library/panic_unwind/src/hermit.rs index 9719c1334152..8f4562d07fc4 100644 --- a/library/panic_unwind/src/hermit.rs +++ b/library/panic_unwind/src/hermit.rs @@ -9,12 +9,16 @@ pub(crate) unsafe fn cleanup(_ptr: *mut u8) -> Box { unsafe extern "C" { fn __rust_abort() -> !; } - __rust_abort(); + unsafe { + __rust_abort(); + } } pub(crate) unsafe fn panic(_data: Box) -> u32 { unsafe extern "C" { fn __rust_abort() -> !; } - __rust_abort(); + unsafe { + __rust_abort(); + } } diff --git a/library/panic_unwind/src/lib.rs b/library/panic_unwind/src/lib.rs index 45e2a466b4df..1111c2009b3d 100644 --- a/library/panic_unwind/src/lib.rs +++ b/library/panic_unwind/src/lib.rs @@ -27,6 +27,7 @@ #![allow(internal_features)] #![cfg_attr(not(bootstrap), feature(cfg_emscripten_wasm_eh))] #![warn(unreachable_pub)] +#![deny(unsafe_op_in_unsafe_fn)] use alloc::boxed::Box; use core::any::Any; @@ -87,14 +88,16 @@ unsafe extern "C" { #[rustc_std_internal_symbol] #[allow(improper_ctypes_definitions)] pub unsafe extern "C" fn __rust_panic_cleanup(payload: *mut u8) -> *mut (dyn Any + Send + 'static) { - Box::into_raw(imp::cleanup(payload)) + unsafe { Box::into_raw(imp::cleanup(payload)) } } // Entry point for raising an exception, just delegates to the platform-specific // implementation. #[rustc_std_internal_symbol] pub unsafe fn __rust_start_panic(payload: &mut dyn PanicPayload) -> u32 { - let payload = Box::from_raw(payload.take_box()); + unsafe { + let payload = Box::from_raw(payload.take_box()); - imp::panic(payload) + imp::panic(payload) + } } diff --git a/library/panic_unwind/src/miri.rs b/library/panic_unwind/src/miri.rs index ec48b1105ab4..d6d4af8218d3 100644 --- a/library/panic_unwind/src/miri.rs +++ b/library/panic_unwind/src/miri.rs @@ -16,11 +16,11 @@ pub(crate) unsafe fn panic(payload: Box) -> u32 { // The payload we pass to `miri_start_unwind` will be exactly the argument we get // in `cleanup` below. So we just box it up once, to get something pointer-sized. let payload_box: Payload = Box::new(payload); - miri_start_unwind(Box::into_raw(payload_box) as *mut u8) + unsafe { miri_start_unwind(Box::into_raw(payload_box) as *mut u8) } } pub(crate) unsafe fn cleanup(payload_box: *mut u8) -> Box { // Recover the underlying `Box`. - let payload_box: Payload = Box::from_raw(payload_box as *mut _); + let payload_box: Payload = unsafe { Box::from_raw(payload_box as *mut _) }; *payload_box } diff --git a/library/panic_unwind/src/seh.rs b/library/panic_unwind/src/seh.rs index c8dfddf821e6..3a95b940221c 100644 --- a/library/panic_unwind/src/seh.rs +++ b/library/panic_unwind/src/seh.rs @@ -268,9 +268,11 @@ static mut TYPE_DESCRIPTOR: _TypeDescriptor = _TypeDescriptor { macro_rules! define_cleanup { ($abi:tt $abi2:tt) => { unsafe extern $abi fn exception_cleanup(e: *mut Exception) { - if let Exception { data: Some(b), .. } = e.read() { - drop(b); - super::__rust_drop_panic(); + unsafe { + if let Exception { data: Some(b), .. } = e.read() { + drop(b); + super::__rust_drop_panic(); + } } } unsafe extern $abi2 fn exception_copy( @@ -322,45 +324,51 @@ pub(crate) unsafe fn panic(data: Box) -> u32 { // // In any case, we basically need to do something like this until we can // express more operations in statics (and we may never be able to). - atomic_store_seqcst( - (&raw mut THROW_INFO.pmfnUnwind).cast(), - ptr_t::new(exception_cleanup as *mut u8).raw(), - ); - atomic_store_seqcst( - (&raw mut THROW_INFO.pCatchableTypeArray).cast(), - ptr_t::new((&raw mut CATCHABLE_TYPE_ARRAY).cast()).raw(), - ); - atomic_store_seqcst( - (&raw mut CATCHABLE_TYPE_ARRAY.arrayOfCatchableTypes[0]).cast(), - ptr_t::new((&raw mut CATCHABLE_TYPE).cast()).raw(), - ); - atomic_store_seqcst( - (&raw mut CATCHABLE_TYPE.pType).cast(), - ptr_t::new((&raw mut TYPE_DESCRIPTOR).cast()).raw(), - ); - atomic_store_seqcst( - (&raw mut CATCHABLE_TYPE.copyFunction).cast(), - ptr_t::new(exception_copy as *mut u8).raw(), - ); + unsafe { + atomic_store_seqcst( + (&raw mut THROW_INFO.pmfnUnwind).cast(), + ptr_t::new(exception_cleanup as *mut u8).raw(), + ); + atomic_store_seqcst( + (&raw mut THROW_INFO.pCatchableTypeArray).cast(), + ptr_t::new((&raw mut CATCHABLE_TYPE_ARRAY).cast()).raw(), + ); + atomic_store_seqcst( + (&raw mut CATCHABLE_TYPE_ARRAY.arrayOfCatchableTypes[0]).cast(), + ptr_t::new((&raw mut CATCHABLE_TYPE).cast()).raw(), + ); + atomic_store_seqcst( + (&raw mut CATCHABLE_TYPE.pType).cast(), + ptr_t::new((&raw mut TYPE_DESCRIPTOR).cast()).raw(), + ); + atomic_store_seqcst( + (&raw mut CATCHABLE_TYPE.copyFunction).cast(), + ptr_t::new(exception_copy as *mut u8).raw(), + ); + } unsafe extern "system-unwind" { fn _CxxThrowException(pExceptionObject: *mut c_void, pThrowInfo: *mut u8) -> !; } - _CxxThrowException(throw_ptr, (&raw mut THROW_INFO) as *mut _); + unsafe { + _CxxThrowException(throw_ptr, (&raw mut THROW_INFO) as *mut _); + } } pub(crate) unsafe fn cleanup(payload: *mut u8) -> Box { - // A null payload here means that we got here from the catch (...) of - // __rust_try. This happens when a non-Rust foreign exception is caught. - if payload.is_null() { - super::__rust_foreign_exception(); + unsafe { + // A null payload here means that we got here from the catch (...) of + // __rust_try. This happens when a non-Rust foreign exception is caught. + if payload.is_null() { + super::__rust_foreign_exception(); + } + let exception = payload as *mut Exception; + let canary = (&raw const (*exception).canary).read(); + if !core::ptr::eq(canary, &raw const TYPE_DESCRIPTOR) { + // A foreign Rust exception. + super::__rust_foreign_exception(); + } + (*exception).data.take().unwrap() } - let exception = payload as *mut Exception; - let canary = (&raw const (*exception).canary).read(); - if !core::ptr::eq(canary, &raw const TYPE_DESCRIPTOR) { - // A foreign Rust exception. - super::__rust_foreign_exception(); - } - (*exception).data.take().unwrap() }