xref: /aosp_15_r20/external/cronet/build/rust/std/immediate_crash.h (revision 6777b5387eb2ff775bb5750e3f5d96f37fb7352b) 
1 // Copyright 2021 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 // This file has been copied from //base/immediate_crash.h.
6 // TODO(https://crbug.com/1475734): Avoid code duplication / reuse code.
7 
8 #ifndef BUILD_RUST_STD_IMMEDIATE_CRASH_H_
9 #define BUILD_RUST_STD_IMMEDIATE_CRASH_H_
10 
11 #include "build/build_config.h"
12 
13 // Crashes in the fastest possible way with no attempt at logging.
14 // There are several constraints; see http://crbug.com/664209 for more context.
15 //
16 // - TRAP_SEQUENCE_() must be fatal. It should not be possible to ignore the
17 //   resulting exception or simply hit 'continue' to skip over it in a debugger.
18 // - Different instances of TRAP_SEQUENCE_() must not be folded together, to
19 //   ensure crash reports are debuggable. Unlike __builtin_trap(), asm volatile
20 //   blocks will not be folded together.
21 //   Note: TRAP_SEQUENCE_() previously required an instruction with a unique
22 //   nonce since unlike clang, GCC folds together identical asm volatile
23 //   blocks.
24 // - TRAP_SEQUENCE_() must produce a signal that is distinct from an invalid
25 //   memory access.
26 // - TRAP_SEQUENCE_() must be treated as a set of noreturn instructions.
27 //   __builtin_unreachable() is used to provide that hint here. clang also uses
28 //   this as a heuristic to pack the instructions in the function epilogue to
29 //   improve code density.
30 //
31 // Additional properties that are nice to have:
32 // - TRAP_SEQUENCE_() should be as compact as possible.
33 // - The first instruction of TRAP_SEQUENCE_() should not change, to avoid
34 //   shifting crash reporting clusters. As a consequence of this, explicit
35 //   assembly is preferred over intrinsics.
36 //   Note: this last bullet point may no longer be true, and may be removed in
37 //   the future.
38 
39 // Note: TRAP_SEQUENCE Is currently split into two macro helpers due to the fact
40 // that clang emits an actual instruction for __builtin_unreachable() on certain
41 // platforms (see https://crbug.com/958675). In addition, the int3/bkpt/brk will
42 // be removed in followups, so splitting it up like this now makes it easy to
43 // land the followups.
44 
45 #if defined(COMPILER_GCC)
46 
47 #if BUILDFLAG(IS_NACL)
48 
49 // Crash report accuracy is not guaranteed on NaCl.
50 #define TRAP_SEQUENCE1_() __builtin_trap()
51 #define TRAP_SEQUENCE2_() asm volatile("")
52 
53 #elif defined(ARCH_CPU_X86_FAMILY)
54 
55 // TODO(https://crbug.com/958675): In theory, it should be possible to use just
56 // int3. However, there are a number of crashes with SIGILL as the exception
57 // code, so it seems likely that there's a signal handler that allows execution
58 // to continue after SIGTRAP.
59 #define TRAP_SEQUENCE1_() asm volatile("int3")
60 
61 #if BUILDFLAG(IS_APPLE)
62 // Intentionally empty: __builtin_unreachable() is always part of the sequence
63 // (see IMMEDIATE_CRASH below) and already emits a ud2 on Mac.
64 #define TRAP_SEQUENCE2_() asm volatile("")
65 #else
66 #define TRAP_SEQUENCE2_() asm volatile("ud2")
67 #endif  // BUILDFLAG(IS_APPLE)
68 
69 #elif defined(ARCH_CPU_ARMEL)
70 
71 // bkpt will generate a SIGBUS when running on armv7 and a SIGTRAP when running
72 // as a 32 bit userspace app on arm64. There doesn't seem to be any way to
73 // cause a SIGTRAP from userspace without using a syscall (which would be a
74 // problem for sandboxing).
75 // TODO(https://crbug.com/958675): Remove bkpt from this sequence.
76 #define TRAP_SEQUENCE1_() asm volatile("bkpt #0")
77 #define TRAP_SEQUENCE2_() asm volatile("udf #0")
78 
79 #elif defined(ARCH_CPU_ARM64)
80 
81 // This will always generate a SIGTRAP on arm64.
82 // TODO(https://crbug.com/958675): Remove brk from this sequence.
83 #define TRAP_SEQUENCE1_() asm volatile("brk #0")
84 #define TRAP_SEQUENCE2_() asm volatile("hlt #0")
85 
86 #else
87 
88 // Crash report accuracy will not be guaranteed on other architectures, but at
89 // least this will crash as expected.
90 #define TRAP_SEQUENCE1_() __builtin_trap()
91 #define TRAP_SEQUENCE2_() asm volatile("")
92 
93 #endif  // ARCH_CPU_*
94 
95 #elif defined(COMPILER_MSVC)
96 
97 #if !defined(__clang__)
98 
99 // MSVC x64 doesn't support inline asm, so use the MSVC intrinsic.
100 #define TRAP_SEQUENCE1_() __debugbreak()
101 #define TRAP_SEQUENCE2_()
102 
103 #elif defined(ARCH_CPU_ARM64)
104 
105 // Windows ARM64 uses "BRK #F000" as its breakpoint instruction, and
106 // __debugbreak() generates that in both VC++ and clang.
107 #define TRAP_SEQUENCE1_() __debugbreak()
108 // Intentionally empty: __builtin_unreachable() is always part of the sequence
109 // (see IMMEDIATE_CRASH below) and already emits a ud2 on Win64,
110 // https://crbug.com/958373
111 #define TRAP_SEQUENCE2_() __asm volatile("")
112 
113 #else
114 
115 #define TRAP_SEQUENCE1_() asm volatile("int3")
116 #define TRAP_SEQUENCE2_() asm volatile("ud2")
117 
118 #endif  // __clang__
119 
120 #else
121 
122 #error No supported trap sequence!
123 
124 #endif  // COMPILER_GCC
125 
126 #define TRAP_SEQUENCE_() \
127   do {                   \
128     TRAP_SEQUENCE1_();   \
129     TRAP_SEQUENCE2_();   \
130   } while (false)
131 
132 // CHECK() and the trap sequence can be invoked from a constexpr function.
133 // This could make compilation fail on GCC, as it forbids directly using inline
134 // asm inside a constexpr function. However, it allows calling a lambda
135 // expression including the same asm.
136 // The side effect is that the top of the stacktrace will not point to the
137 // calling function, but to this anonymous lambda. This is still useful as the
138 // full name of the lambda will typically include the name of the function that
139 // calls CHECK() and the debugger will still break at the right line of code.
140 #if !defined(COMPILER_GCC) || defined(__clang__)
141 
142 #define WRAPPED_TRAP_SEQUENCE_() TRAP_SEQUENCE_()
143 
144 #else
145 
146 #define WRAPPED_TRAP_SEQUENCE_() \
147   do {                           \
148     [] { TRAP_SEQUENCE_(); }();  \
149   } while (false)
150 
151 #endif  // !defined(COMPILER_GCC) || defined(__clang__)
152 
153 #if defined(__clang__) || defined(COMPILER_GCC)
154 
155 // __builtin_unreachable() hints to the compiler that this is noreturn and can
156 // be packed in the function epilogue.
157 #define IMMEDIATE_CRASH()     \
158   ({                          \
159     WRAPPED_TRAP_SEQUENCE_(); \
160     __builtin_unreachable();  \
161   })
162 
163 #else
164 
165 // This is supporting non-chromium user of logging.h to build with MSVC, like
166 // pdfium. On MSVC there is no __builtin_unreachable().
167 #define IMMEDIATE_CRASH() WRAPPED_TRAP_SEQUENCE_()
168 
169 #endif  // defined(__clang__) || defined(COMPILER_GCC)
170 
171 #endif  // BUILD_RUST_STD_IMMEDIATE_CRASH_H_
172