Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

miri reports ub when panicing inside #[start] function #97049

Closed
matthiaskrgr opened this issue May 14, 2022 · 5 comments
Closed

miri reports ub when panicing inside #[start] function #97049

matthiaskrgr opened this issue May 14, 2022 · 5 comments
Labels
A-miri Area: The miri tool C-bug Category: This is a bug.

Comments

@matthiaskrgr
Copy link
Member

matthiaskrgr commented May 14, 2022
edited
Loading

I tried this code:

// run-pass
// compile-flags: --test

#![feature(start)]

#[start]
fn start(_: isize, _: *const *const u8) -> isize { panic!(); }

miri reports:

thread '<unnamed>' panicked at 'explicit panic', src/main.rs:7:52
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
error: Undefined Behavior: unwinding past the topmost frame of the stack
 --> src/main.rs:7:1
  |
7 | fn start(_: isize, _: *const *const u8) -> isize { panic!(); }
  | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ unwinding past the topmost frame of the stack
  |
  = help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
  = help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information

  = note: inside `start` at src/main.rs:7:1

error: aborting due to previous error

which does not happen when I just panic!() without a #[start] fn
miri 0.1.0 (3b8b6aa 2022-05-06)
@matthiaskrgr matthiaskrgr added C-bug Category: This is a bug. A-miri Area: The miri tool labels May 14, 2022
@saethlin
Copy link
Member

saethlin commented May 15, 2022
edited
Loading

I think Miri is correct here. I'm pretty sure #[start] runs before the Rust runtime is initialized, which means there is nothing to catch a panic. I can't tell if the feature is documented anywhere, the unstable book just links to tracking issue, which dates back to 2015: #29633

But the opening comment does say

In general this forgoes a bit of runtime setup that's normally run before and after main.

Though it's hard to tell if that is normative or correct, being that is an unstable feature and that was 7 years ago.

@asquared31415
Copy link
Contributor

This feature is incredibly poorly documented, and because of that, I think most people end up using platform-specific linker things to get the same result, which leads to less interest in the feature, which means there's less effort to document it, and it's a horrible cycle.

@bjorn3
Copy link
Member

bjorn3 commented May 15, 2022

Libstd's lang_start impl wraps all calls it does in catch_unwind to avoid UB.

@RalfJung
Copy link
Member

It is my understanding that a panic "leaving" the top of the Rust-controlled stack is UB, and that is the check that Miri is implementing here.

Maybe we should add this as a testcase. :D

@RalfJung RalfJung mentioned this issue Jun 19, 2022
Open
@CAD97 CAD97 mentioned this issue Jan 27, 2023
Closed
@RalfJung
Copy link
Member

Miri is correct here, this is UB.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
A-miri Area: The miri tool C-bug Category: This is a bug.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@RalfJung @matthiaskrgr @saethlin @bjorn3 @asquared31415