Skip to content

lang_start in std/src/rt.rs is unsound in presence of panic payload that panics on drop #86030

New issue
New issue
Closed
#86034
Closed
lang_start in std/src/rt.rs is unsound in presence of panic payload that panics on drop#86030
#86034
Assignees
nagisa
Labels
A-runtimeArea: std's runtime and "pre-main" init for handling backtraces, unwinds, stack overflowsC-bugCategory: This is a bug.I-unsoundIssue: A soundness hole (worst kind of bug), see: https://en.wikipedia.org/wiki/SoundnessP-criticalCritical priorityT-libsRelevant to the library team, which will review and decide on the PR/issue.
@nagisa

Description

@nagisa
nagisa
opened on Jun 5, 2021

See #86027 for an example of the problem.

fn main() {
    std::panic::panic_any(Bomb);
}

thread 'main' panicked at 'Box<Any>', src/main.rs:12:5
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
thread 'main' panicked at 'explicit panic', src/main.rs:7:9
fatal runtime error: failed to initiate panic, error 5
abort (core dumped)

Here we panic without any landing pads available upstack, because we are already the top-most(-ish) frame in the first place. This is UB.

Metadata

Metadata

Assignees

Labels

A-runtimeArea: std's runtime and "pre-main" init for handling backtraces, unwinds, stack overflowsC-bugCategory: This is a bug.I-unsoundIssue: A soundness hole (worst kind of bug), see: https://en.wikipedia.org/wiki/SoundnessP-criticalCritical priorityT-libsRelevant to the library team, which will review and decide on the PR/issue.

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions