Make depending on "unwinding" conditional on cfg(panic = "unwind"). (#149)

* Make depending on "unwinding" conditional on  `cfg(panic = "unwind)`.

Using `cfg(panic = "unwind")` in Cargo.toml means we can avoid depending on the "unwinding" crate when unwinding isn't enabled. This avoids nbdd0121/unwinding#39.

* Use a unique crate name in origin-start-dynamic-linker.

* Add a panic=abort example.

Author: sunfishcode

Cargo.toml

@@ -41,7 +41,9 @@ errno = { version = "0.3.3", default-features = false, optional = true }
 core = { version = "1.0.0", optional = true, package = "rustc-std-workspace-core" }
 alloc = { version = "1.0.0", optional = true, package = "rustc-std-workspace-alloc" }
 
-[target.'cfg(not(target_arch = "arm"))'.dependencies.unwinding]
+# Use the unwinding crate if support for unwinding is needed. This depends on
+# nightly Rust. And it's not supported on ARM yet.
+[target.'cfg(all(panic = "unwind", not(target_arch = "arm")))'.dependencies.unwinding]
 version = "0.2.3"
 default-features = false
 features = ["unwinder"]
@@ -64,8 +66,8 @@ assert_cmd = "2.0.12"
 default = ["std", "log", "libc", "errno", "signal", "init-fini-arrays", "program-at-exit", "thread-at-exit"]
 
 # If you're using nightly Rust, enable this feature to let origin use
-# nightly-only features, which include proper support for unwinding, better
-# safety checks, and better optimizations.
+# nightly-only features, which include proper support for unwinding (if
+# enabled), better safety checks, and better optimizations.
 nightly = ["unwinding"]
 
 # Enable optimizations that reduce code size (at the cost of performance).
@@ -146,7 +148,7 @@ param = ["rustix/param"]
 # [the "personality" feature of the unwinding crate] for more details.
 #
 # [the "personality" feature of the unwinding crate]: https://crates.io/crates/unwinding#personality-and-other-utilities
-eh-personality = ["unwinding?/personality"]
+eh-personality = ["unwinding/personality"]
 
 # Provide a `#[lang = eh_personality]` function that just returns
 # `CONTINUE_UNWIND` (for no-std). Use this if you know your program will never
@@ -162,7 +164,7 @@ eh-personality-continue = ["unwinding?/personality-dummy"]
 # [the "panic-handler" feature of the unwinding crate] for more details.
 #
 # [the "panic-handler" feature of the unwinding crate]: https://crates.io/crates/unwinding#personality-and-other-utilities
-panic-handler = ["unwinding?/panic-handler"]
+panic-handler = ["unwinding/panic-handler"]
 
 # Provide a `#[panic_handler]` function that just traps (for no-std). Use this
 # if you know your program will never panic and don't want any extra code.

example-crates/origin-start-dynamic-linker/Cargo.toml

@@ -1,5 +1,5 @@
 [package]
-name = "origin-start"
+name = "origin-start-dynamic-linker"
 version = "0.0.0"
 edition = "2021"
 publish = false

example-crates/origin-start-panic-abort/Cargo.toml

@@ -0,0 +1,22 @@
+[package]
+name = "origin-start-panic-abort"
+version = "0.0.0"
+edition = "2021"
+publish = false
+
+[dependencies]
+# Origin can be depended on just like any other crate. For no_std, disable
+# the default features, and the desired features.
+origin = { path = "../..", default-features = false, features = ["origin-start", "program-at-exit", "thread-at-exit", "eh-personality-continue", "panic-handler-trap", "nightly"] }
+
+# Crates to help writing no_std code.
+atomic-dbg = { version = "0.1.8", default-features = false }
+rustix-dlmalloc = { version = "0.1.0", features = ["global"] }
+
+[profile.dev]
+panic = "abort"
+[profile.release]
+panic = "abort"
+
+# This is just an example crate, and not part of the origin workspace.
+[workspace]

example-crates/origin-start-panic-abort/README.md

@@ -0,0 +1,4 @@
+Like the [origin-start example], but uses panic=abort in Cargo.toml instead of
+enabling origin's "unwinding" feature.
+
+[origin-start example]: https://github.com/sunfishcode/origin/blob/main/example-crates/origin-start/README.md

example-crates/origin-start-panic-abort/build.rs

@@ -0,0 +1,5 @@
+fn main() {
+    // Pass -nostartfiles to the linker. In the future this could be obviated
+    // by a `no_entry` feature: <https://github.com/rust-lang/rfcs/pull/2735>
+    println!("cargo:rustc-link-arg=-nostartfiles");
+}

example-crates/origin-start-panic-abort/src/main.rs

@@ -0,0 +1,44 @@
+//! A simple example using `no_std` and `no_main` and origin's start.
+
+#![no_std]
+#![no_main]
+
+extern crate alloc;
+
+use alloc::boxed::Box;
+use atomic_dbg::eprintln;
+use origin::{program, thread};
+
+#[global_allocator]
+static GLOBAL_ALLOCATOR: rustix_dlmalloc::GlobalDlmalloc = rustix_dlmalloc::GlobalDlmalloc;
+
+#[no_mangle]
+unsafe fn origin_main(_argc: usize, _argv: *mut *mut u8, _envp: *mut *mut u8) -> i32 {
+    eprintln!("Hello from main thread");
+
+    program::at_exit(Box::new(|| {
+        eprintln!("Hello from a `program::at_exit` handler")
+    }));
+    thread::at_exit(Box::new(|| {
+        eprintln!("Hello from a main-thread `thread::at_exit` handler")
+    }));
+
+    let thread = thread::create(
+        |_args| {
+            eprintln!("Hello from child thread");
+            thread::at_exit(Box::new(|| {
+                eprintln!("Hello from child thread's `thread::at_exit` handler")
+            }));
+            None
+        },
+        &[],
+        thread::default_stack_size(),
+        thread::default_guard_size(),
+    )
+    .unwrap();
+
+    thread::join(thread);
+
+    eprintln!("Goodbye from main");
+    program::exit(0);
+}

src/arch/aarch64.rs

@@ -1,15 +1,21 @@
 //! Architecture-specific assembly code.
 
+#[cfg(any(
+    feature = "take-charge",
+    all(not(feature = "unwinding"), feature = "panic-handler-trap")
+))]
 use core::arch::asm;
 #[cfg(all(feature = "experimental-relocate", feature = "origin-start"))]
 #[cfg(relocation_model = "pic")]
 use linux_raw_sys::elf::{Elf_Dyn, Elf_Ehdr};
+#[cfg(feature = "take-charge")]
 #[cfg(feature = "signal")]
 #[cfg(test)]
 use linux_raw_sys::general::__NR_rt_sigreturn;
 #[cfg(all(feature = "experimental-relocate", feature = "origin-start"))]
 #[cfg(relocation_model = "pic")]
 use linux_raw_sys::general::{__NR_mprotect, PROT_READ};
+#[cfg(feature = "take-charge")]
 #[cfg(feature = "thread")]
 use {
     core::ffi::c_void,
@@ -43,6 +49,10 @@ naked_fn!(
 /// Execute a trap instruction.
 ///
 /// This is roughly equivalent to `core::intrinsics::abort()`.
+#[cfg(any(
+    feature = "take-charge",
+    all(not(feature = "unwinding"), feature = "panic-handler-trap")
+))]
 pub(super) fn trap() -> ! {
     unsafe {
         asm!("brk #0x1", options(noreturn, nostack));
@@ -178,6 +188,7 @@ pub(super) unsafe fn relocation_mprotect_readonly(ptr: usize, len: usize) {
 }
 
 /// The required alignment for the stack pointer.
+#[cfg(feature = "take-charge")]
 #[cfg(feature = "thread")]
 pub(super) const STACK_ALIGNMENT: usize = 16;
 
@@ -186,6 +197,7 @@ pub(super) const STACK_ALIGNMENT: usize = 16;
 /// This can't be implemented in `rustix` because the child starts executing at
 /// the same point as the parent and we need to use inline asm to have the
 /// child jump to our new-thread entrypoint.
+#[cfg(feature = "take-charge")]
 #[cfg(feature = "thread")]
 #[inline]
 pub(super) unsafe fn clone(
@@ -228,6 +240,7 @@ pub(super) unsafe fn clone(
 }
 
 /// Write a value to the platform thread-pointer register.
+#[cfg(feature = "take-charge")]
 #[cfg(feature = "thread")]
 #[inline]
 pub(super) unsafe fn set_thread_pointer(ptr: *mut c_void) {
@@ -236,6 +249,7 @@ pub(super) unsafe fn set_thread_pointer(ptr: *mut c_void) {
 }
 
 /// Read the value of the platform thread-pointer register.
+#[cfg(feature = "take-charge")]
 #[cfg(feature = "thread")]
 #[inline]
 pub(super) fn thread_pointer() -> *mut c_void {
@@ -248,11 +262,13 @@ pub(super) fn thread_pointer() -> *mut c_void {
 }
 
 /// TLS data starts at the location pointed to by the thread pointer.
+#[cfg(feature = "take-charge")]
 #[cfg(feature = "thread")]
 pub(super) const TLS_OFFSET: usize = 0;
 
 /// `munmap` the current thread, then carefully exit the thread without
 /// touching the deallocated stack.
+#[cfg(feature = "take-charge")]
 #[cfg(feature = "thread")]
 #[inline]
 pub(super) unsafe fn munmap_and_exit_thread(map_addr: *mut c_void, map_len: usize) -> ! {
@@ -271,6 +287,7 @@ pub(super) unsafe fn munmap_and_exit_thread(map_addr: *mut c_void, map_len: usiz
     );
 }
 
+#[cfg(feature = "take-charge")]
 #[cfg(feature = "signal")]
 naked_fn!(
     "
@@ -289,7 +306,8 @@ naked_fn!(
     "udf #16";
     //__NR_rt_sigreturn = const __NR_rt_sigreturn // TODO: Use this when `asm_const` is stabilized.
 );
-#[cfg(test)] // TODO: obviate this
+#[cfg(feature = "take-charge")]
+#[test] // TODO: obviate this
 fn test_rt_sigreturn() {
     assert_eq!(__NR_rt_sigreturn, 139);
 }
@@ -302,5 +320,6 @@ fn test_rt_sigreturn() {
 ///
 /// This function must never be called other than by the `sa_restorer`
 /// mechanism.
+#[cfg(feature = "take-charge")]
 #[cfg(feature = "signal")]
 pub(super) use return_from_signal_handler as return_from_signal_handler_noinfo;

src/arch/arm.rs

@@ -1,15 +1,21 @@
 //! Architecture-specific assembly code.
 
+#[cfg(any(
+    feature = "take-charge",
+    all(not(feature = "unwinding"), feature = "panic-handler-trap")
+))]
 use core::arch::asm;
 #[cfg(all(feature = "experimental-relocate", feature = "origin-start"))]
 #[cfg(relocation_model = "pic")]
 use linux_raw_sys::elf::{Elf_Dyn, Elf_Ehdr};
 #[cfg(all(feature = "experimental-relocate", feature = "origin-start"))]
 #[cfg(relocation_model = "pic")]
 use linux_raw_sys::general::{__NR_mprotect, PROT_READ};
+#[cfg(feature = "take-charge")]
 #[cfg(feature = "signal")]
 #[cfg(test)]
 use linux_raw_sys::general::{__NR_rt_sigreturn, __NR_sigreturn};
+#[cfg(feature = "take-charge")]
 #[cfg(feature = "thread")]
 use {
     core::ffi::c_void,
@@ -43,6 +49,10 @@ naked_fn!(
 /// Execute a trap instruction.
 ///
 /// This is roughly equivalent to `core::intrinsics::abort()`.
+#[cfg(any(
+    feature = "take-charge",
+    all(not(feature = "unwinding"), feature = "panic-handler-trap")
+))]
 pub(super) fn trap() -> ! {
     unsafe {
         asm!(".inst 0xe7ffdefe", options(noreturn, nostack));
@@ -190,6 +200,7 @@ pub(super) unsafe fn relocation_mprotect_readonly(ptr: usize, len: usize) {
 }
 
 /// The required alignment for the stack pointer.
+#[cfg(feature = "take-charge")]
 #[cfg(feature = "thread")]
 pub(super) const STACK_ALIGNMENT: usize = 4;
 
@@ -198,6 +209,7 @@ pub(super) const STACK_ALIGNMENT: usize = 4;
 /// This can't be implemented in `rustix` because the child starts executing at
 /// the same point as the parent and we need to use inline asm to have the
 /// child jump to our new-thread entrypoint.
+#[cfg(feature = "take-charge")]
 #[cfg(feature = "thread")]
 #[inline]
 pub(super) unsafe fn clone(
@@ -241,6 +253,7 @@ pub(super) unsafe fn clone(
 }
 
 /// Write a value to the platform thread-pointer register.
+#[cfg(feature = "take-charge")]
 #[cfg(feature = "thread")]
 #[inline]
 pub(super) unsafe fn set_thread_pointer(ptr: *mut c_void) {
@@ -250,6 +263,7 @@ pub(super) unsafe fn set_thread_pointer(ptr: *mut c_void) {
 }
 
 /// Read the value of the platform thread-pointer register.
+#[cfg(feature = "take-charge")]
 #[cfg(feature = "thread")]
 #[inline]
 pub(super) fn thread_pointer() -> *mut c_void {
@@ -262,11 +276,13 @@ pub(super) fn thread_pointer() -> *mut c_void {
 }
 
 /// TLS data starts at the location pointed to by the thread pointer.
+#[cfg(feature = "take-charge")]
 #[cfg(feature = "thread")]
 pub(super) const TLS_OFFSET: usize = 0;
 
 /// `munmap` the current thread, then carefully exit the thread without
 /// touching the deallocated stack.
+#[cfg(feature = "take-charge")]
 #[cfg(feature = "thread")]
 #[inline]
 pub(super) unsafe fn munmap_and_exit_thread(map_addr: *mut c_void, map_len: usize) -> ! {
@@ -285,6 +301,7 @@ pub(super) unsafe fn munmap_and_exit_thread(map_addr: *mut c_void, map_len: usiz
     );
 }
 
+#[cfg(feature = "take-charge")]
 #[cfg(feature = "signal")]
 naked_fn!(
     "
@@ -303,11 +320,13 @@ naked_fn!(
     "udf #16";
     //__NR_rt_sigreturn = const __NR_rt_sigreturn // TODO: Use this when `asm_const` is stabilized.
 );
-#[cfg(test)] // TODO: obviate this
+#[cfg(feature = "take-charge")]
+#[test] // TODO: obviate this
 fn test_rt_sigreturn() {
     assert_eq!(__NR_rt_sigreturn, 173);
 }
 
+#[cfg(feature = "take-charge")]
 #[cfg(feature = "signal")]
 naked_fn!(
     "
@@ -326,7 +345,8 @@ naked_fn!(
     "udf #16";
     //__NR_sigreturn = const __NR_sigreturn // TODO: Use this when `asm_const` is stabilized.
 );
-#[cfg(test)] // TODO: obviate this
+#[cfg(feature = "take-charge")]
+#[test] // TODO: obviate this
 fn test_sigreturn() {
     assert_eq!(__NR_sigreturn, 119);
 }