From 2e1dabaa1acf008dd7c3b12cfb59bddbe05dba93 Mon Sep 17 00:00:00 2001 From: Daniel Verkamp Date: Tue, 24 Jan 2023 14:12:18 -0800 Subject: [PATCH] base: panic_handler: abort in memfd panic hook The default behavior when handling a panic in a multi-threaded Rust program is to terminate only the thread that panicked; other threads continue running. In order to get a crash dump (and to prevent the program from continuing to run in an inconsistent state), add a call to abort the whole program at the end of the panic hook installed by install_memfd_handler(). The crosvm panic hook configured by set_panic_hook() already behaves this way, but adding this behavior to install_memfd_handler() will cause it to be used in all ChromeOS Rust programs that use the hook from libchromeos. Test program: ``` fn main() { println!("hello world"); install_memfd_handler(); thread::Builder::new() .name("crashtest".into()) .spawn(|| { println!("about to panic"); panic!("test panic"); }) .unwrap(); } println!("continuing to run main"); thread::sleep(Duration::from_secs(1)); } ``` BUG=b:234093439 TEST=panic in multithreaded test program; observe core Change-Id: I2340b2f54607651fe577ebf44a0ecb12e409cef4 Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4190031 Reviewed-by: Allen Webb Commit-Queue: Daniel Verkamp --- base/src/sys/unix/panic_handler.rs | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/base/src/sys/unix/panic_handler.rs b/base/src/sys/unix/panic_handler.rs index fa3ac41e0a..1cd03c93d5 100644 --- a/base/src/sys/unix/panic_handler.rs +++ b/base/src/sys/unix/panic_handler.rs @@ -8,6 +8,7 @@ use std::ffi::CString; use std::io; use std::mem; use std::panic; +use std::process::abort; use super::SharedMemory; @@ -30,6 +31,10 @@ pub fn install_memfd_handler() { // Intentionally leak panic_memfd so it is picked up by the crash handler. mem::forget(panic_memfd); } - hook(p) + hook(p); + + // If this is a multithreaded program, a panic in one thread will not kill the whole + // process. Abort so the entire process gets killed and produces a core dump. + abort(); })); }