Merge pull request #242 from rust-osdev/x86-interrupt-cc

phil-opp · web-flow · commit 27b39178b627 · 2021-04-11T13:21:43.000+02:00
Fixes for `x86-interrupt` calling convention
diff --git a/Cargo.toml b/Cargo.toml
@@ -22,12 +22,13 @@ license = "MIT/Apache-2.0"
 name = "x86_64"
 readme = "README.md"
 repository = "https://github.com/rust-osdev/x86_64"
-version = "0.13.5"
+version = "0.14.0"
 edition = "2018"
 
 [dependencies]
 bit_field = "0.9.0"
 bitflags = "1.0.4"
+volatile = "0.4.4"
 
 [build-dependencies]
 cc = { version = "1.0.37", optional = true }
diff --git a/Changelog.md b/Changelog.md
@@ -1,5 +1,10 @@
 # Unreleased
 
+# 0.14.0 – 2021-04-11
+
+- **Breaking:** Take the interrupt stack frame by value (not by reference) [#242](https://github.com/rust-osdev/x86_64/pull/242)
+- **Breaking:** Change `InterruptStackFrame::as_mut` to return a `Volatile<_>` wrapper [#242](https://github.com/rust-osdev/x86_64/pull/242)
+
 # 0.13.5 – 2021-04-01
 
 - Add support for `XCR0` register ([#239](https://github.com/rust-osdev/x86_64/pull/239))
diff --git a/src/structures/idt.rs b/src/structures/idt.rs
@@ -16,6 +16,7 @@ use core::fmt;
 use core::marker::PhantomData;
 use core::ops::Bound::{Excluded, Included, Unbounded};
 use core::ops::{Deref, Index, IndexMut, RangeBounds};
+use volatile::Volatile;
 
 /// An Interrupt Descriptor Table with 256 entries.
 ///
@@ -572,18 +573,17 @@ pub struct Entry<F> {
 }
 
 /// A handler function for an interrupt or an exception without error code.
-pub type HandlerFunc = extern "x86-interrupt" fn(&mut InterruptStackFrame);
+pub type HandlerFunc = extern "x86-interrupt" fn(InterruptStackFrame);
 /// A handler function for an exception that pushes an error code.
-pub type HandlerFuncWithErrCode =
-    extern "x86-interrupt" fn(&mut InterruptStackFrame, error_code: u64);
+pub type HandlerFuncWithErrCode = extern "x86-interrupt" fn(InterruptStackFrame, error_code: u64);
 /// A page fault handler function that pushes a page fault error code.
 pub type PageFaultHandlerFunc =
-    extern "x86-interrupt" fn(&mut InterruptStackFrame, error_code: PageFaultErrorCode);
+    extern "x86-interrupt" fn(InterruptStackFrame, error_code: PageFaultErrorCode);
 /// A handler function that must not return, e.g. for a machine check exception.
-pub type DivergingHandlerFunc = extern "x86-interrupt" fn(&mut InterruptStackFrame) -> !;
+pub type DivergingHandlerFunc = extern "x86-interrupt" fn(InterruptStackFrame) -> !;
 /// A handler function with an error code that must not return, e.g. for a double fault exception.
 pub type DivergingHandlerFuncWithErrCode =
-    extern "x86-interrupt" fn(&mut InterruptStackFrame, error_code: u64) -> !;
+    extern "x86-interrupt" fn(InterruptStackFrame, error_code: u64) -> !;
 
 impl<F> Entry<F> {
     /// Creates a non-present IDT entry (but sets the must-be-one bits).
@@ -721,16 +721,22 @@ pub struct InterruptStackFrame {
 impl InterruptStackFrame {
     /// Gives mutable access to the contents of the interrupt stack frame.
     ///
+    /// The `Volatile` wrapper is used because LLVM optimizations remove non-volatile
+    /// modifications of the interrupt stack frame.
+    ///
     /// ## Safety
     ///
     /// This function is unsafe since modifying the content of the interrupt stack frame
     /// can easily lead to undefined behavior. For example, by writing an invalid value to
     /// the instruction pointer field, the CPU can jump to arbitrary code at the end of the
     /// interrupt.
+    ///
+    /// Also, it is not fully clear yet whether modifications of the interrupt stack frame are
+    /// officially supported by LLVM's x86 interrupt calling convention.
     #[allow(clippy::should_implement_trait)]
     #[inline]
-    pub unsafe fn as_mut(&mut self) -> &mut InterruptStackFrameValue {
-        &mut self.value
+    pub unsafe fn as_mut(&mut self) -> Volatile<&mut InterruptStackFrameValue> {
+        Volatile::new(&mut self.value)
     }
 }
 
diff --git a/testing/tests/breakpoint_exception.rs b/testing/tests/breakpoint_exception.rs
@@ -57,6 +57,6 @@ pub fn init_test_idt() {
     TEST_IDT.load();
 }
 
-extern "x86-interrupt" fn breakpoint_handler(_stack_frame: &mut InterruptStackFrame) {
+extern "x86-interrupt" fn breakpoint_handler(_stack_frame: InterruptStackFrame) {
     BREAKPOINT_HANDLER_CALLED.fetch_add(1, Ordering::SeqCst);
 }
diff --git a/testing/tests/double_fault_stack_overflow.rs b/testing/tests/double_fault_stack_overflow.rs
@@ -52,7 +52,7 @@ pub fn init_test_idt() {
 }
 
 extern "x86-interrupt" fn double_fault_handler(
-    _stack_frame: &mut InterruptStackFrame,
+    _stack_frame: InterruptStackFrame,
     _error_code: u64,
 ) -> ! {
     serial_println!("[ok]");

Original file line number	Diff line number	Diff line change
`@@ -57,6 +57,6 @@ pub fn init_test_idt() {`
`57`	`57`	`TEST_IDT.load();`
`58`	`58`	`}`
`59`	`59`
`60`		`-extern "x86-interrupt" fn breakpoint_handler(_stack_frame: &mut InterruptStackFrame) {`
	`60`	`+extern "x86-interrupt" fn breakpoint_handler(_stack_frame: InterruptStackFrame) {`
`61`	`61`	`BREAKPOINT_HANDLER_CALLED.fetch_add(1, Ordering::SeqCst);`
`62`	`62`	`}`
Original file line number	Diff line number	Diff line change
`@@ -52,7 +52,7 @@ pub fn init_test_idt() {`
`52`	`52`	`}`
`53`	`53`
`54`	`54`	`extern "x86-interrupt" fn double_fault_handler(`
`55`		`- _stack_frame: &mut InterruptStackFrame,`
	`55`	`+ _stack_frame: InterruptStackFrame,`
`56`	`56`	`_error_code: u64,`
`57`	`57`	`) -> ! {`
`58`	`58`	`serial_println!("[ok]");`