fix: regenerate P18-9, P19-init, P19-acpid patches as -U0 -w resilient format

All 58 base patches now pass repo validate-patches base.

- P18-9-msi-allocation-resilience: regenerated against P0-P18-8 baseline
  with correct upstream content (deamon typo preserved for virtio-netd)
- P19-init-startup-hardening: regenerated against P0-P18-9 baseline
- P19-acpid-startup-hardening: regenerated against P0-P18-9 + P19-init
  baseline with all 39 hunks in -U0 -w format (zero context lines)
This commit is contained in:
2026-05-18 16:05:52 +03:00
parent ecc120b013
commit 419ff3c536
3 changed files with 191 additions and 166 deletions
@@ -1,11 +1,11 @@
diff --git a/drivers/net/virtio-netd/src/main.rs b/drivers/net/virtio-netd/src/main.rs
index 1200cec..0c6663e 100644
index 17d168ef..5271a2f1 100644
--- a/drivers/net/virtio-netd/src/main.rs
+++ b/drivers/net/virtio-netd/src/main.rs
@@ -34,2 +34,7 @@ fn daemon_runner(redox_daemon: daemon::Daemon, pcid_handle: PciFunctionHandle) -
- daemon(redox_daemon, pcid_handle).unwrap();
@@ -34,2 +34,7 @@ fn daemon_runner(daemon: daemon::Daemon, pcid_handle: PciFunctionHandle) -> ! {
- deamon(daemon, pcid_handle).unwrap();
- unreachable!();
+ match daemon(redox_daemon, pcid_handle) {
+ match deamon(daemon, pcid_handle) {
+ Ok(()) => unreachable!(),
+ Err(err) => {
+ log::error!("virtio-netd: fatal error: {err}");
@@ -13,7 +13,7 @@ index 1200cec..0c6663e 100644
+ }
+ }
diff --git a/drivers/pcid/src/driver_interface/irq_helpers.rs b/drivers/pcid/src/driver_interface/irq_helpers.rs
index 28ca077..7ecc9a3 100644
index 28ca077a..39b0b048 100644
--- a/drivers/pcid/src/driver_interface/irq_helpers.rs
+++ b/drivers/pcid/src/driver_interface/irq_helpers.rs
@@ -121 +121 @@ pub fn allocate_aligned_interrupt_vectors(
@@ -142,7 +142,7 @@ index 28ca077..7ecc9a3 100644
@@ -316 +361,0 @@ pub fn pci_allocate_interrupt_vector(
-}
diff --git a/drivers/storage/virtio-blkd/src/main.rs b/drivers/storage/virtio-blkd/src/main.rs
index d21236b..95089eb 100644
index d21236b3..95089eb9 100644
--- a/drivers/storage/virtio-blkd/src/main.rs
+++ b/drivers/storage/virtio-blkd/src/main.rs
@@ -106,2 +106,7 @@ fn daemon_runner(redox_daemon: daemon::Daemon, pcid_handle: PciFunctionHandle) -
@@ -156,7 +156,7 @@ index d21236b..95089eb 100644
+ }
+ }
diff --git a/drivers/usb/xhcid/src/main.rs b/drivers/usb/xhcid/src/main.rs
index d345a52..397971d 100644
index d345a52f..da9cabe1 100644
--- a/drivers/usb/xhcid/src/main.rs
+++ b/drivers/usb/xhcid/src/main.rs
@@ -79,2 +79,3 @@ fn get_int_method(pcid_handle: &mut PciFunctionHandle) -> (Option<File>, Interru
@@ -192,7 +192,7 @@ index d345a52..397971d 100644
+
+ if let Some(irq) = pci_config.func.legacy_interrupt_line {
diff --git a/drivers/virtio-core/src/arch/x86.rs b/drivers/virtio-core/src/arch/x86.rs
index aea86c4..8fdc7ca 100644
index aea86c4a..8fdc7ca6 100644
--- a/drivers/virtio-core/src/arch/x86.rs
+++ b/drivers/virtio-core/src/arch/x86.rs
@@ -26 +26,2 @@ pub fn enable_msix(pcid_handle: &mut PciFunctionHandle) -> Result<File, Error> {
@@ -200,7 +200,7 @@ index aea86c4..8fdc7ca 100644
+ allocate_single_interrupt_vector_for_msi(destination_id)
+ .ok_or(Error::MsiAllocationFailed)?;
diff --git a/drivers/virtio-core/src/transport.rs b/drivers/virtio-core/src/transport.rs
index d3445d2..b961265 100644
index d3445d2d..b961265c 100644
--- a/drivers/virtio-core/src/transport.rs
+++ b/drivers/virtio-core/src/transport.rs
@@ -21,0 +22,2 @@ pub enum Error {
@@ -1,147 +1,18 @@
--- a/drivers/acpid/src/main.rs
+++ b/drivers/acpid/src/main.rs
@@ -32,3 +32,8 @@
- let rxsdt_raw_data: Arc<[u8]> = std::fs::read("/scheme/kernel.acpi/rxsdt")
- .expect("acpid: failed to read `/scheme/kernel.acpi/rxsdt`")
- .into();
+ let rxsdt_raw_data: Arc<[u8]> = match std::fs::read("/scheme/kernel.acpi/rxsdt") {
+ Ok(data) => data.into(),
+ Err(e) => {
+ log::warn!("acpid: failed to read `/scheme/kernel.acpi/rxsdt`: {} — no ACPI", e);
+ daemon.ready();
+ std::process::exit(0);
+ }
+ };
@@ -42 +47,7 @@
- let sdt = self::acpi::Sdt::new(rxsdt_raw_data).expect("acpid: failed to parse [RX]SDT");
+ let sdt = match self::acpi::Sdt::new(rxsdt_raw_data) {
+ Ok(sdt) => sdt,
+ Err(e) => {
+ log::error!("acpid: failed to parse [RX]SDT: {}", e);
+ std::process::exit(1);
+ }
+ };
@@ -52,2 +63 @@
- // TODO: With const generics, the compiler has some way of doing this for static sizes.
- .map(|chunk| <[u8; mem::size_of::<u32>()]>::try_from(chunk).unwrap())
+ .filter_map(|chunk| <[u8; mem::size_of::<u32>()]>::try_from(chunk).ok())
@@ -63 +73 @@
- .map(|chunk| <[u8; mem::size_of::<u64>()]>::try_from(chunk).unwrap())
+ .filter_map(|chunk| <[u8; mem::size_of::<u64>()]>::try_from(chunk).ok())
@@ -68 +78,4 @@
- _ => panic!("acpid: expected [RX]SDT from kernel to be either of those"),
+ _ => {
+ log::error!("acpid: expected [RX]SDT from kernel to be RSDT or XSDT, got {:?}", String::from_utf8_lossy(&sdt.signature));
+ std::process::exit(1);
+ }
@@ -87 +100,4 @@
- common::acquire_port_io_rights().expect("acpid: failed to set I/O privilege level to Ring 3");
+ if let Err(e) = common::acquire_port_io_rights() {
+ log::error!("acpid: failed to set I/O privilege level to Ring 3: {}", e);
+ std::process::exit(1);
+ }
@@ -89,2 +105,7 @@
- let shutdown_pipe = File::open("/scheme/kernel.acpi/kstop")
- .expect("acpid: failed to open `/scheme/kernel.acpi/kstop`");
+ let shutdown_pipe = match File::open("/scheme/kernel.acpi/kstop") {
+ Ok(file) => Some(file),
+ Err(e) => {
+ log::warn!("acpid: failed to open `/scheme/kernel.acpi/kstop`: {} — continuing without shutdown support", e);
+ None
+ }
+ };
@@ -92,2 +113,14 @@
- let mut event_queue = RawEventQueue::new().expect("acpid: failed to create event queue");
- let socket = Socket::nonblock().expect("acpid: failed to create disk scheme");
+ let mut event_queue = match RawEventQueue::new() {
+ Ok(q) => q,
+ Err(e) => {
+ log::error!("acpid: failed to create event queue: {}", e);
+ std::process::exit(1);
+ }
+ };
+ let socket = match Socket::nonblock() {
+ Ok(s) => s,
+ Err(e) => {
+ log::error!("acpid: failed to create disk scheme: {}", e);
+ std::process::exit(1);
+ }
+ };
@@ -98,6 +131,9 @@
- event_queue
- .subscribe(shutdown_pipe.as_raw_fd() as usize, 0, EventFlags::READ)
- .expect("acpid: failed to register shutdown pipe for event queue");
- event_queue
- .subscribe(socket.inner().raw(), 1, EventFlags::READ)
- .expect("acpid: failed to register scheme socket for event queue");
+ if let Some(ref pipe) = shutdown_pipe {
+ if let Err(e) = event_queue.subscribe(pipe.as_raw_fd() as usize, 0, EventFlags::READ) {
+ log::warn!("acpid: failed to register shutdown pipe for event queue: {} — continuing without shutdown support", e);
+ }
+ }
+ if let Err(e) = event_queue.subscribe(socket.inner().raw(), 1, EventFlags::READ) {
+ log::error!("acpid: failed to register scheme socket for event queue: {}", e);
+ std::process::exit(1);
+ }
@@ -105,2 +141,4 @@
- register_sync_scheme(&socket, "acpi", &mut scheme)
- .expect("acpid: failed to register acpi scheme to namespace");
+ if let Err(e) = register_sync_scheme(&socket, "acpi", &mut scheme) {
+ log::error!("acpid: failed to register acpi scheme to namespace: {}", e);
+ std::process::exit(1);
+ }
@@ -110 +148,3 @@
- libredox::call::setrens(0, 0).expect("acpid: failed to enter null namespace");
+ if let Err(e) = libredox::call::setrens(0, 0) {
+ log::warn!("acpid: failed to enter null namespace: {} — continuing", e);
+ }
@@ -114,5 +154,7 @@
- let Some(event) = event_queue
- .next()
- .transpose()
- .expect("acpid: failed to read event file")
- else {
+ let Some(event) = match event_queue.next().transpose() {
+ Ok(e) => e,
+ Err(e) => {
+ log::error!("acpid: failed to read event file: {} — continuing", e);
+ continue;
+ }
+ } else {
@@ -124,6 +166,7 @@
- match handler
- .process_requests_nonblocking(&mut scheme)
- .expect("acpid: failed to process requests")
- {
- ControlFlow::Continue(()) => {}
- ControlFlow::Break(()) => break,
+ match handler.process_requests_nonblocking(&mut scheme) {
+ Ok(ControlFlow::Continue(())) => {}
+ Ok(ControlFlow::Break(())) => break,
+ Err(e) => {
+ log::error!("acpid: failed to process requests: {} — continuing", e);
+ break;
+ }
@@ -132 +175 @@
- } else if event.fd == shutdown_pipe.as_raw_fd() as usize {
+ } else if shutdown_pipe.as_ref().map_or(false, |p| event.fd == p.as_raw_fd() as usize) {
@@ -146 +189,2 @@
- unreachable!("System should have shut down before this is entered");
+ log::error!("System should have shut down before this was reached");
+ std::process::exit(1);
diff --git a/drivers/acpid/src/acpi.rs b/drivers/acpid/src/acpi.rs
index 343533d0..0189c3ad 100644
--- a/drivers/acpid/src/acpi.rs
+++ b/drivers/acpid/src/acpi.rs
@@ -55,3 +55,2 @@
@@ -55,3 +55,2 @@ impl SdtHeader {
- self.length
- .try_into()
- .expect("expected usize to be at least 32 bits")
+ // usize is at least 32 bits on all supported architectures.
+ self.length as usize
@@ -95,0 +95,3 @@
@@ -95,0 +95,3 @@ pub enum InvalidSdtError {
+
+ #[error("bad alignment")]
+ BadAlignment,
@@ -139,3 +141,4 @@
@@ -139,3 +141,4 @@ impl Sdt {
- Err(plain::Error::BadAlignment) => panic!(
- "plain::from_bytes failed due to alignment, but SdtHeader is #[repr(packed)]!"
- ),
@@ -149,12 +20,12 @@
+ log::error!("plain::from_bytes failed due to alignment, but SdtHeader is #[repr(packed)]");
+ return Err(InvalidSdtError::BadAlignment);
+ }
@@ -171 +174,3 @@
@@ -171 +174,3 @@ impl Sdt {
- assert!(pages.len() >= mem::size_of::<SdtHeader>());
+ if pages.len() < mem::size_of::<SdtHeader>() {
+ return Err(TablePhysLoadError::Validity(InvalidSdtError::InvalidSize));
+ }
@@ -174,2 +179,5 @@
@@ -174,2 +179,5 @@ impl Sdt {
- let sdt = plain::from_bytes::<SdtHeader>(&sdt_mem[..mem::size_of::<SdtHeader>()])
- .expect("either alignment is wrong, or the length is too short, both of which are already checked for");
+ let sdt = match plain::from_bytes::<SdtHeader>(&sdt_mem[..mem::size_of::<SdtHeader>()]) {
@@ -162,25 +33,25 @@
+ Err(plain::Error::TooShort) => return Err(TablePhysLoadError::Validity(InvalidSdtError::InvalidSize)),
+ Err(plain::Error::BadAlignment) => return Err(TablePhysLoadError::Validity(InvalidSdtError::BadAlignment)),
+ };
@@ -200 +208,4 @@
@@ -200 +208,4 @@ impl Sdt {
- assert_eq!(left, 0);
+ if left != 0 {
+ log::error!("SDT physical load left {} bytes remaining after loop", left);
+ return Err(TablePhysLoadError::Validity(InvalidSdtError::InvalidSize));
+ }
@@ -213,2 +224,2 @@
@@ -213,2 +224,2 @@ impl Deref for Sdt {
- plain::from_bytes::<SdtHeader>(&self.0)
- .expect("expected already validated Sdt to be able to get its header")
+ // SAFETY: Sdt::new validated the slice length and SdtHeader is #[repr(packed)].
+ unsafe { &*(self.0.as_ptr() as *const SdtHeader) }
@@ -417,3 +428,3 @@
@@ -444,3 +455,3 @@ impl AcpiContext {
- interpreter
- .release_global_lock()
- .expect("Failed to release GIL!"); //TODO: check if this should panic
+ if let Err(e) = interpreter.release_global_lock() {
+ log::error!("Failed to release AML global lock: {:?}", e);
+ }
@@ -435,4 +446,8 @@
@@ -462,4 +473,8 @@ impl AcpiContext {
- .map(|physaddr| {
- let physaddr: usize = physaddr
- .try_into()
@@ -193,7 +64,7 @@
+ return None;
+ }
+ };
@@ -442 +457,7 @@
@@ -469 +484,7 @@ impl AcpiContext {
- Sdt::load_from_physical(physaddr).expect("failed to load physical SDT")
+ match Sdt::load_from_physical(physaddr) {
+ Ok(sdt) => Some(sdt),
@@ -202,7 +73,7 @@
+ None
+ }
+ }
@@ -838,3 +859,4 @@
@@ -865,3 +886,4 @@ impl Fadt {
- Err(plain::Error::BadAlignment) => unreachable!(
- "plain::from_bytes reported bad alignment, but FadtAcpi2Struct is #[repr(packed)]"
- ),
@@ -210,12 +81,12 @@
+ log::error!("plain::from_bytes reported bad alignment for FadtAcpi2Struct, but it is #[repr(packed)]");
+ None
+ }
@@ -849,2 +871,2 @@
@@ -876,2 +898,2 @@ impl Deref for Fadt {
- plain::from_bytes::<FadtStruct>(&self.0 .0)
- .expect("expected FADT struct to already be validated in Deref impl")
+ // SAFETY: Fadt::new validated the slice length and FadtStruct is #[repr(packed)].
+ unsafe { &*(self.0 .0.as_ptr() as *const FadtStruct) }
@@ -863,3 +885,7 @@
@@ -890,3 +912,7 @@ impl Fadt {
- let fadt_sdt = context
- .take_single_sdt(*b"FACP")
- .expect("expected ACPI to always have a FADT");
@@ -226,10 +97,167 @@
+ return;
+ }
+ };
@@ -876,4 +902,2 @@
@@ -903,4 +929,2 @@ impl Fadt {
- Some(fadt2) => usize::try_from(fadt2.x_dsdt).unwrap_or_else(|_| {
- usize::try_from(fadt.dsdt).expect("expected any given u32 to fit within usize")
- }),
- None => usize::try_from(fadt.dsdt).expect("expected any given u32 to fit within usize"),
+ Some(fadt2) => fadt2.x_dsdt as usize,
+ None => fadt.dsdt as usize,
diff --git a/drivers/acpid/src/acpi/dmar/mod.rs b/drivers/acpid/src/acpi/dmar/mod.rs
index ed27849b..c6d335c9 100644
--- a/drivers/acpid/src/acpi/dmar/mod.rs
+++ b/drivers/acpid/src/acpi/dmar/mod.rs
@@ -47,2 +47,2 @@ impl Deref for Dmar {
- plain::from_bytes(self.0.as_slice())
- .expect("expected Dmar struct to already have checked the length, and alignment issues should be impossible due to #[repr(packed)]")
+ // SAFETY: Dmar::new validated the slice length and DmarStruct is #[repr(packed)].
+ unsafe { &*(self.0.as_slice().as_ptr() as *const DmarStruct) }
@@ -78,2 +78 @@ impl Dmar {
- let drhd = dmar_drhd.map();
-
+ if let Some(drhd) = dmar_drhd.map() {
@@ -86,0 +86 @@ impl Dmar {
+ }
@@ -153,2 +153,4 @@ impl DeviceScope {
- let header = plain::from_bytes::<DeviceScopeHeader>(header_bytes)
- .expect("length already checked, and alignment 1 (#[repr(packed)] should suffice");
+ let header = match plain::from_bytes::<DeviceScopeHeader>(header_bytes) {
+ Ok(h) => h,
+ Err(_) => return None,
+ };
@@ -180,2 +182,2 @@ impl Deref for DeviceScope {
- plain::from_bytes(&self.0)
- .expect("expected length to be sufficient, and alignment (due to #[repr(packed)]")
+ // SAFETY: DeviceScope::try_new validated the slice length and DeviceScopeHeader is #[repr(packed)].
+ unsafe { &*(self.0.as_ptr() as *const DeviceScopeHeader) }
@@ -203,2 +205,2 @@ impl DmarDrhd {
- pub fn map(&self) -> DrhdPage {
- let base = usize::try_from(self.base).expect("expected u64 to fit within usize");
+ pub fn map(&self) -> Option<DrhdPage> {
+ let base = usize::try_from(self.base).ok()?;
@@ -206 +208 @@ impl DmarDrhd {
- DrhdPage::map(base).expect("failed to map DRHD registers")
+ DrhdPage::map(base).ok()
@@ -213,2 +215,2 @@ impl Deref for DmarDrhd {
- plain::from_bytes::<DmarDrhdHeader>(&self.0[..mem::size_of::<DmarDrhdHeader>()])
- .expect("length is already checked, and alignment 1 (#[repr(packed)] should suffice")
+ // SAFETY: DmarDrhd::try_new validated the slice length and DmarDrhdHeader is #[repr(packed)].
+ unsafe { &*(self.0.as_ptr() as *const DmarDrhdHeader) }
@@ -255,2 +257,2 @@ impl Deref for DmarRmrr {
- plain::from_bytes(&self.0[..mem::size_of::<DmarRmrrHeader>()])
- .expect("length already checked, and with #[repr(packed)] alignment should be okay")
+ // SAFETY: DmarRmrr::try_new validated the slice length and DmarRmrrHeader is #[repr(packed)].
+ unsafe { &*(self.0.as_ptr() as *const DmarRmrrHeader) }
@@ -296,2 +298,2 @@ impl Deref for DmarAtsr {
- plain::from_bytes(&self.0[..mem::size_of::<DmarAtsrHeader>()])
- .expect("length already checked, and with #[repr(packed)] alignment should be okay")
+ // SAFETY: DmarAtsr::try_new validated the slice length and DmarAtsrHeader is #[repr(packed)].
+ unsafe { &*(self.0.as_ptr() as *const DmarAtsrHeader) }
@@ -325,2 +327,4 @@ impl DmarRhsa {
- let this = plain::from_bytes(bytes)
- .expect("length is already checked, and alignment 1 should suffice (#[repr(packed)])");
+ let this = match plain::from_bytes(bytes) {
+ Ok(t) => t,
+ Err(_) => return None,
+ };
@@ -360,2 +364,2 @@ impl Deref for DmarAndd {
- plain::from_bytes(&self.0[..mem::size_of::<DmarAnddHeader>()])
- .expect("length already checked, and with #[repr(packed)] alignment should be okay")
+ // SAFETY: DmarAndd::try_new validated the slice length and DmarAnddHeader is #[repr(packed)].
+ unsafe { &*(self.0.as_ptr() as *const DmarAnddHeader) }
@@ -403,2 +407,2 @@ impl Deref for DmarSatc {
- plain::from_bytes(&self.0[..mem::size_of::<DmarSatcHeader>()])
- .expect("length already checked, and with #[repr(packed)] alignment should be okay")
+ // SAFETY: DmarSatc::try_new validated the slice length and DmarSatcHeader is #[repr(packed)].
+ unsafe { &*(self.0.as_ptr() as *const DmarSatcHeader) }
@@ -472,4 +476,2 @@ impl<'sdt> Iterator for DmarRawIter<'sdt> {
- let type_bytes = <[u8; 2]>::try_from(type_bytes)
- .expect("expected a 2-byte slice to be convertible to [u8; 2]");
- let len_bytes = <[u8; 2]>::try_from(type_bytes)
- .expect("expected a 2-byte slice to be convertible to [u8; 2]");
+ let type_array = <[u8; 2]>::try_from(type_bytes).ok()?;
+ let len_array = <[u8; 2]>::try_from(len_bytes).ok()?;
@@ -477 +479,2 @@ impl<'sdt> Iterator for DmarRawIter<'sdt> {
- let len = u16::from_ne_bytes(len_bytes) as usize;
+ let ty = u16::from_ne_bytes(type_array);
+ let len = u16::from_ne_bytes(len_array) as usize;
@@ -479,0 +483 @@ impl<'sdt> Iterator for DmarRawIter<'sdt> {
+ log::warn!("DMAR entry header length {} is too small", len);
@@ -483,3 +486,0 @@ impl<'sdt> Iterator for DmarRawIter<'sdt> {
- let ty = u16::from_ne_bytes(type_bytes);
-
-
diff --git a/drivers/acpid/src/main.rs b/drivers/acpid/src/main.rs
index ea3cbaeb..79d739c2 100644
--- a/drivers/acpid/src/main.rs
+++ b/drivers/acpid/src/main.rs
@@ -32,3 +32,8 @@ fn daemon(daemon: daemon::Daemon) -> ! {
- let rxsdt_raw_data: Arc<[u8]> = std::fs::read("/scheme/kernel.acpi/rxsdt")
- .expect("acpid: failed to read `/scheme/kernel.acpi/rxsdt`")
- .into();
+ let rxsdt_raw_data: Arc<[u8]> = match std::fs::read("/scheme/kernel.acpi/rxsdt") {
+ Ok(data) => data.into(),
+ Err(e) => {
+ log::warn!("acpid: failed to read `/scheme/kernel.acpi/rxsdt`: {} — no ACPI", e);
+ daemon.ready();
+ std::process::exit(0);
+ }
+ };
@@ -42 +47,7 @@ fn daemon(daemon: daemon::Daemon) -> ! {
- let sdt = self::acpi::Sdt::new(rxsdt_raw_data).expect("acpid: failed to parse [RX]SDT");
+ let sdt = match self::acpi::Sdt::new(rxsdt_raw_data) {
+ Ok(sdt) => sdt,
+ Err(e) => {
+ log::error!("acpid: failed to parse [RX]SDT: {}", e);
+ std::process::exit(1);
+ }
+ };
@@ -68 +79,4 @@ fn daemon(daemon: daemon::Daemon) -> ! {
- _ => panic!("acpid: expected [RX]SDT from kernel to be either of those"),
+ _ => {
+ log::error!("acpid: expected [RX]SDT from kernel to be RSDT or XSDT, got {:?}", String::from_utf8_lossy(&sdt.signature));
+ std::process::exit(1);
+ }
@@ -87 +101,4 @@ fn daemon(daemon: daemon::Daemon) -> ! {
- common::acquire_port_io_rights().expect("acpid: failed to set I/O privilege level to Ring 3");
+ if let Err(e) = common::acquire_port_io_rights() {
+ log::error!("acpid: failed to set I/O privilege level to Ring 3: {}", e);
+ std::process::exit(1);
+ }
@@ -110 +127,3 @@ fn daemon(daemon: daemon::Daemon) -> ! {
- libredox::call::setrens(0, 0).expect("acpid: failed to enter null namespace");
+ if let Err(e) = libredox::call::setrens(0, 0) {
+ log::warn!("acpid: failed to enter null namespace: {} — continuing", e);
+ }
@@ -114,5 +133,7 @@ fn daemon(daemon: daemon::Daemon) -> ! {
- let Some(event) = event_queue
- .next()
- .transpose()
- .expect("acpid: failed to read event file")
- else {
+ let Some(event) = match event_queue.next().transpose() {
+ Ok(e) => e,
+ Err(e) => {
+ log::error!("acpid: failed to read event file: {} — continuing", e);
+ continue;
+ }
+ } else {
@@ -124,6 +145,7 @@ fn daemon(daemon: daemon::Daemon) -> ! {
- match handler
- .process_requests_nonblocking(&mut scheme)
- .expect("acpid: failed to process requests")
- {
- ControlFlow::Continue(()) => {}
- ControlFlow::Break(()) => break,
+ match handler.process_requests_nonblocking(&mut scheme) {
+ Ok(ControlFlow::Continue(())) => {}
+ Ok(ControlFlow::Break(())) => break,
+ Err(e) => {
+ log::error!("acpid: failed to process requests: {} — continuing", e);
+ continue;
+ }
@@ -146 +168,2 @@ fn daemon(daemon: daemon::Daemon) -> ! {
- unreachable!("System should have shut down before this is entered");
+ log::error!("System should have shut down before this was reached");
+ std::process::exit(1);
@@ -1,23 +1,20 @@
diff --git a/init/src/main.rs b/init/src/main.rs
index 5891b808..b8720e81 100644
--- a/init/src/main.rs
+++ b/init/src/main.rs
@@ -167 +167,8 @@
@@ -167 +167 @@ fn main() {
- UnitId(entry.file_name().unwrap().to_str().unwrap().to_owned()),
+ let file_name = match entry.file_name().to_str() {
+ Some(name) => name.to_owned(),
+ None => {
+ init_warn("skipping non-UTF8 service file name");
+ continue;
+ }
+ };
+ UnitId(file_name)
@@ -174 +181,3 @@
+ UnitId(entry.file_name().map(|n| n.to_str().map(|s| s.to_owned())).flatten().unwrap_or_default()),
@@ -174 +174,3 @@ fn main() {
- libredox::call::setrens(0, 0).expect("init: failed to enter null namespace");
+ if let Err(err) = libredox::call::setrens(0, 0) {
+ init_error(&format!("init: failed to enter null namespace: {}", err));
+ log::warn!("init: failed to enter null namespace: {} — continuing", err);
+ }
diff --git a/init/src/service.rs b/init/src/service.rs
index 10bb9d8a..970c0338 100644
--- a/init/src/service.rs
+++ b/init/src/service.rs
@@ -178,3 +178,11 @@
@@ -178,3 +178,11 @@ impl Service {
- let current_namespace_fd = libredox::call::getns().expect("TODO");
- libredox::call::register_scheme_to_ns(current_namespace_fd, scheme, new_fd)
- .expect("TODO");