diff options
| author | bors <bors@rust-lang.org> | 2021-09-12 20:48:09 +0000 |
|---|---|---|
| committer | bors <bors@rust-lang.org> | 2021-09-12 20:48:09 +0000 |
| commit | 51e514c0fb4f9afcaae3b02dd9ccb93e15b30ef8 (patch) | |
| tree | 5cc0a4eaf3c88e826459f84b2a623026feed2195 /src/test/codegen | |
| parent | d2dfb0eb8e30d188fb1731e540bc1b418bcd046d (diff) | |
| parent | 5862a0004a65e32ea3a36d33c52e305cd75a69fe (diff) | |
| download | rust-51e514c0fb4f9afcaae3b02dd9ccb93e15b30ef8.tar.gz rust-51e514c0fb4f9afcaae3b02dd9ccb93e15b30ef8.zip | |
Auto merge of #88759 - Amanieu:panic_in_drop, r=nagisa,eddyb
Add -Z panic-in-drop={unwind,abort} command-line option
This PR changes `Drop` to abort if an unwinding panic attempts to escape it, making the process abort instead. This has several benefits:
- The current behavior when unwinding out of `Drop` is very unintuitive and easy to miss: unwinding continues, but the remaining drops in scope are simply leaked.
- A lot of unsafe code doesn't expect drops to unwind, which can lead to unsoundness:
- https://github.com/servo/rust-smallvec/issues/14
- https://github.com/bluss/arrayvec/issues/3
- There is a code size and compilation time cost to this: LLVM needs to generate extra landing pads out of all calls in a drop implementation. This can compound when functions are inlined since unwinding will then continue on to process drops in the callee, which can itself unwind, etc.
- Initial measurements show a 3% size reduction and up to 10% compilation time reduction on some crates (`syn`).
One thing to note about `-Z panic-in-drop=abort` is that *all* crates must be built with this option for it to be sound since it makes the compiler assume that dropping `Box<dyn Any>` will never unwind.
cc https://github.com/rust-lang/lang-team/issues/97
Diffstat (limited to 'src/test/codegen')
| -rw-r--r-- | src/test/codegen/panic-in-drop-abort.rs | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/src/test/codegen/panic-in-drop-abort.rs b/src/test/codegen/panic-in-drop-abort.rs new file mode 100644 index 00000000000..62d093507dd --- /dev/null +++ b/src/test/codegen/panic-in-drop-abort.rs @@ -0,0 +1,54 @@ +// compile-flags: -Z panic-in-drop=abort -O + +// Ensure that unwinding code paths are eliminated from the output after +// optimization. + +#![crate_type = "lib"] +use std::any::Any; +use std::mem::forget; + +pub struct ExternDrop; +impl Drop for ExternDrop { + #[inline(always)] + fn drop(&mut self) { + // This call may potentially unwind. + extern "Rust" { + fn extern_drop(); + } + unsafe { + extern_drop(); + } + } +} + +struct AssertNeverDrop; +impl Drop for AssertNeverDrop { + #[inline(always)] + fn drop(&mut self) { + // This call should be optimized away as unreachable. + extern "C" { + fn should_not_appear_in_output(); + } + unsafe { + should_not_appear_in_output(); + } + } +} + +// CHECK-LABEL: normal_drop +// CHECK-NOT: should_not_appear_in_output +#[no_mangle] +pub fn normal_drop(x: ExternDrop) { + let guard = AssertNeverDrop; + drop(x); + forget(guard); +} + +// CHECK-LABEL: indirect_drop +// CHECK-NOT: should_not_appear_in_output +#[no_mangle] +pub fn indirect_drop(x: Box<dyn Any>) { + let guard = AssertNeverDrop; + drop(x); + forget(guard); +} |