Auto merge of #88759 - Amanieu:panic_in_drop, r=nagisa,eddyb

Add -Z panic-in-drop={unwind,abort} command-line option This PR changes `Drop` to abort if an unwinding panic attempts to escape it, making the process abort instead. This has several benefits: - The current behavior when unwinding out of `Drop` is very unintuitive and easy to miss: unwinding continues, but the remaining drops in scope are simply leaked. - A lot of unsafe code doesn't expect drops to unwind, which can lead to unsoundness: - https://github.com/servo/rust-smallvec/issues/14 - https://github.com/bluss/arrayvec/issues/3 - There is a code size and compilation time cost to this: LLVM needs to generate extra landing pads out of all calls in a drop implementation. This can compound when functions are inlined since unwinding will then continue on to process drops in the callee, which can itself unwind, etc. - Initial measurements show a 3% size reduction and up to 10% compilation time reduction on some crates (`syn`). One thing to note about `-Z panic-in-drop=abort` is that *all* crates must be built with this option for it to be sound since it makes the compiler assume that dropping `Box<dyn Any>` will never unwind. cc https://github.com/rust-lang/lang-team/issues/97
2021-09-12 20:48:09 +00:00 · 2021-09-12 20:48:09 +00:00 · 51e514c0fb
commit 51e514c0fb
parent d2dfb0eb8e 5862a0004a
11 changed files with 119 additions and 17 deletions
--- a/compiler/rustc_mir_transform/src/abort_unwinding_calls.rs
+++ b/compiler/rustc_mir_transform/src/abort_unwinding_calls.rs
@ -5,6 +5,7 @@ use rustc_middle::mir::*;
 use rustc_middle::ty::layout;
 use rustc_middle::ty::{self, TyCtxt};
 use rustc_target::spec::abi::Abi;
+use rustc_target::spec::PanicStrategy;

 /// A pass that runs which is targeted at ensuring that codegen guarantees about
 /// unwinding are upheld for compilations of panic=abort programs.
@ -82,10 +83,11 @@ impl<'tcx> MirPass<'tcx> for AbortUnwindingCalls {
                    };
                    layout::fn_can_unwind(tcx, flags, sig.abi())
                }
-                TerminatorKind::Drop { .. }
-                | TerminatorKind::DropAndReplace { .. }
-                | TerminatorKind::Assert { .. }
-                | TerminatorKind::FalseUnwind { .. } => {
+                TerminatorKind::Drop { .. } | TerminatorKind::DropAndReplace { .. } => {
+                    tcx.sess.opts.debugging_opts.panic_in_drop == PanicStrategy::Unwind
+                        && layout::fn_can_unwind(tcx, CodegenFnAttrFlags::empty(), Abi::Rust)
+                }
+                TerminatorKind::Assert { .. } | TerminatorKind::FalseUnwind { .. } => {
                    layout::fn_can_unwind(tcx, CodegenFnAttrFlags::empty(), Abi::Rust)
                }
                _ => continue,