- 
                Notifications
    You must be signed in to change notification settings 
- Fork 13.9k
Description
Originally reported by @SabrinaJewson in #85927
catch_unwind(code) is often used to make sure no panics from code can cause further unwinding/panics. However, when catching a panic with a payload that panics on Drop, most usages of catch_unwind(code) will still result in further unwinding and often unsoundness.
struct Bomb;
impl Drop for Bomb {
    fn drop(&mut self) {
        panic!();
    }
}
std::panic::panic_any(Bomb);Example in rustc (found by @mystor):
rust/compiler/rustc_ast/src/mut_visit.rs
Lines 299 to 300 in 5ea1923
| let new_t = panic::catch_unwind(panic::AssertUnwindSafe(|| f(old_t))) | |
| .unwrap_or_else(|_| process::abort()); | 
Here, the Result containing the panic payload is dropped before abort() is called, which might cause a panic.
Edit: Looks like the _ doesn't cause an immediate drop as a parameter, so this case works fine, possibly by accident.
Another example in the standard library:
Lines 34 to 39 in 5ea1923
| let exit_code = panic::catch_unwind(main); | |
| sys_common::rt::cleanup(); | |
| exit_code.unwrap_or(101) as isize | |
| } | 
fn main() {
    std::panic::panic_any(Bomb);
}thread 'main' panicked at 'Box<Any>', src/main.rs:12:5
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
thread 'main' panicked at 'explicit panic', src/main.rs:7:9
fatal runtime error: failed to initiate panic, error 5
abort (core dumped)
And another case in the proc_macro bridge:
rust/library/proc_macro/src/bridge/server.rs
Lines 115 to 116 in 5ea1923
| panic::catch_unwind(panic::AssertUnwindSafe(call_method)) | |
| .map_err(PanicMessage::from) | 
#[proc_macro]
pub fn hey(_: proc_macro::TokenStream) -> proc_macro::TokenStream {
    std::panic::panic_any(Bomb);
}thread 'rustc' panicked at 'explicit panic', src/lib.rs:5:9
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
error: internal compiler error: unexpected panic
note: the compiler unexpectedly panicked. this is a bug.
note: we would appreciate a bug report: https://github.com/rust-lang/rust/issues/new?labels=C-bug%2C+I-ICE%2C+T-compiler&template=ice.md