@@ -16,43 +16,33 @@ language features; for instance, out-of-bounds array indexing using the
1616
1717## Unwinding
1818
19- By default, the ` panic! ` macro unwinds Rust frames, just as C++'s ` throw `
20- unwinds C++ frames. This means that as the panic traverses Rust frames, live
21- objects in those frames that implement ` Drop ` will have their ` drop ` methods
22- called. It also enables the runtime to recover from the panic rather than
23- terminating execution.
19+ Panicking may either be recoverable or non-recoverable, though its behavior
20+ must be homogenous throughout program execution. A recoverable panic "unwinds"
21+ Rust frames, just as C++'s ` throw ` unwinds C++ frames. This means that as the
22+ panic traverses Rust frames, live objects in those frames that implement ` Drop `
23+ will have their ` drop ` methods called. Thus, if panic recovery does occur (for
24+ instance at a thread boundary), the objects will have been "cleaned up" just as
25+ if the stack frames had returned normally.
26+
27+ > As long as this guarantee of resource-cleanup is preserved, "unwinding" may
28+ > be implemented without actually using the mechanism used by C++ for the
29+ > target platform.
2430
2531> The Standard Library provides two mechanisms for recovering from a panic,
26- > [ ` catch_unwind ` ] [ fn-catch-unwind ] (which enables a thread to recover) and
27- > [ ` JoinHandle::join ` ] [ join ] (which enables a process to recover without
28- > recovering the thread state ).
32+ > [ ` catch_unwind ` ] [ fn-catch-unwind ] (which enables recovery within the
33+ > panicking thread) and [ ` JoinHandle::join ` ] [ join ] (which enables a process to
34+ > continue execution without recovering the panicked thread ).
2935
3036## Panic runtimes
3137[ top ] : #panic-runtimes
3238
33- The actual behavior of ` panic! ` is controlled by the _ panic runtime_ . The Rust
34- standard library provides two panic runtimes: ` panic_unwind ` (the default) and
35- ` panic_abort ` , which immediately aborts the process. When compiling code that
36- is guaranteed (via a [ compiler option] [ rustc-codegen ] ), the optimizer may
37- assume that unwinding across Rust frames is impossible, which can result in
38- both code-size and runtime speed improvements.
39+ The actual behavior and implementation of ` panic! ` is controlled by the _ panic
40+ runtime_ .
3941
40- ### ` rustc ` codegen and linking
41- [ rustc-codegen ] : #rustc-codegen
42+ > The Rust standard library provides two panic runtimes: ` panic_unwind ` (the
43+ > default) and ` panic_abort ` , which immediately aborts the process (which is
44+ > non-recoverable).
4245
43- ` rustc ` provides two supported runtime strategies:
44-
45- * ` -C panic=unwind ` - this links against ` panic_unwind ` and ensures that
46- unwinding across the compiled frames will perform all appropriate clean-up.
47- In particular, ` drop ` will be called for live ` Drop ` objects.
48- * ` -C panic=abort ` - this links against ` panic_abort ` , and optimizes with the
49- assumption that frames cannot be unwound. Since unwinding does not occur with
50- this runtime, it is impossible to catch a ` panic! ` using ` catch_unwind ` .
51-
52- This codegen option will default to ` unwind ` if not specified, and the value is
53- encoded into the crate metadata.
54-
55- Linking against the actual panic runtime is performed lazily, so that if
56- different crates specify different runtimes, the ` panic_abort ` runtime is
57- preferred. This ensures that ` panic! ` cannot cause a soundness hole by
58- unwinding across Rust frames compiled with ` panic=abort ` .
46+ When compiling code that is guaranteed (via a [ compiler option] [ rustc-codegen ] )
47+ not to unwind, the optimizer may assume that unwinding across Rust frames is
48+ impossible, which can result in both code-size and runtime speed improvements.
0 commit comments