Catch panics/unwinding in destruction of TLS values

[flba-eb]

destroy_value is/can be called from C code (libc). Unwinding from Rust to C code is undefined behavior, which is why unwinding is caught here.

This problem caused an infinite loop inside the unwinding code when running src/test/ui/threads-sendsync/issue-24313.rs on a tier 3 target (QNX/Neutrino) on aarch64.

See also https://rust-lang.zulipchat.com/#narrow/stream/182449-t-compiler.2Fhelp/topic/Infinite.20unwinding.20bug.

[rustbot]

r? @m-ou-se

(rustbot has picked a reviewer for you, use r? to override)

[flba-eb]

Is panic::AssertUnwindSafe correct here? Is it allowed to move let ptr = down to limit its scope?

[m-ou-se]

You only have to put the drop() line in the catch_unwind.

[flba-eb]

@m-ou-se Unfortunately the dereferencing of raw pointers needs to be done inside the unsafe block and it cannot be done in a separate unsafe block as we need the variable value (unless we have a quite long unsafe block). I've restored the position of let ptr = ... line as it neither requires catch_unwind nor unsafe and keeps the diff smaller. Is this what you had in mind?

[rustbot]

Hey! It looks like you've submitted a new PR for the library teams!

If this PR contains changes to any rust-lang/rust public library APIs then please comment with @rustbot label +T-libs-api -T-libs to tag it appropriately. If this PR contains changes to any unstable APIs please edit the PR description to add a link to the relevant API Change Proposal or create one if you haven't already. If you're unsure where your change falls no worries, just leave it as is and the reviewer will take a look and make a decision to forward on if necessary.

Examples of T-libs-api changes:

• Stabilizing library features
• Introducing insta-stable changes such as new implementations of existing stable traits on existing stable types
• Introducing new or changing existing unstable library APIs (excluding permanently unstable features / features without a tracking issue)
• Changing public documentation in ways that create new stability guarantees
• Changing observable runtime behavior of library APIs

[m-ou-se]

Can you change the panic message to "thread local panicked on drop"? Then it matches the message of thread results:

rust/library/std/src/thread/mod.rs

Lines 1424 to 1428 in 6a20f7d

	if let Err(_) = panic::catch_unwind(panic::AssertUnwindSafe(|| {
	*self.result.get_mut() = None;
	})) {
	rtabort!("thread result panicked on drop");
	}

[flba-eb]

Great hint, thank & done

[flba-eb]

@rustbot label -S-waiting-on-author +S-waiting-on-review

[m-ou-se]

@bors r+

[bors]

📌 Commit 04a6f22 has been approved by m-ou-se

It is now in the queue for this repository.

[bors]

⌛ Testing commit 04a6f22 with merge 7c99186...

[bors]

☀️ Test successful - checks-actions
Approved by: m-ou-se
Pushing 7c99186 to master...

[rust-timer]

Finished benchmarking commit (7c99186): comparison URL.

Overall result: ❌✅ regressions and improvements - ACTION NEEDED

Next Steps: If you can justify the regressions found in this perf run, please indicate this with @rustbot label: +perf-regression-triaged along with sufficient written justification. If you cannot justify the regressions please open an issue or create a new PR that fixes the regressions, add a comment linking to the newly created issue or PR, and then add the perf-regression-triaged label to this PR.

@rustbot label: +perf-regression
cc @rust-lang/wg-compiler-performance

Instruction count

This is a highly reliable metric that was used to determine the overall result at the top of this comment.

	mean	range	count
Regressions ❌ (primary)	0.7%	[0.3%, 1.9%]	11
Regressions ❌ (secondary)	-	-	0
Improvements ✅ (primary)	-0.3%	[-0.6%, -0.2%]	41
Improvements ✅ (secondary)	-1.8%	[-14.6%, -0.2%]	31
All ❌✅ (primary)	-0.1%	[-0.6%, 1.9%]	52

Max RSS (memory usage)

Results

This is a less reliable metric that may be of interest but was not used to determine the overall result at the top of this comment.

	mean	range	count
Regressions ❌ (primary)	2.6%	[0.4%, 3.4%]	8
Regressions ❌ (secondary)	-	-	0
Improvements ✅ (primary)	-5.0%	[-8.1%, -1.2%]	4
Improvements ✅ (secondary)	-	-	0
All ❌✅ (primary)	0.1%	[-8.1%, 3.4%]	12

Cycles

Results

This is a less reliable metric that may be of interest but was not used to determine the overall result at the top of this comment.

	mean	range	count
Regressions ❌ (primary)	2.4%	[2.2%, 2.7%]	2
Regressions ❌ (secondary)	-	-	0
Improvements ✅ (primary)	-	-	0
Improvements ✅ (secondary)	-5.5%	[-14.9%, -2.3%]	11
All ❌✅ (primary)	2.4%	[2.2%, 2.7%]	2

[rylev]

@m-ou-se @flba-eb I'm not sure I understand where this perf regression is coming from. This does not look like noise as the impact is pretty broad and impacts some of the more stable benchmarks. Some of the benchmarks are showing increased activity in LLVM which might be caused by extra code gen, but this is not the case in all regressions and it certainly doesn't explain the improvements.

Any thoughts?

[flba-eb]

@m-ou-se @flba-eb I'm not sure I understand where this perf regression is coming from. This does not look like noise as the impact is pretty broad and impacts some of the more stable benchmarks. Some of the benchmarks are showing increased activity in LLVM which might be caused by extra code gen, but this is not the case in all regressions and it certainly doesn't explain the improvements.

Any thoughts?

Good question, @rylev . I don't know how CatchUnwind is implemented but I guess it adds a special symbol on the stack which let's the unwinding stop early. On qnx it stops a loop which would run endlessly otherwise (when drop panics) -- I could imagine that on other systems unwinding have a similar issue but have some safety counter to also stop after a high number of e.g. checked frames. In such a case unwinding would stop earlier now (at CatchUnwind instead after reaching some number). But this is really some very wild guess... It also would only make sense if the improved test cases have drop calls that panic.