Drop, panic, and abort
What happens in detail when values drop?
Drop-Order
Rust generally guarantees drop order (RFC1857)
Drop-Order
- Values are dropped at the end of their scope
- The order is the reverse introduction order
- Unbound values drop immediately
- Structure fields are dropped first to last
Destructors
Sometimes, certain actions must be taken before deallocation.
For this, the Drop
trait can be implemented.
struct LevelDB {
handle: *mut leveldb_database_t
}
impl Drop for LevelDB {
fn drop(&mut self) {
unsafe { leveldb_close(self.handle) };
}
}
Warning!
Destructors cannot return errors.
Also possible
Explicit destruction of a value through a consuming function. This cannot be statically enforced currently.
Implementing a Drop
-bomb (a failing destructor) can make sure this error is caught early.
Panics
Rust also has another error mechanism: panic!
fn main() { panicking_function(); } fn panicking_function() { panic!("gosh, don't call me!"); }
In case of a panic, the following happens:
- The current thread immediately halts
- The stack is unwound
- All affected values are dropped and their destructors run
Panics are implementation-wise similar to C++-Exceptions, but should only be used for fatal errors. They cannot be (normally) caught.
The affected thread dies.
Catching Panics
Panicking across FFI-boundaries is undefined behaviour. In these cases, panics must be caught. For cases like this, there are std::panic::catch-unwind and std::panic::resume-unwind.
Hooks
std::panic::set_hook allows setting a global handler that is run before the unwinding happens.
In general, Result
is always the right way to propagate errors if they are to be handled.
Abort
In some environments, unwinding on panic!
is not very meaningful. For those cases, rustc
and cargo
have a switch that immediately aborts the program on panic.
The panic hook is executed.
Double-panics
Panicking while a panic is being handled - for example in a destructor - invokes undefined behaviour. For that reason, the program will immediately abort.