Behavior of panicking Drop::drop is not properly documented #60611
Labels
A-destructors
Area: Destructors (`Drop`, …)
A-docs
Area: Documentation for any part of the project, including the compiler, standard library, and tools
C-enhancement
Category: An issue proposing an enhancement or a PR with one.
I-needs-decision
Issue: In need of a decision.
T-lang
Relevant to the language team, which will review and decide on the PR/issue.
It was decided in, I think, #14875, that
Drop::drop
can panic, and if this happens, the value must be leaked (at least in a generic context), that is, it cannot be re-dropped again and doing that could invoke UB (that's at least what generic unsafe code needs to assume).This does not appear to be documented anywhere. These semantics make the following snippet have undefined behavior due to double-drops (playground uses
T = Vec<HasDrop>
):To avoid UB, that snippet must be changed to unconditionally leak the value independently of whether
drop_in_place
succeeded or failed:cc @Centril - this might be a T-lang issue, I don't know the best way to word this, and I can't find any RFC designing this part of the language.
The text was updated successfully, but these errors were encountered: