Closed
Description
For example:
struct Bomb;
impl Drop for Bomb {
fn drop(&mut self) {
println!("foo");
}
}
fn main() {
let _a = Bomb;
foo();
}
fn foo() {
unsafe { *(0 as *mut i32) = 0; }
}On Unix this doesn't print anything where as on Windows it will print foo. While initially intentional I'm thinking that this may seem like a bad idea now.
This is happening because in Windows faults like segfaults (or illegal instructions) all go through the same error handling mechanism that normal program exceptions go through. Our cleanups (aka drop code) are registered using cleanuppad instructions with no extra arguments which essentially means "run this cleanup for all exceptions".
This... may or may not be memory safe. I'd personally find it surprising that we keep running code after a segfault or illegal instruction, I'd prefer Unix's semantics where no more Rust code is run at least.