• Stars
    star
    758
  • Rank 59,918 (Top 2 %)
  • Language
    Rust
  • License
    Apache License 2.0
  • Created over 6 years ago
  • Updated over 1 year ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Attribute macro to require that the compiler prove a function can't ever panic

#[no_panic]

github crates.io docs.rs build status

A Rust attribute macro to require that the compiler prove a function can't ever panic.

[dependencies]
no-panic = "0.1"
use no_panic::no_panic;

#[no_panic]
fn demo(s: &str) -> &str {
    &s[1..]
}

fn main() {
    println!("{}", demo("input string"));
}

If the function does panic (or the compiler fails to prove that the function cannot panic), the program fails to compile with a linker error that identifies the function name. Let's trigger that by passing a string that cannot be sliced at the first byte:

fn main() {
    println!("{}", demo("\u{1f980}input string"));
}
   Compiling no-panic-demo v0.0.1
error: linking with `cc` failed: exit code: 1
  |
  = note: /no-panic-demo/target/release/deps/no_panic_demo-7170785b672ae322.no_p
anic_demo1-cba7f4b666ccdbcbbf02b7348e5df1b2.rs.rcgu.o: In function `_$LT$no_pani
c_demo..demo..__NoPanic$u20$as$u20$core..ops..drop..Drop$GT$::drop::h72f8f423002
b8d9f':
          no_panic_demo1-cba7f4b666ccdbcbbf02b7348e5df1b2.rs:(.text._ZN72_$LT$no
_panic_demo..demo..__NoPanic$u20$as$u20$core..ops..drop..Drop$GT$4drop17h72f8f42
3002b8d9fE+0x2): undefined reference to `

          ERROR[no-panic]: detected panic in function `demo`
          '
          collect2: error: ld returned 1 exit status

The error is not stellar but notice the ERROR[no-panic] part at the end that provides the name of the offending function.

Compiler support: requires rustc 1.31+


Caveats

  • Functions that require some amount of optimization to prove that they do not panic may no longer compile in debug mode after being marked #[no_panic].

  • Panic detection happens at link time across the entire dependency graph, so any Cargo commands that do not invoke a linker will not trigger panic detection. This includes cargo build of library crates and cargo check of binary and library crates.

  • The attribute is useless in code built with panic = "abort".

If you find that code requires optimization to pass #[no_panic], either make no-panic an optional dependency that you only enable in release builds, or add a section like the following to Cargo.toml to enable very basic optimization in debug builds.

[profile.dev]
opt-level = 1

If the code that you need to prove isn't panicking makes function calls to non-generic non-inline functions from a different crate, you may need thin LTO enabled for the linker to deduce those do not panic.

[profile.release]
lto = "thin"

If you want no_panic to just assume that some function you call doesn't panic, and get Undefined Behavior if it does at runtime, see dtolnay/no-panic#16; try wrapping that call in an unsafe extern "C" wrapper.


Acknowledgments

The linker error technique is based on Kixunil's crate dont_panic. Check out that crate for other convenient ways to require absence of panics.


License

Licensed under either of Apache License, Version 2.0 or MIT license at your option.
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in this crate by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.

More Repositories

1

cxx

Safe interop between Rust and C++
Rust
5,106
star
2

anyhow

Flexible concrete Error type built on std::error::Error
Rust
4,193
star
3

thiserror

derive(Error) for struct and enum error types
Rust
3,352
star
4

proc-macro-workshop

Learn to write Rust procedural macrosโ€ƒโ€ƒ[Rust Latam conference, Montevideo Uruguay, March 2019]
Rust
2,988
star
5

syn

Parser for Rust source code
Rust
2,681
star
6

cargo-expand

Subcommand to show result of macro expansion
Rust
2,644
star
7

async-trait

Type erasure for async trait methods
Rust
1,495
star
8

case-studies

Analysis of various tricky Rust code
Rust
1,340
star
9

rust-quiz

Medium to hard Rust questions with explanations
Rust
1,318
star
10

quote

Rust quasi-quoting
Rust
1,231
star
11

watt

Runtime for executing procedural macros as WebAssembly
Rust
1,062
star
12

typetag

Serde serializable and deserializable trait objects
Rust
888
star
13

paste

Macros for all your token pasting needs
Rust
852
star
14

serde-yaml

Strongly typed YAML library for Rust
Rust
804
star
15

inventory

Typed distributed plugin registration
Rust
714
star
16

rust-toolchain

Concise GitHub Action for installing a Rust toolchain
Shell
621
star
17

trybuild

Test harness for ui tests of compiler diagnostics
Rust
615
star
18

miniserde

Data structure serialization library with several opposite design goals from Serde
Rust
612
star
19

reflect

Compile-time reflection API for developing robust procedural macros (proof of concept)
Rust
602
star
20

request-for-implementation

Crates that don't exist, but should
597
star
21

proc-macro2

Rust
545
star
22

indoc

Indented document literals for Rust
Rust
537
star
23

prettyplease

A minimal `syn` syntax tree pretty-printer
Rust
517
star
24

erased-serde

Type-erased Serialize, Serializer and Deserializer traits
Rust
503
star
25

semver

Parser and evaluator for Cargo's flavor of Semantic Versioning
Rust
500
star
26

dyn-clone

Clone trait that is object-safe
Rust
486
star
27

ryu

Fast floating point to string conversion
Rust
471
star
28

linkme

Safe cross-platform linker shenanigans
Rust
399
star
29

cargo-llvm-lines

Count lines of LLVM IR per generic function
Rust
398
star
30

semver-trick

How to avoid complicated coordinated upgrades
Rust
383
star
31

efg

Conditional compilation using boolean expression syntax, rather than any(), all(), not()
Rust
297
star
32

rust-faq

Frequently Asked Questions ยท The Rust Programming Language
262
star
33

rustversion

Conditional compilation according to rustc compiler version
Rust
256
star
34

itoa

Fast function for printing integer primitives to a decimal string
Rust
248
star
35

path-to-error

Find out path at which a deserialization error occurred
Rust
241
star
36

cargo-tally

Graph the number of crates that depend on your crate over time
Rust
212
star
37

proc-macro-hack

Procedural macros in expression position
Rust
203
star
38

monostate

Type that deserializes only from one specific value
Rust
194
star
39

colorous

Color schemes for charts and maps
Rust
193
star
40

readonly

Struct fields that are made read-only accessible to other modules
Rust
187
star
41

dissimilar

Diff library with semantic cleanup, based on Google's diff-match-patch
Rust
175
star
42

star-history

Graph history of GitHub stars of a user or repo over time
Rust
156
star
43

ref-cast

Safely cast &T to &U where the struct U contains a single field of type T.
Rust
154
star
44

automod

Pull in every source file in a directory as a module
Rust
129
star
45

inherent

Make trait methods callable without the trait in scope
Rust
128
star
46

ghost

Define your own PhantomData
Rust
115
star
47

faketty

Wrapper to exec a command in a pty, even if redirecting the output
Rust
113
star
48

dtoa

Fast functions for printing floating-point primitives to a decimal string
Rust
110
star
49

clang-ast

Rust
108
star
50

seq-macro

Macro to repeat sequentially indexed copies of a fragment of code
Rust
102
star
51

remain

Compile-time checks that an enum or match is written in sorted order
Rust
99
star
52

mashup

Concatenate identifiers in a macro invocation
Rust
96
star
53

noisy-clippy

Rust
84
star
54

tt-call

Token tree calling convention
Rust
77
star
55

basic-toml

Minimal TOML library with few dependencies
Rust
76
star
56

squatternaut

A snapshot of name squatting on crates.io
Rust
73
star
57

serde-ignored

Find out about keys that are ignored when deserializing data
Rust
68
star
58

enumn

Convert number to enum
Rust
66
star
59

bootstrap

Bootstrapping rustc from source
Shell
62
star
60

essay

docs.rs as a publishing platform?
Rust
62
star
61

db-dump

Library for scripting analyses against crates.io's database dumps
Rust
60
star
62

scratch

Compile-time temporary directory shared by multiple crates and erased by `cargo clean`
Rust
59
star
63

gflags

Command line flags library that does not require a central list of all the flags
Rust
55
star
64

install

Fast `cargo install` action using a GitHub-based binary cache
Shell
55
star
65

serde-starlark

Serde serializer for generating Starlark build targets
Rust
53
star
66

oqueue

Non-interleaving multithreaded output queue
Rust
53
star
67

build-alert

Rust
51
star
68

unicode-ident

Determine whether characters have the XID_Start or XID_Continue properties
Rust
51
star
69

lalrproc

Proof of concept of procedural macro input parsed by LALRPOP
Rust
50
star
70

dragonbox

Rust
50
star
71

sha1dir

Checksum of a directory tree
Rust
38
star
72

hackfn

Fake implementation of `std::ops::Fn` for user-defined data types
Rust
38
star
73

reduce

iter.reduce(fn) in Rust
Rust
37
star
74

link-cplusplus

Link libstdc++ or libc++ automatically or manually
Rust
36
star
75

argv

Non-allocating iterator over command line arguments
Rust
33
star
76

get-all-crates

Download .crate files of all versions of all crates from crates.io
Rust
31
star
77

threadbound

Make any value Sync but only available on its original thread
Rust
31
star
78

dircnt

Count directory entriesโ€”`ls | wc -l` but faster
Rust
27
star
79

unsafe-libyaml

libyaml transpiled to rust by c2rust
Rust
27
star
80

serde-stacker

Serializer and Deserializer adapters that avoid stack overflows by dynamically growing the stack
Rust
27
star
81

cargo-unlock

Remove Cargo.lock lockfile
Rust
25
star
82

respan

Macros to erase scope information from tokens
Rust
24
star
83

isatty

libc::isatty that also works on Windows
Rust
21
star
84

iota

Related constants in Rust: 1 << iota
Rust
20
star
85

foreach

18
star
86

bufsize

bytes::BufMut implementation to count buffer size
Rust
18
star
87

hire

How to hire dtolnay
18
star
88

precise

Full precision decimal representation of f64
Rust
17
star
89

dashboard

15
star
90

rustflags

Parser for CARGO_ENCODED_RUSTFLAGS
Rust
13
star
91

libfyaml-rs

Rust binding for libfyaml
Rust
11
star
92

install-buck2

Install precompiled Buck2 build system
6
star
93

mailingset

Set-algebraic operations on mailing lists
Python
5
star
94

.github

5
star
95

jq-gdb

gdb pretty-printer for jv objects
Python
1
star