search

dtolnay / no-panic

Attribute macro to require that the compiler prove a function can't ever panic
Apache License 2.0
1k stars 13 forks source link

Should this check for allocation failures? #3

Closed saethlin closed 5 years ago

saethlin commented 6 years ago

I was a bit surprised to discover that this code compiles:

#[no_panic]
fn should_this_fail() -> Box<u8> {
    Box::new(0)
}

I did a bit of reading and learned that the Rust allocation failure code doesn't panic, it aborts by calling a specific function. Could this crate use a similar technique to check for failure due to allocation in a function? Or is that out of scope for this project? If so it might be nice to have a note in the README for people like me who are mistaken about how allocation failures work.

dtolnay commented 6 years ago

I don't know of a way to detect aborts with this technique. You could try using metacollect which claims:

This can be useful to determine if

  • ...
  • a function allocates memory