-
Notifications
You must be signed in to change notification settings - Fork 12.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Revert Break into the debugger on panic (129019) #130846
Conversation
Oh, nevermind, I must be in a time bubble -- beta is 1.82 right now. |
Revert Break into the debugger on panic (129019) This was talked about a bit at a recent libs meeting. While I think experimenting with this is worthwhile, I am nervous about this new behaviour reaching stable. We've already reverted on one tier 1 platform (Linux, rust-lang#130810) which means we have differing semantics on different tier 1 platforms. Also the fact it triggers even when `catch_unwind` is used to catch the panic means it can be very noisy in some projects. At the very least I think it could use some more discussion before being instantly stable. I think this could maybe be re-landed with an environment variable to control/override the behaviour. But that part would likely need a libs-api decision. cc `@workingjubilee` `@kromych`
Appreciate taking great care of this! To make experimentation easier, I've published https://crates.io/crates/dbg_breakpoint that has all that there has been in the PR being reverted, and also some more. |
…iaskrgr Rollup of 5 pull requests Successful merges: - rust-lang#129687 (Implement RFC3137 trim-paths sysroot changes - take 2) - rust-lang#129759 (Stabilize `const_refs_to_static`) - rust-lang#130329 (Reorder stack spills so that constants come later.) - rust-lang#130845 (Utf8Chunks: add link to Utf8Chunk) - rust-lang#130846 (Revert Break into the debugger on panic (129019)) r? `@ghost` `@rustbot` modify labels: rollup
fwiw (as an rr maintainer) I don't think breaking rr is necessarily a showstopper. rr is powerful enough that we could hide ourselves from the tracee (by faking the reads from The one big question I have about this feature is why the interactive debugger needs the standard library to cooperate at all? Why can't it just set a breakpoint on |
I believe it can. One needs to know the name of the panic function, and if it ever changes, that causes pain to the folks who do that. On one side there is a workflow of just starting the debugger and running the program and waiting for the panic, on the other side, knowing the name of the function and entering the command. The former seems as fewer steps or less setting up. |
Fewer steps, but less flexible and more fragile, as we're seeing. For example, if the standard library does it it's harder and weirder to turn off at runtime and as we're seeing, just not a decision the standard library is on a position to make. "debuggers" like strace really don't want this, and it's up to the debugger to decide if they want breakpoints or not. |
more specifically, I think the way to progress here is to document/stabilize the existence of a symbol suffix/substring1 (__rust_start_panic or whatever) (I say suffix/substring specifically because the unmangled global symbols are problematic and we shouldn't guarantee the existence of one) and then make debuggers break on that by default. Whether debuggers want to implement that is up to them of course. Footnotes
|
Revert Break into the debugger on panic (129019) This was talked about a bit at a recent libs meeting. While I think experimenting with this is worthwhile, I am nervous about this new behaviour reaching stable. We've already reverted on one tier 1 platform (Linux, rust-lang#130810) which means we have differing semantics on different tier 1 platforms. Also the fact it triggers even when `catch_unwind` is used to catch the panic means it can be very noisy in some projects. At the very least I think it could use some more discussion before being instantly stable. I think this could maybe be re-landed with an environment variable to control/override the behaviour. But that part would likely need a libs-api decision. cc `@workingjubilee` `@kromych`
To be clear, I'm not saying "tell end users to break on __rust_start_panic", I'm saying teach gdb/lldb/Visual Studio/whatever that their "break on exception" knobs should translate to "break on __rust_start_panic" for Rust code. I believe all three of those debuggers have the capability to break on C++ exceptions. Teaching the debuggers what to do instead of just SIGTRAPing also has the not-insignificant benefit that not every user of a debugger will be bombarded with panics regardless of their interest in them. |
The job Click to see the possible cause of the failure (guessed by this bot)
|
💔 Test failed - checks-actions |
@bors retry spurious "Access is denied" on x86_64-msvc-ext |
Until __rust_start_panic is guaranteed to preserve its name and meaning, that'd be another can of worms to change the debuggers. As there is no solution presently that satisfies everyone, a separate crate is where this belongs rather than in std. The only obstacle would be the trap instruction intrinsic available in nightly only, yet that is easily solvable with some elbow grease. These considerations led to the crate above. |
That seems like a pretty actionable next step then -- figure out if __rust_start_panic can be made a guaranteed symbol name, have that blessed by t-libs-api, and add suitable comments in the sources. |
I think we could guarantee that the symbol has that substring, but I don't think we can guarantee that that exact symbol will be used without multiple standard library versions in a single binary conflicting with each other. For example #127173 will mangle the name, but keep it as substring. Also we should probably provide guarantees about rust/library/std/src/panicking.rs Lines 856 to 861 in f2becdf
|
A bit of a silly idea, but what if we just provide something like #[inline(never)]
#[unsafe(no_mangle)]
fn __rust_panic_breakpoint() {} ? An empty function that is called from the actual Or, maybe, if we want some extensibility, we could pass a pointer to it, #[inline(never)]
#[unsafe(no_mangle)]
extern "C" fn __rust_panic_breakpoint(_payload: *const core::ffi::c_void) {} which, for now, will always be I think this way there will be no conflicts between the |
Linkers tend to not like multiple definitions of a symbol even if they are identical. |
Isn't that what COMDAT is for? |
How does C++ deal with that? |
COMDAT or weak symbols I think. Rustc doesn't currently support COMDAT though. |
Violating the One Definition Rule leaves a program ill-formed, "no diagnostic required". Or: Declare it UB. |
C++ implementations try to use those, yes. |
Not if you use the "inline" keyword https://en.cppreference.com/w/cpp/language/inline
|
Using |
Yeah this is quite specifically "we want the symbol in the object file so the debugger can find it" territory. |
Revert Break into the debugger on panic (129019) This was talked about a bit at a recent libs meeting. While I think experimenting with this is worthwhile, I am nervous about this new behaviour reaching stable. We've already reverted on one tier 1 platform (Linux, rust-lang#130810) which means we have differing semantics on different tier 1 platforms. Also the fact it triggers even when `catch_unwind` is used to catch the panic means it can be very noisy in some projects. At the very least I think it could use some more discussion before being instantly stable. I think this could maybe be re-landed with an environment variable to control/override the behaviour. But that part would likely need a libs-api decision. cc `@workingjubilee` `@kromych`
Revert Break into the debugger on panic (129019) This was talked about a bit at a recent libs meeting. While I think experimenting with this is worthwhile, I am nervous about this new behaviour reaching stable. We've already reverted on one tier 1 platform (Linux, rust-lang#130810) which means we have differing semantics on different tier 1 platforms. Also the fact it triggers even when `catch_unwind` is used to catch the panic means it can be very noisy in some projects. At the very least I think it could use some more discussion before being instantly stable. I think this could maybe be re-landed with an environment variable to control/override the behaviour. But that part would likely need a libs-api decision. cc ``@workingjubilee`` ``@kromych``
Revert Break into the debugger on panic (129019) This was talked about a bit at a recent libs meeting. While I think experimenting with this is worthwhile, I am nervous about this new behaviour reaching stable. We've already reverted on one tier 1 platform (Linux, rust-lang#130810) which means we have differing semantics on different tier 1 platforms. Also the fact it triggers even when `catch_unwind` is used to catch the panic means it can be very noisy in some projects. At the very least I think it could use some more discussion before being instantly stable. I think this could maybe be re-landed with an environment variable to control/override the behaviour. But that part would likely need a libs-api decision. cc ```@workingjubilee``` ```@kromych```
Rollup of 7 pull requests Successful merges: - rust-lang#129687 (Implement RFC3137 trim-paths sysroot changes - take 2) - rust-lang#130313 ([`cfg_match`] Generalize inputs) - rust-lang#130706 ([rustdoc] Remove unneeded jinja comments) - rust-lang#130846 (Revert Break into the debugger on panic (129019)) - rust-lang#130873 (rustc_target: Add powerpc64 atomic-related features) - rust-lang#130875 (update `compiler-builtins` to 0.1.126) - rust-lang#130889 (Weekly `cargo update`: only `rustbook`) r? `@ghost` `@rustbot` modify labels: rollup
…kingjubilee Rollup of 8 pull requests Successful merges: - rust-lang#130313 ([`cfg_match`] Generalize inputs) - rust-lang#130706 ([rustdoc] Remove unneeded jinja comments) - rust-lang#130846 (Revert Break into the debugger on panic (129019)) - rust-lang#130875 (update `compiler-builtins` to 0.1.126) - rust-lang#130889 (Weekly `cargo update`: only `rustbook`) - rust-lang#130892 (Partially update `library/Cargo.lock`) - rust-lang#130911 (diagnostics: wrap fn cast suggestions in parens when needed) - rust-lang#130912 (On implicit `Sized` bound on fn argument, point at type instead of pattern) r? `@ghost` `@rustbot` modify labels: rollup
Rollup merge of rust-lang#130846 - ChrisDenton:revert-break, r=Noratrieb Revert Break into the debugger on panic (129019) This was talked about a bit at a recent libs meeting. While I think experimenting with this is worthwhile, I am nervous about this new behaviour reaching stable. We've already reverted on one tier 1 platform (Linux, rust-lang#130810) which means we have differing semantics on different tier 1 platforms. Also the fact it triggers even when `catch_unwind` is used to catch the panic means it can be very noisy in some projects. At the very least I think it could use some more discussion before being instantly stable. I think this could maybe be re-landed with an environment variable to control/override the behaviour. But that part would likely need a libs-api decision. cc ````@workingjubilee```` ````@kromych````
There are some really great ideas here but it might be better to move this to a new issue if someone would be willing to summarise. Or an API Change Proposal if someone wants to make a concrete proposal. It'd be shame if this were left buried in a closed PR. |
This was talked about a bit at a recent libs meeting. While I think experimenting with this is worthwhile, I am nervous about this new behaviour reaching stable. We've already reverted on one tier 1 platform (Linux, #130810) which means we have differing semantics on different tier 1 platforms. Also the fact it triggers even when
catch_unwind
is used to catch the panic means it can be very noisy in some projects.At the very least I think it could use some more discussion before being instantly stable. I think this could maybe be re-landed with an environment variable to control/override the behaviour. But that part would likely need a libs-api decision.
cc @workingjubilee @kromych