std: abort the process on failure to allocate a TLS key #141455
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The panic machinery uses TLS, so panicking if no TLS keys are left can lead to infinite recursion (see rust-lang#140798 (comment)). Rather than having separate logic for the panic count and the thread name, just always abort the process if a TLS key allocation fails. This also has the benefit of aligning the key-based TLS implementation with the documentation, which does not mention that a panic could also occur because of resource exhaustion.
rustbot
added
S-waiting-on-review
|
The reasoning at #140798 (comment) makes sense to me and this diff is straightforward enough, r=me with green CI. It would be nice if somebody (@Berrysoft?) could confirm that we get an abort rather than the overflow with this patch. (if this comment posts about 4 times, blame it on the apparent github outage) |
tgross35
approved these changes
Jun 3, 2025
|
May as well get this merged. @Berrysoft if you get the chance, could you see if the behavior you observed changes with this? @bors r+ |
bors
added
S-waiting-on-bors
bors
added a commit
that referenced
this pull request
Jun 3, 2025
Rollup of 8 pull requests Successful merges: - #137725 (Add `iter` macro) - #141455 (std: abort the process on failure to allocate a TLS key) - #141569 (Replace ad-hoc ABI "adjustments" with an `AbiMap` to `CanonAbi`) - #141698 (Use the informative error as the main const eval error message) - #141925 (Remove bootstrap cfgs from library/) - #141943 (Remove pre-expansion AST stats.) - #141945 (Remove `Path::is_ident`.) - #141957 (Add missing `dyn` keywords to tests that do not test for them Part 2) r? `@ghost` `@rustbot` modify labels: rollup
rust-timer
added a commit
that referenced
this pull request
Jun 4, 2025
Rollup merge of #141455 - joboet:tls_exhaustion_abort, r=tgross35 std: abort the process on failure to allocate a TLS key The panic machinery uses TLS, so panicking if no TLS keys are left can lead to infinite recursion (see #140798 (comment)). Rather than having separate logic for the panic count and the thread name, just always abort the process if a TLS key allocation fails. This also has the benefit of aligning the key-based TLS implementation with the documentation, which does not mention that a panic could also occur because of resource exhaustion.
github-actions bot
pushed a commit
to rust-lang/miri
that referenced
this pull request
Jun 4, 2025
Rollup of 8 pull requests Successful merges: - rust-lang/rust#137725 (Add `iter` macro) - rust-lang/rust#141455 (std: abort the process on failure to allocate a TLS key) - rust-lang/rust#141569 (Replace ad-hoc ABI "adjustments" with an `AbiMap` to `CanonAbi`) - rust-lang/rust#141698 (Use the informative error as the main const eval error message) - rust-lang/rust#141925 (Remove bootstrap cfgs from library/) - rust-lang/rust#141943 (Remove pre-expansion AST stats.) - rust-lang/rust#141945 (Remove `Path::is_ident`.) - rust-lang/rust#141957 (Add missing `dyn` keywords to tests that do not test for them Part 2) r? `@ghost` `@rustbot` modify labels: rollup
bjorn3
pushed a commit
to rust-lang/rustc_codegen_cranelift
that referenced
this pull request
Jun 5, 2025
Rollup of 8 pull requests Successful merges: - rust-lang/rust#137725 (Add `iter` macro) - rust-lang/rust#141455 (std: abort the process on failure to allocate a TLS key) - rust-lang/rust#141569 (Replace ad-hoc ABI "adjustments" with an `AbiMap` to `CanonAbi`) - rust-lang/rust#141698 (Use the informative error as the main const eval error message) - rust-lang/rust#141925 (Remove bootstrap cfgs from library/) - rust-lang/rust#141943 (Remove pre-expansion AST stats.) - rust-lang/rust#141945 (Remove `Path::is_ident`.) - rust-lang/rust#141957 (Add missing `dyn` keywords to tests that do not test for them Part 2) r? `@ghost` `@rustbot` modify labels: rollup
tautschnig
pushed a commit
to model-checking/verify-rust-std
that referenced
this pull request
Jun 17, 2025
…oss35 std: abort the process on failure to allocate a TLS key The panic machinery uses TLS, so panicking if no TLS keys are left can lead to infinite recursion (see rust-lang#140798 (comment)). Rather than having separate logic for the panic count and the thread name, just always abort the process if a TLS key allocation fails. This also has the benefit of aligning the key-based TLS implementation with the documentation, which does not mention that a panic could also occur because of resource exhaustion.
tautschnig
pushed a commit
to model-checking/verify-rust-std
that referenced
this pull request
Jun 17, 2025
…iaskrgr Rollup of 8 pull requests Successful merges: - rust-lang#137725 (Add `iter` macro) - rust-lang#141455 (std: abort the process on failure to allocate a TLS key) - rust-lang#141569 (Replace ad-hoc ABI "adjustments" with an `AbiMap` to `CanonAbi`) - rust-lang#141698 (Use the informative error as the main const eval error message) - rust-lang#141925 (Remove bootstrap cfgs from library/) - rust-lang#141943 (Remove pre-expansion AST stats.) - rust-lang#141945 (Remove `Path::is_ident`.) - rust-lang#141957 (Add missing `dyn` keywords to tests that do not test for them Part 2) r? `@ghost` `@rustbot` modify labels: rollup
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The panic machinery uses TLS, so panicking if no TLS keys are left can lead to infinite recursion (see #140798 (comment)). Rather than having separate logic for the panic count and the thread name, just always abort the process if a TLS key allocation fails. This also has the benefit of aligning the key-based TLS implementation with the documentation, which does not mention that a panic could also occur because of resource exhaustion.