Auto merge of rust-lang#104134 - dtolnay:panictemporaries, r=joshtriplett

bors · bors · commit eda41addfcf8 · 2023-05-14T16:16:24.000Z
Shorten lifetime of panic temporaries in panic_fmt case This fixes an issue called out by `@fasterthanlime` in https://octodon.social/`@fasterthanlime/109304454114856561.` Macros like `todo!("…")` and `panic!("…", …)` drop their `format_args` temporary at the nearest enclosing semicolon **outside** the macro invocation, not inside the macro invocation. Due to the formatting internals being type-erased in a way that is not thread-safe, this blocks futures from being `Send` if there is an `await` anywhere between the panic call and the nearest enclosing semicolon. **Example:** ```rust #![allow(unreachable_code)] async fn f(_: u8) {} async fn g() { f(todo!("...")).await; } fn require_send(_: impl Send) {} fn main() { require_send(g()); } ``` **Before:** ```console error: future cannot be sent between threads safely --> src/main.rs:15:18 | 15 | require_send(g()); | ^^^ future returned by `g` is not `Send` | = help: the trait `Sync` is not implemented for `core::fmt::Opaque` note: future is not `Send` as this value is used across an await --> src/main.rs:9:20 | 9 | f(todo!("...")).await; | ------------ ^^^^^^ await occurs here, with `$crate::format_args!($($arg)+)` maybe used later | | | has type `ArgumentV1<'_>` which is not `Send` note: `$crate::format_args!($($arg)+)` is later dropped here --> src/main.rs:9:26 | 9 | f(todo!("...")).await; | ^ note: required by a bound in `require_send` --> src/main.rs:12:25 | 12 | fn require_send(_: impl Send) {} | ^^^^ required by this bound in `require_send` ``` **After:** works. Arguably there is a rustc fix that could work here too, instead of a standard library change. Rustc could be taught that the code shown above is fine to compile because the `await` is unreachable and so temporaries before the `await` do not need to get put in the anonymous compiler-generated `Future` struct, regardless of syntactically where they're supposed to be dropped according to the language semantics. I would be open to that, though my recollection is that in the past we have been very hesitant about introducing any smarts into Drop placement. People want the language rules about where temporaries are dropped to be as simplistic and predictable as possible.
diff --git a/library/core/src/panic.rs b/library/core/src/panic.rs
@@ -35,9 +35,11 @@ pub macro panic_2015 {
     ("{}", $arg:expr $(,)?) => (
         $crate::panicking::panic_display(&$arg)
     ),
-    ($fmt:expr, $($arg:tt)+) => (
-        $crate::panicking::panic_fmt($crate::const_format_args!($fmt, $($arg)+))
-    ),
+    ($fmt:expr, $($arg:tt)+) => ({
+        // Semicolon to prevent temporaries inside the formatting machinery from
+        // being considered alive in the caller after the panic_fmt call.
+        $crate::panicking::panic_fmt($crate::const_format_args!($fmt, $($arg)+));
+    }),
 }
 
 #[doc(hidden)]
@@ -53,9 +55,11 @@ pub macro panic_2021 {
     ("{}", $arg:expr $(,)?) => (
         $crate::panicking::panic_display(&$arg)
     ),
-    ($($t:tt)+) => (
-        $crate::panicking::panic_fmt($crate::const_format_args!($($t)+))
-    ),
+    ($($t:tt)+) => ({
+        // Semicolon to prevent temporaries inside the formatting machinery from
+        // being considered alive in the caller after the panic_fmt call.
+        $crate::panicking::panic_fmt($crate::const_format_args!($($t)+));
+    }),
 }
 
 #[doc(hidden)]
diff --git a/library/std/src/panic.rs b/library/std/src/panic.rs
@@ -26,7 +26,9 @@ pub macro panic_2015 {
         $crate::rt::panic_display(&$arg)
     }),
     ($fmt:expr, $($arg:tt)+) => ({
-        $crate::rt::panic_fmt($crate::const_format_args!($fmt, $($arg)+))
+        // Semicolon to prevent temporaries inside the formatting machinery from
+        // being considered alive in the caller after the panic_fmt call.
+        $crate::rt::panic_fmt($crate::const_format_args!($fmt, $($arg)+));
     }),
 }
 
diff --git a/src/tools/clippy/tests/ui/diverging_sub_expression.stderr b/src/tools/clippy/tests/ui/diverging_sub_expression.stderr
@@ -30,19 +30,11 @@ error: sub-expression diverges
 LL |             3 => true || diverge(),
    |                          ^^^^^^^^^
 
-error: sub-expression diverges
-  --> $DIR/diverging_sub_expression.rs:36:30
-   |
-LL |                 _ => true || panic!("boo"),
-   |                              ^^^^^^^^^^^^^
-   |
-   = note: this error originates in the macro `$crate::panic::panic_2021` which comes from the expansion of the macro `panic` (in Nightly builds, run with -Z macro-backtrace for more info)
-
 error: sub-expression diverges
   --> $DIR/diverging_sub_expression.rs:38:26
    |
 LL |             _ => true || break,
    |                          ^^^^^
 
-error: aborting due to 7 previous errors
+error: aborting due to 6 previous errors
 
diff --git a/tests/ui/macros/panic-temporaries.rs b/tests/ui/macros/panic-temporaries.rs
@@ -0,0 +1,19 @@
+// check-pass
+// edition:2021
+
+#![allow(unreachable_code)]
+
+async fn f(_: u8) {}
+
+async fn g() {
+    // Todo returns `!`, so the await is never reached, and in particular the
+    // temporaries inside the formatting machinery are not still alive at the
+    // await point.
+    f(todo!("...")).await;
+}
+
+fn require_send(_: impl Send) {}
+
+fn main() {
+    require_send(g());
+}
diff --git a/tests/ui/macros/rfc-2011-nicer-assert-messages/non-consuming-methods-have-optimized-codegen.stdout b/tests/ui/macros/rfc-2011-nicer-assert-messages/non-consuming-methods-have-optimized-codegen.stdout
@@ -26,7 +26,7 @@ fn arbitrary_consuming_method_for_demonstration_purposes() {
 
                 {
                     ::std::rt::panic_fmt(format_args!("Assertion failed: elem as usize\nWith captures:\n  elem = {0:?}\n",
-                            __capture0))
+                            __capture0));
                 }
             }
     };
@@ -42,7 +42,7 @@ fn addr_of() {
                 (&::core::asserting::Wrapper(__local_bind0)).try_capture(&mut __capture0);
                 {
                     ::std::rt::panic_fmt(format_args!("Assertion failed: &elem\nWith captures:\n  elem = {0:?}\n",
-                            __capture0))
+                            __capture0));
                 }
             }
     };
@@ -58,7 +58,7 @@ fn binary() {
                 (&::core::asserting::Wrapper(__local_bind0)).try_capture(&mut __capture0);
                 {
                     ::std::rt::panic_fmt(format_args!("Assertion failed: elem == 1\nWith captures:\n  elem = {0:?}\n",
-                            __capture0))
+                            __capture0));
                 }
             }
     };
@@ -71,7 +71,7 @@ fn binary() {
                 (&::core::asserting::Wrapper(__local_bind0)).try_capture(&mut __capture0);
                 {
                     ::std::rt::panic_fmt(format_args!("Assertion failed: elem >= 1\nWith captures:\n  elem = {0:?}\n",
-                            __capture0))
+                            __capture0));
                 }
             }
     };
@@ -84,7 +84,7 @@ fn binary() {
                 (&::core::asserting::Wrapper(__local_bind0)).try_capture(&mut __capture0);
                 {
                     ::std::rt::panic_fmt(format_args!("Assertion failed: elem > 0\nWith captures:\n  elem = {0:?}\n",
-                            __capture0))
+                            __capture0));
                 }
             }
     };
@@ -97,7 +97,7 @@ fn binary() {
                 (&::core::asserting::Wrapper(__local_bind0)).try_capture(&mut __capture0);
                 {
                     ::std::rt::panic_fmt(format_args!("Assertion failed: elem < 3\nWith captures:\n  elem = {0:?}\n",
-                            __capture0))
+                            __capture0));
                 }
             }
     };
@@ -110,7 +110,7 @@ fn binary() {
                 (&::core::asserting::Wrapper(__local_bind0)).try_capture(&mut __capture0);
                 {
                     ::std::rt::panic_fmt(format_args!("Assertion failed: elem <= 3\nWith captures:\n  elem = {0:?}\n",
-                            __capture0))
+                            __capture0));
                 }
             }
     };
@@ -123,7 +123,7 @@ fn binary() {
                 (&::core::asserting::Wrapper(__local_bind0)).try_capture(&mut __capture0);
                 {
                     ::std::rt::panic_fmt(format_args!("Assertion failed: elem != 3\nWith captures:\n  elem = {0:?}\n",
-                            __capture0))
+                            __capture0));
                 }
             }
     };
@@ -139,7 +139,7 @@ fn unary() {
                 (&::core::asserting::Wrapper(__local_bind0)).try_capture(&mut __capture0);
                 {
                     ::std::rt::panic_fmt(format_args!("Assertion failed: *elem\nWith captures:\n  elem = {0:?}\n",
-                            __capture0))
+                            __capture0));
                 }
             }
     };

Original file line number	Diff line number	Diff line change
`@@ -26,7 +26,7 @@ fn arbitrary_consuming_method_for_demonstration_purposes() {`
`26`	`26`
`27`	`27`	`{`
`28`	`28`	`::std::rt::panic_fmt(format_args!("Assertion failed: elem as usize\nWith captures:\n elem = {0:?}\n",`
`29`		`- __capture0))`
	`29`	`+ __capture0));`
`30`	`30`	`}`
`31`	`31`	`}`
`32`	`32`	`};`
`@@ -42,7 +42,7 @@ fn addr_of() {`
`42`	`42`	`(&::core::asserting::Wrapper(__local_bind0)).try_capture(&mut __capture0);`
`43`	`43`	`{`
`44`	`44`	`::std::rt::panic_fmt(format_args!("Assertion failed: &elem\nWith captures:\n elem = {0:?}\n",`
`45`		`- __capture0))`
	`45`	`+ __capture0));`
`46`	`46`	`}`
`47`	`47`	`}`
`48`	`48`	`};`
`@@ -58,7 +58,7 @@ fn binary() {`
`58`	`58`	`(&::core::asserting::Wrapper(__local_bind0)).try_capture(&mut __capture0);`
`59`	`59`	`{`
`60`	`60`	`::std::rt::panic_fmt(format_args!("Assertion failed: elem == 1\nWith captures:\n elem = {0:?}\n",`
`61`		`- __capture0))`
	`61`	`+ __capture0));`
`62`	`62`	`}`
`63`	`63`	`}`
`64`	`64`	`};`
`@@ -71,7 +71,7 @@ fn binary() {`
`71`	`71`	`(&::core::asserting::Wrapper(__local_bind0)).try_capture(&mut __capture0);`
`72`	`72`	`{`
`73`	`73`	`::std::rt::panic_fmt(format_args!("Assertion failed: elem >= 1\nWith captures:\n elem = {0:?}\n",`
`74`		`- __capture0))`
	`74`	`+ __capture0));`
`75`	`75`	`}`
`76`	`76`	`}`
`77`	`77`	`};`
`@@ -84,7 +84,7 @@ fn binary() {`
`84`	`84`	`(&::core::asserting::Wrapper(__local_bind0)).try_capture(&mut __capture0);`
`85`	`85`	`{`
`86`	`86`	`::std::rt::panic_fmt(format_args!("Assertion failed: elem > 0\nWith captures:\n elem = {0:?}\n",`
`87`		`- __capture0))`
	`87`	`+ __capture0));`
`88`	`88`	`}`
`89`	`89`	`}`
`90`	`90`	`};`
`@@ -97,7 +97,7 @@ fn binary() {`
`97`	`97`	`(&::core::asserting::Wrapper(__local_bind0)).try_capture(&mut __capture0);`
`98`	`98`	`{`
`99`	`99`	`::std::rt::panic_fmt(format_args!("Assertion failed: elem < 3\nWith captures:\n elem = {0:?}\n",`
`100`		`- __capture0))`
	`100`	`+ __capture0));`
`101`	`101`	`}`
`102`	`102`	`}`
`103`	`103`	`};`
`@@ -110,7 +110,7 @@ fn binary() {`
`110`	`110`	`(&::core::asserting::Wrapper(__local_bind0)).try_capture(&mut __capture0);`
`111`	`111`	`{`
`112`	`112`	`::std::rt::panic_fmt(format_args!("Assertion failed: elem <= 3\nWith captures:\n elem = {0:?}\n",`
`113`		`- __capture0))`
	`113`	`+ __capture0));`
`114`	`114`	`}`
`115`	`115`	`}`
`116`	`116`	`};`
`@@ -123,7 +123,7 @@ fn binary() {`
`123`	`123`	`(&::core::asserting::Wrapper(__local_bind0)).try_capture(&mut __capture0);`
`124`	`124`	`{`
`125`	`125`	`::std::rt::panic_fmt(format_args!("Assertion failed: elem != 3\nWith captures:\n elem = {0:?}\n",`
`126`		`- __capture0))`
	`126`	`+ __capture0));`
`127`	`127`	`}`
`128`	`128`	`}`
`129`	`129`	`};`
`@@ -139,7 +139,7 @@ fn unary() {`
`139`	`139`	`(&::core::asserting::Wrapper(__local_bind0)).try_capture(&mut __capture0);`
`140`	`140`	`{`
`141`	`141`	`::std::rt::panic_fmt(format_args!("Assertion failed: *elem\nWith captures:\n elem = {0:?}\n",`
`142`		`- __capture0))`
	`142`	`+ __capture0));`
`143`	`143`	`}`
`144`	`144`	`}`
`145`	`145`	`};`