-
Notifications
You must be signed in to change notification settings - Fork 12.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Mark block exits as reachable if the block can break. #45316
Conversation
r? @eddyb (rust_highfive has picked a reviewer for you, use r? to override) |
if ctxt.may_break { | ||
// If we can break from the block, then the block's exit is always reachable | ||
// (... as long as the entry is reachable) - regardless of the tail of the block. | ||
self.diverges.set(prev_diverges); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hmm, this doesn't seem quite right because of the possibility of dead code. Consider something like this:
let x = 'a: {
panic!(); break 'a 22;
};
or perhaps
let x = do catch {
panic!("wtf");
Err(22)?;
Ok(())
};
That said, I think that ExprLoop
is comparably imprecise. I'm trying to remember all the implications of this and make sure there's not some kind of soundness issue here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
(Thoughts?)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is it unsound to mark code as potentially reachable (erm, Diverges::Maybe
) when it in fact is never reachable? Seems like it shouldn't be - from my understanding, it should only be unsound to make the wrong call in the opposite direction.
Also maybe we could skip marking .may_break
if the break
itself is unreachable, though I wouldn't personally advocate for it.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is currently the case for loop
(is there a test for it? there ought to be):
fn main() {
let x: u32 = { //~ ERROR mismatched types
loop {
panic!();
break;
};
};
}
From a soundness perspective, IIRC if an arm is never reachable, then it is potentially reachable, so regarding something that always diverges as something that potentially reaches its exit should always be sound.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry for delay. Busy couple of days. Anyway, I agree that ExprLoop
is treated the same way, and I also agreed it ought not to be unsound to approximate in this way. (In particular, I think we only care when things definitely diverge -- this makes sense since clearly we can't tell that things definitely don't diverge (damn halting problem).)
I was thinking more about what behavior we actually want. I actually think it's consistent with our general strategy around typing dead code to allow break
-- even in dead code -- to make a loop or block be considered non-diverging. For example, the example that @arielb1 gave here] seems consistent with the rules we adopted for dead-code, which mean that e.g. the following code doesn't build:
#![allow(unreachable_code)]
fn main() {
let x: u32 = { //~ ERROR mismatched types
panic!();
'a'
};
}
In particular, I would consider break 'a'
to be equivalent to using 'a'
as a tail expression.
Essentially -- to the extent possible -- we are aiming to type-check dead-code as if it could become live. This includes not only the types of values produced by dead-code but also the control-flow that the dead-code would have introduced.
We might want to tweak that last bit but, regardless, this PR is consistent with what we do now.
@bors r+ |
📌 Commit 57f03ea has been approved by |
Mark block exits as reachable if the block can break. This only happens when desugaring `catch` expressions for now, but regular blocks (in HIR) can be broken from - respect that when doing reachability analysis. Fixes #45124.
☀️ Test successful - status-appveyor, status-travis |
This only happens when desugaring
catch
expressions for now, but regular blocks (in HIR) can be broken from - respect that when doing reachability analysis.Fixes #45124.