Auto merge of #149435 - sladyn98:fix-panic-drop-ordering-rebased, r=<try>

Fix variable deallocation order in panic unwinding paths

Author: bors

compiler/rustc_borrowck/src/lib.rs

@@ -46,7 +46,7 @@ use rustc_mir_dataflow::move_paths::{
 };
 use rustc_mir_dataflow::points::DenseLocationMap;
 use rustc_mir_dataflow::{Analysis, EntryStates, Results, ResultsVisitor, visit_results};
-use rustc_session::lint::builtin::{TAIL_EXPR_DROP_ORDER, UNUSED_MUT};
+use rustc_session::lint::builtin::{TAIL_EXPR_DROP_ORDER, UNUSED_MUT, UNWIND_DROP_ORDER};
 use rustc_span::{ErrorGuaranteed, Span, Symbol};
 use rustc_trait_selection::traits::query::type_op::{QueryTypeOp, TypeOp, TypeOpOutput};
 use smallvec::SmallVec;
@@ -853,11 +853,8 @@ impl<'a, 'tcx> ResultsVisitor<'tcx, Borrowck<'a, 'tcx>> for MirBorrowckCtxt<'a,
             // These do not actually affect borrowck
             StatementKind::ConstEvalCounter | StatementKind::StorageLive(..) => {}
             // This does not affect borrowck
-            StatementKind::BackwardIncompatibleDropHint {
-                place,
-                reason: BackwardIncompatibleDropReason::Edition2024,
-            } => {
-                self.check_backward_incompatible_drop(location, **place, state);
+            StatementKind::BackwardIncompatibleDropHint { place, reason } => {
+                self.check_backward_incompatible_drop(location, **place, *reason, state);
             }
             StatementKind::StorageDead(local) => {
                 self.access_place(
@@ -1400,6 +1397,7 @@ impl<'a, 'tcx> MirBorrowckCtxt<'a, '_, 'tcx> {
         &mut self,
         location: Location,
         place: Place<'tcx>,
+        reason: BackwardIncompatibleDropReason,
         state: &BorrowckDomain,
     ) {
         let tcx = self.infcx.tcx;
@@ -1433,17 +1431,36 @@ impl<'a, 'tcx> MirBorrowckCtxt<'a, '_, 'tcx> {
                     borrow,
                     Some((WriteKind::StorageDeadOrDrop, place)),
                 );
-                this.infcx.tcx.emit_node_span_lint(
-                    TAIL_EXPR_DROP_ORDER,
-                    CRATE_HIR_ID,
-                    borrowed,
-                    session_diagnostics::TailExprDropOrder {
-                        borrowed,
-                        callback: |diag| {
-                            explain.add_explanation_to_diagnostic(&this, diag, "", None, None);
-                        },
-                    },
-                );
+                match reason {
+                    BackwardIncompatibleDropReason::Edition2024 => {
+                        this.infcx.tcx.emit_node_span_lint(
+                            TAIL_EXPR_DROP_ORDER,
+                            CRATE_HIR_ID,
+                            borrowed,
+                            session_diagnostics::TailExprDropOrder {
+                                borrowed,
+                                callback: |diag| {
+                                    explain
+                                        .add_explanation_to_diagnostic(&this, diag, "", None, None);
+                                },
+                            },
+                        );
+                    }
+                    BackwardIncompatibleDropReason::UnwindStorageDead => {
+                        this.infcx.tcx.emit_node_span_lint(
+                            UNWIND_DROP_ORDER,
+                            CRATE_HIR_ID,
+                            borrowed,
+                            session_diagnostics::UnwindDropOrder {
+                                borrowed,
+                                callback: |diag| {
+                                    explain
+                                        .add_explanation_to_diagnostic(&this, diag, "", None, None);
+                                },
+                            },
+                        );
+                    }
+                }
                 // We may stop at the first case
                 ControlFlow::Break(())
             },

compiler/rustc_borrowck/src/polonius/legacy/loan_invalidations.rs

@@ -70,7 +70,9 @@ impl<'a, 'tcx> Visitor<'tcx> for LoanInvalidationsGenerator<'a, 'tcx> {
             // Doesn't have any language semantics
             | StatementKind::Coverage(..)
             // Does not actually affect borrowck
-            | StatementKind::StorageLive(..) => {}
+            | StatementKind::StorageLive(..)
+            // Future-compatibility drop hints are lint markers, not loan invalidations.
+            | StatementKind::BackwardIncompatibleDropHint { .. } => {}
             StatementKind::StorageDead(local) => {
                 self.access_place(
                     location,
@@ -81,7 +83,6 @@ impl<'a, 'tcx> Visitor<'tcx> for LoanInvalidationsGenerator<'a, 'tcx> {
             }
             StatementKind::ConstEvalCounter
             | StatementKind::Nop
-            | StatementKind::BackwardIncompatibleDropHint { .. }
             | StatementKind::SetDiscriminant { .. } => {
                 bug!("Statement not allowed in this MIR phase")
             }

compiler/rustc_borrowck/src/session_diagnostics.rs

@@ -633,3 +633,19 @@ impl<'a, F: FnOnce(&mut Diag<'_, ()>)> Diagnostic<'a, ()> for TailExprDropOrder<
         diag
     }
 }
+
+pub(crate) struct UnwindDropOrder<F: FnOnce(&mut Diag<'_, ()>)> {
+    pub borrowed: Span,
+    pub callback: F,
+}
+
+impl<'a, F: FnOnce(&mut Diag<'_, ()>)> Diagnostic<'a, ()> for UnwindDropOrder<F> {
+    fn into_diag(self, dcx: DiagCtxtHandle<'a>, level: Level) -> Diag<'a, ()> {
+        let Self { borrowed, callback } = self;
+        let mut diag =
+            Diag::new(dcx, level, "relative drop order on unwind changing in a future release")
+                .with_span_label(borrowed, "this value would be considered dead on an unwind path");
+        callback(&mut diag);
+        diag
+    }
+}

compiler/rustc_lint_defs/src/builtin.rs

@@ -150,6 +150,7 @@ pub mod hardwired {
             UNUSED_UNSAFE,
             UNUSED_VARIABLES,
             UNUSED_VISIBILITIES,
+            UNWIND_DROP_ORDER,
             USELESS_DEPRECATED,
             VARARGS_WITHOUT_PATTERN,
             WARNINGS,
@@ -5233,6 +5234,47 @@ declare_lint! {
     };
 }
 
+declare_lint! {
+    /// The `unwind_drop_order` lint detects values whose relative drop order on
+    /// panic unwind paths will change in a future release.
+    ///
+    /// ### Example
+    /// ```rust,no_run
+    /// #![warn(unwind_drop_order)]
+    ///
+    /// struct Wrap<T>(T);
+    ///
+    /// impl<T> Drop for Wrap<T> {
+    ///     fn drop(&mut self) {}
+    /// }
+    ///
+    /// fn main() {
+    ///     let x;
+    ///     {
+    ///         let y = 1;
+    ///         x = Wrap(&y);
+    ///         panic!();
+    ///     }
+    /// }
+    /// ```
+    ///
+    /// {{produces}}
+    ///
+    /// ### Explanation
+    ///
+    /// During panic unwinding, Rust currently does not mark locals as dead at
+    /// the same program points as normal control flow. A future release may
+    /// make unwind paths use the same storage-dead points as normal paths. This
+    /// lint reports code where that change can affect relative drop order
+    /// checking.
+    pub UNWIND_DROP_ORDER,
+    Allow,
+    "detects future changes to drop order during panic unwinding",
+    @future_incompatible = FutureIncompatibleInfo {
+        reason: fcw!(FutureReleaseSemanticsChange #147875),
+    };
+}
+
 declare_lint! {
     /// The `rust_2024_guarded_string_incompatible_syntax` lint detects `#` tokens
     /// that will be parsed as part of a guarded string literal in Rust 2024.

compiler/rustc_middle/src/mir/pretty.rs

@@ -879,10 +879,8 @@ impl Debug for StatementKind<'_> {
             Intrinsic(ref intrinsic) => write!(fmt, "{intrinsic}"),
             ConstEvalCounter => write!(fmt, "ConstEvalCounter"),
             Nop => write!(fmt, "nop"),
-            BackwardIncompatibleDropHint { ref place, reason: _ } => {
-                // For now, we don't record the reason because there is only one use case,
-                // which is to report breaking change in drop order by Edition 2024
-                write!(fmt, "BackwardIncompatibleDropHint({place:?})")
+            BackwardIncompatibleDropHint { ref place, reason } => {
+                write!(fmt, "BackwardIncompatibleDropHint({place:?}, {reason:?})")
             }
         }
     }

compiler/rustc_middle/src/mir/syntax.rs

@@ -445,8 +445,7 @@ pub enum StatementKind<'tcx> {
     /// Marker statement indicating where `place` would be dropped.
     /// This is semantically equivalent to `Nop`, so codegen and MIRI should interpret this
     /// statement as such.
-    /// The only use case of this statement is for linting in MIR to detect temporary lifetime
-    /// changes.
+    /// The only use case of this statement is for MIR future-compatibility linting.
     BackwardIncompatibleDropHint {
         /// Place to drop
         place: Box<Place<'tcx>>,
@@ -975,6 +974,7 @@ pub enum TerminatorKind<'tcx> {
 
 #[derive(
     Clone,
+    Copy,
     Debug,
     TyEncodable,
     TyDecodable,
@@ -986,6 +986,7 @@ pub enum TerminatorKind<'tcx> {
 )]
 pub enum BackwardIncompatibleDropReason {
     Edition2024,
+    UnwindStorageDead,
 }
 
 #[derive(Debug, Clone, TyEncodable, TyDecodable, Hash, StableHash, PartialEq)]