Temporary lifetime extension for blocks

[dianne]

This implements a revised version of the temporary lifetime extension semantics I suggested in #145838 (comment), with the goal of making temporary lifetimes and drop order more consistent between extending and non-extending blocks. As a consequence, this undoes the breaking change introduced by #145838 (but in exchange has a much larger surface area).

The change this PR hopes to enforce is a general rule: any expression's temporaries should have the same relative drop order regardless of whether the expression is in an extending context or not: let _ = $expr; and drop($expr); should have the same drop order. To achieve that, this PR applies lifetime extension rules to blocks:

// This `temp()` is now extended past the block tail in all contexts.
{ &temp() }

now extends the lifetime of temp() to outlive the block tail in Rust 2024 regardless of whether the block is an extending expression in a let statement initializer (in which context it was already extended to outlive the block before this PR). The scoping rules for tails of extending blocks remain the same: extending subexpressions' temporary scopes are extended based on the source of the lifetime extension (e.g. to match the scope of a parent let statement's bindings). For blocks not extended by any other source, extending borrows in the tail expression now share a temporary scope with the result of the block. This can in turn extend nested blocks within blocks' tail expressions:

// This `temp()` is extended past the outer block tail.
// It is now dropped after the reference to it at the `;`.
f({{ &temp() }});

// This context-sensitivity is consistent with `let`:
// This `temp()` was already extended.
// It is still dropped after `x` at the end of its scope.
let x = {{ &temp() }};

Since this uses the same rules as let, it only applies to extending sub-expressions.

// This `temp()` is still never extended in any context.
// In Rust 2024, it is dropped at the end of the block tail.
{ identity(&temp()) }

This also applies to if expressions' blocks since lifetime extension applies to if blocks' tail expressions, meaning it affects all editions. This is where breakage from #145838 was observed:

if cond { &temp() } else { &temp() }

now extends temp() to have the same temporary scope as the result of the if expression.

As a further consequence, this makes super let in if expressions' blocks more consistent with block expressions:

if cond() {
    super let x = temp();
    &temp
} else {
    super let x = temp();
    &temp
}

previously only worked in extending contexts (since the super lets would be extended), and now it works everywhere.

Reference PR: rust-lang/reference#2051

@rustbot label +T-lang

[dianne]

@rustbot label -stable-nominated

I'm not intending to stable-nominate this, at least. Someone else can, but I don't expect it's needed or that it would be accepted.

[traviscross]

Does this only affect code in Rust 2024, or would you expect any visible difference in earlier editions?

[dianne]

It should only be visible in Rust 2024. The only extending expressions that introduce temporary drop scopes are Rust 2024 block tail expressions. Edit: this is also visible on earlier editions through if expressions' blocks.

Suppose we have a macro extending!, for which $expr is extending if extending!($expr) is extending. Under this PR, in a non-extending context, { extending!(&temp()) } would give temp() the same temporary scope as the result of the block. Prior to Rust 2021, they're already in the same scope, due to extending! being unable to introduce temporary scopes.

Or to generalize this, the aim of this PR is that in a non-extending context, extending!(&temp()) should give temp() the same temporary scope as the expansion, similar to how let x = extending!(&temp()); gives temp() the same scope as x. This already holds in Rust 2021 and prior.

If new expressions are added to Rust that are both extending and temporary scopes, I'd want this behavior to apply to them as well.

[traviscross]

Since this would effectively reduce the scope of the Rust 2024 tail expression temporary scope change, we'd also want to be sure to reflect that in the behavior of the tail-expr-drop-order lint.

[dianne]

I haven't done extensive testing, but see this test diff for that lint: lint-tail-expr-drop-order-borrowck.rs. I'm applying the lifetime extension rules on all editions, and lifetime extension prevents the temporary scope from being registered as potentially forwards-incompatible (even though the extended scopes are technically the same as the old scopes in old editions). Though I think I've convinced myself at this point that lifetime extension doesn't need to be applied to block tails of non-extending old-edition blocks¹, so potentially the lint change could be implemented in some other way instead.

Footnotes

1. I was worried about mixed-edition code, but I don't think it's an issue anymore. ↩

[bors]

☔ The latest upstream changes (presumably #146666) made this pull request unmergeable. Please resolve the merge conflicts.

[dianne]

I've made some revisions. This should now properly handle if expressions' blocks, meaning it affects all editions (since if blocks are both terminating in all editions and extending when the if expression is extending). Of note, I didn't notice at the time, but I think #145838 affected all editions as well (including the real-world breakage), due to if blocks working like that.

I think the implementation will likely need optimization and cleanup, but it might take a bit of refactoring to get it to a good place, so I'd like to get a vibe check on the design first, if there's room for it in a lang team meeting.

@rustbot label +I-lang-nominated

[rustbot]

r? @nnethercote

rustbot has assigned @nnethercote.
They will have a look at your PR within the next two weeks and either review your PR or reassign to another reviewer.

Use r? to explicitly pick a reviewer

[rust-rfcbot]

The final comment period, with a disposition to merge, as per the review above, is now complete.

As the automated representative of the governance process, I would like to thank the author for their work and everyone else who contributed.

This will be merged soon.

[rustbot]

This PR was rebased onto a different master commit. Here's a range-diff highlighting what actually changed.

Rebasing is a normal part of keeping PRs up to date, so no action is needed—this note is just to help reviewers.

[dianne]

I've rebased to re-bless the mir-opt tests. I couldn't tell at a glance why this wasn't the case before, but the changes here now apply to the panic-abort diff as well as the panic-unwind diff for the overloaded indexing mir-opt test. More details in the inline review below.

View changes since this review

[dianne]

This appears to be inlined from

rust/library/core/src/slice/index.rs

Lines 432 to 439 in 82ae0ee

	if let Some(new_len) = usize::checked_sub(self.end, self.start)
	&& self.end <= slice.len()
	{
	// SAFETY: `self` is checked to be valid and in bounds above.
	unsafe { &*get_offset_len_noubcheck(slice, self.start, new_len) }
	} else {
	slice_index_fail(self.start, self.end, slice.len())
	}

where previously the storage for the slice pointer returned by get_offset_len_noubcheck was dropped before the result of the bounds check¹ and now it's dropped after, since it now lives past the execution of the if expression.

Footnotes

1. See here and here for why that bool lives until then: individual boolean conditions have their scopes overridden so they live to the end of the if expression. I have to assume this is so they can each can have a single StorageDead, rather than one in each branch following each condition's switch terminator. ↩

[dianne]

@rustbot author

I think I forgot to handle another sort of temporary scope in this (match arm scopes). Rather than special-casing each kind of temporary scope that can be extended through, I'm increasingly inclined to believe a more general solution (closer to how the Reference PR is written) will be better in the compiler too. Upwards traversal is messier, but it'll be less error-prone than special-casing.

[rustbot]

Reminder, once the PR becomes ready for a review, use @rustbot ready.

[jackh726]

Given that I've been picking up the reviews for the other work in this area, I guess I'm likely as qualified as anyone (which, is a very short list). So, that being said, I'll just steal this review. I'll watch for when this gets switched to waiting on review.

r? jackh726

[BoxyUwU]

r? BoxyUwU

feel free to review it too if you like but I've been getting on with this over the past few weeks so would like to finish that out :)

[jackh726]

Sounds good!