Make closure capturing have consistent and correct behaviour around patterns

compiler/rustc_hir_typeck/src/upvar.rs

@@ -761,6 +761,7 @@ impl<'a, 'tcx> FnCtxt<'a, 'tcx> {
     ///       ],
     /// }
     /// ```
+    #[instrument(level = "debug", skip(self))]
     fn compute_min_captures(
         &self,
         closure_def_id: LocalDefId,
@@ -2029,6 +2030,7 @@ struct InferBorrowKind<'tcx> {
 }
 
 impl<'tcx> euv::Delegate<'tcx> for InferBorrowKind<'tcx> {
+    #[instrument(skip(self), level = "debug")]
     fn fake_read(
         &mut self,
         place_with_id: &PlaceWithHirId<'tcx>,
@@ -2119,6 +2121,7 @@ impl<'tcx> euv::Delegate<'tcx> for InferBorrowKind<'tcx> {
 }
 
 /// Rust doesn't permit moving fields out of a type that implements drop
+#[instrument(skip(fcx), ret, level = "debug")]
 fn restrict_precision_for_drop_types<'a, 'tcx>(
     fcx: &'a FnCtxt<'a, 'tcx>,
     mut place: Place<'tcx>,
@@ -2179,6 +2182,7 @@ fn restrict_precision_for_unsafe(
 /// - No unsafe block is required to capture `place`.
 ///
 /// Returns the truncated place and updated capture mode.
+#[instrument(ret, level = "debug")]
 fn restrict_capture_precision(
     place: Place<'_>,
     curr_mode: ty::UpvarCapture,
@@ -2208,6 +2212,7 @@ fn restrict_capture_precision(
 }
 
 /// Truncate deref of any reference.
+#[instrument(ret, level = "debug")]
 fn adjust_for_move_closure(
     mut place: Place<'_>,
     mut kind: ty::UpvarCapture,
@@ -2222,6 +2227,7 @@ fn adjust_for_move_closure(
 }
 
 /// Truncate deref of any reference.
+#[instrument(ret, level = "debug")]
 fn adjust_for_use_closure(
     mut place: Place<'_>,
     mut kind: ty::UpvarCapture,
@@ -2237,6 +2243,7 @@ fn adjust_for_use_closure(
 
 /// Adjust closure capture just that if taking ownership of data, only move data
 /// from enclosing stack frame.
+#[instrument(ret, level = "debug")]
 fn adjust_for_non_move_closure(
     mut place: Place<'_>,
     mut kind: ty::UpvarCapture,
@@ -2559,6 +2566,7 @@ fn determine_place_ancestry_relation<'tcx>(
 ///     // it is constrained to `'a`
 /// }
 /// ```
+#[instrument(ret, level = "debug")]
 fn truncate_capture_for_optimization(
     mut place: Place<'_>,
     mut curr_mode: ty::UpvarCapture,

compiler/rustc_mir_build/src/builder/matches/match_pair.rs

@@ -339,6 +339,12 @@ impl<'tcx> MatchPairTree<'tcx> {
 
         if let Some(test_case) = test_case {
             // This pattern is refutable, so push a new match-pair node.
+            //
+            // Note: unless test_case is TestCase::Or, place must not be None.
+            // This means that the closure capture analysis in
+            // rustc_hir_typeck::upvar, and in particular the pattern handling
+            // code of ExprUseVisitor, must capture all of the places we'll use.
+            // Make sure to keep these two parts in sync!
             match_pairs.push(MatchPairTree {
                 place,
                 test_case,

src/tools/clippy/clippy_lints/src/methods/mod.rs

@@ -889,7 +889,7 @@ declare_clippy_lint! {
     /// ```
     #[clippy::version = "pre 1.29.0"]
     pub SEARCH_IS_SOME,
-    complexity,
+    nursery,
     "using an iterator or string search followed by `is_some()` or `is_none()`, which is more succinctly expressed as a call to `any()` or `contains()` (with negation in case of `is_none()`)"
 }
 

src/tools/clippy/tests/ui/crashes/ice-9041.rs

@@ -1,3 +1,4 @@
+#![warn(clippy::search_is_some)]
 pub struct Thing;
 //@no-rustfix
 pub fn has_thing(things: &[Thing]) -> bool {

src/tools/clippy/tests/ui/crashes/ice-9041.stderr

@@ -1,5 +1,5 @@
 error: called `is_some()` after searching an `Iterator` with `find`
-  --> tests/ui/crashes/ice-9041.rs:5:19
+  --> tests/ui/crashes/ice-9041.rs:6:19
    |
 LL |     things.iter().find(|p| is_thing_ready(p)).is_some()
    |                   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ help: consider using: `any(|p| is_thing_ready(&p))`

src/tools/clippy/tests/ui/search_is_some_fixable_some.fixed

@@ -311,19 +311,23 @@ mod issue9120 {
     }
 }
 
+// skip this test due to rust-lang/rust-clippy#16086
+/*
 #[allow(clippy::match_like_matches_macro)]
 fn issue15102() {
     let values = [None, Some(3)];
-    let has_even = values.iter().any(|v| matches!(&v, Some(x) if x % 2 == 0));
-    //~^ search_is_some
+    let has_even = values.iter().find(|v| matches!(v, Some(x) if x % 2 == 0)).is_some();
+    ~^ search_is_some
     println!("{has_even}");
 
     let has_even = values
         .iter()
-        .any(|v| match &v {
-            //~^ search_is_some
+        .find(|v| match v {
+            ~^ search_is_some
             Some(x) if x % 2 == 0 => true,
             _ => false,
-        });
+        })
+        .is_some();
     println!("{has_even}");
 }
+*/

src/tools/clippy/tests/ui/search_is_some_fixable_some.rs

@@ -322,20 +322,23 @@ mod issue9120 {
     }
 }
 
+// skip this test due to rust-lang/rust-clippy#16086
+/*
 #[allow(clippy::match_like_matches_macro)]
 fn issue15102() {
     let values = [None, Some(3)];
     let has_even = values.iter().find(|v| matches!(v, Some(x) if x % 2 == 0)).is_some();
-    //~^ search_is_some
+    ~^ search_is_some
     println!("{has_even}");
 
     let has_even = values
         .iter()
         .find(|v| match v {
-            //~^ search_is_some
+            ~^ search_is_some
             Some(x) if x % 2 == 0 => true,
             _ => false,
         })
         .is_some();
     println!("{has_even}");
 }
+*/

src/tools/clippy/tests/ui/search_is_some_fixable_some.stderr

@@ -346,32 +346,5 @@ error: called `is_some()` after searching an `Iterator` with `find`
 LL |         let _ = v.iter().find(|x: &&u32| (*arg_no_deref_dyn)(x)).is_some();
    |                          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ help: consider using: `any(|x: &u32| (*arg_no_deref_dyn)(&x))`
 
-error: called `is_some()` after searching an `Iterator` with `find`
-  --> tests/ui/search_is_some_fixable_some.rs:328:34
-   |
-LL |     let has_even = values.iter().find(|v| matches!(v, Some(x) if x % 2 == 0)).is_some();
-   |                                  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ help: consider using: `any(|v| matches!(&v, Some(x) if x % 2 == 0))`
-
-error: called `is_some()` after searching an `Iterator` with `find`
-  --> tests/ui/search_is_some_fixable_some.rs:334:10
-   |
-LL |           .find(|v| match v {
-   |  __________^
-LL | |
-LL | |             Some(x) if x % 2 == 0 => true,
-LL | |             _ => false,
-LL | |         })
-LL | |         .is_some();
-   | |__________________^
-   |
-help: consider using
-   |
-LL ~         .any(|v| match &v {
-LL +
-LL +             Some(x) if x % 2 == 0 => true,
-LL +             _ => false,
-LL ~         });
-   |
-
-error: aborting due to 51 previous errors
+error: aborting due to 49 previous errors
 

src/tools/miri/tests/fail/closures/deref-in-pattern.rs

@@ -0,0 +1,20 @@
+// This test serves to document the change in semantics introduced by
+// rust-lang/rust#138961.
+//
+// A corollary of partial-pattern.rs: while the tuple access testcase makes
+// it clear why these semantics are useful, it is actually the dereference
+// being performed by the pattern that matters.
+
+fn main() {
+    // the inner reference is dangling
+    let x: &&u32 = unsafe {
+        let x: u32 = 42;
+        &&* &raw const x
+    };
+
+    let _ = || { //~ ERROR: encountered a dangling reference
+        match x {
+            &&_y => {},
+        }
+    };
+}

src/tools/miri/tests/fail/closures/deref-in-pattern.stderr

@@ -0,0 +1,18 @@
+error: Undefined Behavior: constructing invalid value: encountered a dangling reference (use-after-free)
+  --> tests/fail/closures/deref-in-pattern.rs:LL:CC
+   |
+LL |       let _ = || {
+   |  _____________^
+LL | |         match x {
+LL | |             &&_y => {},
+LL | |         }
+LL | |     };
+   | |_____^ Undefined Behavior occurred here
+   |
+   = help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
+   = help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information
+
+note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace
+
+error: aborting due to 1 previous error
+

src/tools/miri/tests/fail/closures/partial-pattern.rs

@@ -0,0 +1,28 @@
+// This test serves to document the change in semantics introduced by
+// rust-lang/rust#138961.
+//
+// Previously, the closure would capture the entirety of x, and access *(*x).0
+// when called. Now, the closure only captures *(*x).0, which means that
+// a &*(*x).0 reborrow happens when the closure is constructed.
+//
+// Hence, if one of the references is dangling, this constitutes newly introduced UB
+// in the case where the closure doesn't get called. This isn't a big deal,
+// because while opsem only now considers this to be UB, the unsafe code
+// guidelines have long recommended against any handling of dangling references.
+
+fn main() {
+    // the inner references are dangling
+    let x: &(&u32, &u32) = unsafe {
+        let a = 21;
+        let b = 37;
+        let ra = &* &raw const a;
+        let rb = &* &raw const b;
+        &(ra, rb)
+    };
+
+    let _ = || { //~ ERROR: encountered a dangling reference
+        match x {
+            (&_y, _) => {},
+        }
+    };
+}

src/tools/miri/tests/fail/closures/partial-pattern.stderr

@@ -0,0 +1,18 @@
+error: Undefined Behavior: constructing invalid value: encountered a dangling reference (use-after-free)
+  --> tests/fail/closures/partial-pattern.rs:LL:CC
+   |
+LL |       let _ = || {
+   |  _____________^
+LL | |         match x {
+LL | |             (&_y, _) => {},
+LL | |         }
+LL | |     };
+   | |_____^ Undefined Behavior occurred here
+   |
+   = help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
+   = help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information
+
+note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace
+
+error: aborting due to 1 previous error
+

src/tools/miri/tests/fail/closures/uninhabited-variant.rs

@@ -0,0 +1,31 @@
+// Motivated by rust-lang/rust#138961, this shows how invalid discriminants interact with
+// closure captures.
+#![feature(never_type)]
+
+#[repr(C)]
+#[allow(dead_code)]
+enum E {
+  V0, // discriminant: 0
+  V1, // 1
+  V2(!), // 2
+}
+
+fn main() {
+    assert_eq!(std::mem::size_of::<E>(), 4);
+
+    let val = 2u32;
+    let ptr = (&raw const val).cast::<E>();
+    let r = unsafe { &*ptr };
+    let f = || {
+        // After rust-lang/rust#138961, constructing the closure performs a reborrow of r.
+        // Nevertheless, the discriminant is only actually inspected when the closure
+        // is called.
+        match r { //~ ERROR: read discriminant of an uninhabited enum variant
+            E::V0 => {}
+            E::V1 => {}
+            E::V2(_) => {}
+        }
+    };
+
+    f();
+}

src/tools/miri/tests/fail/closures/uninhabited-variant.stderr

@@ -0,0 +1,20 @@
+error: Undefined Behavior: read discriminant of an uninhabited enum variant
+  --> tests/fail/closures/uninhabited-variant.rs:LL:CC
+   |
+LL |         match r {
+   |               ^ Undefined Behavior occurred here
+   |
+   = help: this indicates a bug in the program: it performed an invalid operation, and caused Undefined Behavior
+   = help: see https://doc.rust-lang.org/nightly/reference/behavior-considered-undefined.html for further information
+   = note: BACKTRACE:
+   = note: inside closure at tests/fail/closures/uninhabited-variant.rs:LL:CC
+note: inside `main`
+  --> tests/fail/closures/uninhabited-variant.rs:LL:CC
+   |
+LL |     f();
+   |     ^^^
+
+note: some details are omitted, run with `MIRIFLAGS=-Zmiri-backtrace=full` for a verbose backtrace
+
+error: aborting due to 1 previous error
+

src/tools/rust-analyzer/crates/hir-ty/src/layout/tests/closure.rs

@@ -166,6 +166,9 @@ fn capture_specific_fields() {
             *a + x + (*b as i64)
         }
     }
+    // FIXME: These tests currently fail, because rust-analyzer hasn't yet implemented the changes
+    // introduced in rust-lang/rust#138961. See rust-lang/rust-analyzer#21274 for more discussion.
+    /*
     size_and_align_expr! {
         struct X(i64, i32, (u8, i128));
         let y: X = X(2, 5, (7, 3));
@@ -183,6 +186,7 @@ fn capture_specific_fields() {
             a + x + (b as i64)
         }
     }
+    */
 }
 
 #[test]
@@ -194,6 +198,9 @@ fn match_pattern() {
             x
         }
     }
+    // FIXME: These tests currently fail, because rust-analyzer hasn't yet implemented the changes
+    // introduced in rust-lang/rust#138961. See rust-lang/rust-analyzer#21274 for more discussion.
+    /*
     size_and_align_expr! {
         minicore: copy;
         stmts: [
@@ -206,6 +213,7 @@ fn match_pattern() {
             }
         }
     }
+    */
     size_and_align_expr! {
         minicore: copy;
         stmts: [

tests/crashes/119786-2.rs

@@ -0,0 +1,15 @@
+//@ known-bug: #119786
+//@ edition:2021
+
+fn enum_upvar() {
+    type T = impl Copy;
+    let foo: T = Some((1u32, 2u32));
+    let x = move || {
+        match foo {
+            None => (),
+            Some(_) => (),
+        }
+    };
+}
+
+pub fn main() {}

tests/crashes/119786-3.rs

@@ -0,0 +1,15 @@
+//@ known-bug: #119786
+//@ edition:2021
+
+fn enum_upvar() {
+    type T = impl Copy;
+    let foo: T = Some((1u32, 2u32));
+    let x = move || {
+        match foo {
+            None => (),
+            Some((a, b)) => (),
+        }
+    };
+}
+
+pub fn main() {}