-
Notifications
You must be signed in to change notification settings - Fork 1.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
debug_assert_with_mut_call: Multiple kinds of false positives in a default-deny lint #5112
Comments
Yeah, we should move this to nursery. The |
We move this lint to nursery (allow-by-default) and backport it to the current beta, so that this bug is gone in 1.42.0. In the mean time, you should just Sorry for the inconvenience. |
[beta] Backport disabling of Clippy lint debug_assert_with_mut_call This disables the Clippy lint `debug_assert_with_mut_call`, see rust-lang/rust-clippy#5112. Since this is a deny-by-default lint, that landed with `1.41.0`, we want to disable this lint rather sooner than later, that's why the backport. Clippy branch for the backport: https://github.com/rust-lang/rust-clippy/tree/rust-1.42.0 r? @Mark-Simulacrum cc (from the Clippy side) @Manishearth @oli-obk
This is another case which - in my opinion - is a false positive:
|
debug_assert_with_mut_call
is a "correctness" lint with major false positives! I'm not sure what the policy is on correctness lints, but the readme defines it like this: "code that is just outright wrong or very very useless". Instances ofdebug_assert_with_mut_call
are often neither of these.I believe the spirit of this lint is to prevent side-effects escaping
debug_assert
. In that light, I have identified two issues with this lint, can be seen with the following code:Running
clippy 0.0.212 (69f99e7 2019-12-14)
with default settings yieldsexample1
and the corresponding lint output demonstrate the first problem with this lint: it assumes that&mut
has something to do with mutation. This is a common misconception discussed here and here. There is no such thing as "a function with mutable arguments", or at least, not in the way the lint means it.example1
is perfectly fine code which is not "outright wrong or very very useless".example1b
, on the other hand, does meet that definition and falls directly within both the spirit and letter of this lint, but is not caught. Yikes!example2
demonstrates the other problem, which is in some ways I think worse because it encourages bad practice. This example has code with side-effects which don't escape from debug_assert; the idea is that there's no need to perform those side-effects if their result won't be used. With this lint, though, devs are likely to move those side-effects out of the debug assert, slowing down release code by adding dead code that often can't be eliminated because of those very side-effects.I hit both of these issues in real-life code which did not have any actual bugs in the linted code; nor could it be trivially refactored without introducing new lints or new bugs. Therefore, while the intention behind the lint is good, I believe it needs at a minimum to be downgraded to default-warn until these issues are resolved. FWIW, there have been other recent issues with this lint as well: #4737 and #5105.
The text was updated successfully, but these errors were encountered: