Implement an unused result lint #11754
Conversation
|
Nice; what about going much further for #[must_use] types and making them linear types? That is, making this always an error, and triggering it whenever a #[must_use] type is dropped without destructuring, rather than just when that happens as a result of a statement with a #[must_use] type (other cases are variables going out of scope, being assigned other values to, _ patterns, maybe something else). |
|
That's not a bad idea, but for now I'd rather lean in the direction of keeping the lint super simple and easy to understand. The major use case this is trying to solve is silently ignoring return values from I/O operations by accident. If you specify a I think that the best trial run for this lint will be removing conditions from libstd. If it turns out that this lint isn't sufficient enough to catch most of the ignored errors (as today there are many because conditions fail by default), then we should certainly revisit this at that point. Basically for now I want to try to keep this as simple as possible, but I don't mind revisiting at all if we start seeing common patterns that ignore errors. |
|
Sounds good. Only concern is the association |
|
The codebase already contains that macro with the name None of these names seems particularly good; a descriptive name would either be "propagate_err!", "on_err_return!" or "return_if_err!", but those all seem too long. |
|
This is really nice. OCaml has |
|
This is great! I would maybe even make it an error if a Now that it's possible to use return in a closure, how about introducing That's even longer but also more readable I guess. I suppose |
|
@alexcrichton I like this. I already started playing around with the |
|
I was wondering if a |
|
You can easily implement ignore! via: let _ = file.read()It might be nice to have an alias for clarity, but I don't love adding a set of parens around everything vs. |
|
Right. |
I attempted to implement the lint in two steps. My first attempt was a default-warn lint about *all* unused results. While this attempt did indeed find many possible bugs, I felt that the false-positive rate was too high to be turned on by default for all of Rust. My second attempt was to make unused-result a default-allow lint, but allow certain types to opt-in to the notion of "you must use this". For example, the Result type is now flagged with #[must_use]. This lint about "must use" types is warn by default (it's different from unused-result). The unused_must_use lint had a 100% hit rate in the compiler, but there's not that many places that return Result right now. I believe that this lint is a crucial step towards moving away from conditions for I/O (because all I/O will return Result by default). I'm worried that this lint is a little too specific to Result itself, but I believe that the false positive rate for the unused_result lint is too high to make it useful when turned on by default.
The general consensus is that we want to move away from conditions for I/O, and I propose a two-step plan for doing so:
1. Warn about unused `Result` types. When all of I/O returns `Result`, it will require you inspect the return value for an error *only if* you have a result you want to look at. By default, for things like `write` returning `Result<(), Error>`, these will all go silently ignored. This lint will prevent blind ignorance of these return values, letting you know that there's something you should do about them.
2. Implement a `try!` macro:
```
macro_rules! try( ($e:expr) => (match $e { Ok(e) => e, Err(e) => return Err(e) }) )
```
With these two tools combined, I feel that we get almost all the benefits of conditions. The first step (the lint) is a sanity check that you're not ignoring return values at callsites. The second step is to provide a convenience method of returning early out of a sequence of computations. After thinking about this for awhile, I don't think that we need the so-called "do-notation" in the compiler itself because I think it's just *too* specialized. Additionally, the `try!` macro is super lightweight, easy to understand, and works almost everywhere. As soon as you want to do something more fancy, my answer is "use match".
Basically, with these two tools in action, I would be comfortable removing conditions. What do others think about this strategy?
----
This PR specifically implements the `unused_result` lint. I actually added two lints, `unused_result` and `unused_must_use`, and the first commit has the rationale for why `unused_result` is turned off by default.
The general consensus is that we want to move away from conditions for I/O, and I propose a two-step plan for doing so:
Resulttypes. When all of I/O returnsResult, it will require you inspect the return value for an error only if you have a result you want to look at. By default, for things likewritereturningResult<(), Error>, these will all go silently ignored. This lint will prevent blind ignorance of these return values, letting you know that there's something you should do about them.try!macro:With these two tools combined, I feel that we get almost all the benefits of conditions. The first step (the lint) is a sanity check that you're not ignoring return values at callsites. The second step is to provide a convenience method of returning early out of a sequence of computations. After thinking about this for awhile, I don't think that we need the so-called "do-notation" in the compiler itself because I think it's just too specialized. Additionally, the
try!macro is super lightweight, easy to understand, and works almost everywhere. As soon as you want to do something more fancy, my answer is "use match".Basically, with these two tools in action, I would be comfortable removing conditions. What do others think about this strategy?
This PR specifically implements the
unused_resultlint. I actually added two lints,unused_resultandunused_must_use, and the first commit has the rationale for whyunused_resultis turned off by default.