From 8c9cba2be7c6c61ef91d722d27a55abb5eef371c Mon Sep 17 00:00:00 2001 From: Oli Scherer Date: Tue, 26 Mar 2024 09:35:38 +0000 Subject: [PATCH] Validate nested static items --- .../src/interpret/validity.rs | 26 +++++-- tests/crashes/122548.rs | 17 ----- .../miri_unleashed/mutable_references.rs | 2 + .../miri_unleashed/mutable_references.stderr | 52 ++++++++++---- .../static-no-inner-mut.32bit.stderr | 68 ++++++++++++------- .../static-no-inner-mut.64bit.stderr | 68 ++++++++++++------- .../miri_unleashed/static-no-inner-mut.rs | 2 + tests/ui/statics/mutable_memory_validation.rs | 21 ++++++ .../statics/mutable_memory_validation.stderr | 14 ++++ 9 files changed, 185 insertions(+), 85 deletions(-) delete mode 100644 tests/crashes/122548.rs create mode 100644 tests/ui/statics/mutable_memory_validation.rs create mode 100644 tests/ui/statics/mutable_memory_validation.stderr diff --git a/compiler/rustc_const_eval/src/interpret/validity.rs b/compiler/rustc_const_eval/src/interpret/validity.rs index 9911c59d4b8..920cf68aa62 100644 --- a/compiler/rustc_const_eval/src/interpret/validity.rs +++ b/compiler/rustc_const_eval/src/interpret/validity.rs @@ -457,6 +457,10 @@ impl<'rt, 'mir, 'tcx: 'mir, M: Machine<'mir, 'tcx>> ValidityVisitor<'rt, 'mir, ' // Special handling for pointers to statics (irrespective of their type). assert!(!self.ecx.tcx.is_thread_local_static(did)); assert!(self.ecx.tcx.is_static(did)); + let DefKind::Static { mutability, nested } = self.ecx.tcx.def_kind(did) + else { + bug!() + }; // Mode-specific checks match self.ctfe_mode { Some( @@ -471,7 +475,11 @@ impl<'rt, 'mir, 'tcx: 'mir, M: Machine<'mir, 'tcx>> ValidityVisitor<'rt, 'mir, ' // trigger cycle errors if we try to compute the value of the other static // and that static refers back to us (potentially through a promoted). // This could miss some UB, but that's fine. - skip_recursive_check = true; + // We still walk nested allocations, as they are fundamentally part of this validation run. + // This means we will also recurse into nested statics of *other* + // statics, even though we do not recurse into other statics directly. + // That's somewhat inconsistent but harmless. + skip_recursive_check = !nested; } Some(CtfeValidationMode::Const { .. }) => { // We can't recursively validate `extern static`, so we better reject them. @@ -483,10 +491,6 @@ impl<'rt, 'mir, 'tcx: 'mir, M: Machine<'mir, 'tcx>> ValidityVisitor<'rt, 'mir, ' } // Return alloc mutability. For "root" statics we look at the type to account for interior // mutability; for nested statics we have no type and directly use the annotated mutability. - let DefKind::Static { mutability, nested } = self.ecx.tcx.def_kind(did) - else { - bug!() - }; match (mutability, nested) { (Mutability::Mut, _) => Mutability::Mut, (Mutability::Not, true) => Mutability::Not, @@ -709,8 +713,16 @@ impl<'rt, 'mir, 'tcx: 'mir, M: Machine<'mir, 'tcx>> ValidityVisitor<'rt, 'mir, ' if let Some(mplace) = op.as_mplace_or_imm().left() { if let Some(alloc_id) = mplace.ptr().provenance.and_then(|p| p.get_alloc_id()) { let mutability = match self.ecx.tcx.global_alloc(alloc_id) { - GlobalAlloc::Static(_) => { - self.ecx.memory.alloc_map.get(alloc_id).unwrap().1.mutability + GlobalAlloc::Static(did) => { + let DefKind::Static { mutability, nested } = self.ecx.tcx.def_kind(did) + else { + bug!() + }; + if nested { + mutability + } else { + self.ecx.memory.alloc_map.get(alloc_id).unwrap().1.mutability + } } GlobalAlloc::Memory(alloc) => alloc.inner().mutability, _ => span_bug!(self.ecx.tcx.span, "not a memory allocation"), diff --git a/tests/crashes/122548.rs b/tests/crashes/122548.rs deleted file mode 100644 index 232ce5d4413..00000000000 --- a/tests/crashes/122548.rs +++ /dev/null @@ -1,17 +0,0 @@ -//@ known-bug: #122548 -#![feature(const_mut_refs)] -#![feature(const_refs_to_static)] - -use std::cell::UnsafeCell; - -struct Meh { - x: &'static UnsafeCell, -} - -const MUH: Meh = Meh { - x: &mut *(&READONLY as *const _ as *mut _), -}; - -static READONLY: i32 = 0; - -pub fn main() {} diff --git a/tests/ui/consts/miri_unleashed/mutable_references.rs b/tests/ui/consts/miri_unleashed/mutable_references.rs index 8878e8eccf1..b44443672c4 100644 --- a/tests/ui/consts/miri_unleashed/mutable_references.rs +++ b/tests/ui/consts/miri_unleashed/mutable_references.rs @@ -10,6 +10,7 @@ use std::cell::UnsafeCell; static FOO: &&mut u32 = &&mut 42; //~^ ERROR encountered mutable pointer in final value of static //~| WARNING this was previously accepted by the compiler +//~| ERROR it is undefined behavior to use this value static BAR: &mut () = &mut (); //~^ ERROR encountered mutable pointer in final value of static @@ -28,6 +29,7 @@ unsafe impl Sync for Meh {} static MEH: Meh = Meh { x: &UnsafeCell::new(42) }; //~^ ERROR encountered mutable pointer in final value of static //~| WARNING this was previously accepted by the compiler +//~| ERROR it is undefined behavior to use this value static OH_YES: &mut i32 = &mut 42; //~^ ERROR encountered mutable pointer in final value of static diff --git a/tests/ui/consts/miri_unleashed/mutable_references.stderr b/tests/ui/consts/miri_unleashed/mutable_references.stderr index 7122eb609f1..47a6b9c2274 100644 --- a/tests/ui/consts/miri_unleashed/mutable_references.stderr +++ b/tests/ui/consts/miri_unleashed/mutable_references.stderr @@ -12,8 +12,19 @@ note: the lint level is defined here LL | #![deny(const_eval_mutable_ptr_in_final_value)] | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +error[E0080]: it is undefined behavior to use this value + --> $DIR/mutable_references.rs:10:1 + | +LL | static FOO: &&mut u32 = &&mut 42; + | ^^^^^^^^^^^^^^^^^^^^^ constructing invalid value at .: encountered mutable reference or box pointing to read-only memory + | + = note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior. + = note: the raw bytes of the constant (size: $SIZE, align: $ALIGN) { + HEX_DUMP + } + error: encountered mutable pointer in final value of static - --> $DIR/mutable_references.rs:14:1 + --> $DIR/mutable_references.rs:15:1 | LL | static BAR: &mut () = &mut (); | ^^^^^^^^^^^^^^^^^^^ @@ -22,7 +33,7 @@ LL | static BAR: &mut () = &mut (); = note: for more information, see issue #122153 error: encountered mutable pointer in final value of static - --> $DIR/mutable_references.rs:20:1 + --> $DIR/mutable_references.rs:21:1 | LL | static BOO: &mut Foo<()> = &mut Foo(()); | ^^^^^^^^^^^^^^^^^^^^^^^^ @@ -31,7 +42,7 @@ LL | static BOO: &mut Foo<()> = &mut Foo(()); = note: for more information, see issue #122153 error: encountered mutable pointer in final value of static - --> $DIR/mutable_references.rs:28:1 + --> $DIR/mutable_references.rs:29:1 | LL | static MEH: Meh = Meh { x: &UnsafeCell::new(42) }; | ^^^^^^^^^^^^^^^ @@ -39,8 +50,19 @@ LL | static MEH: Meh = Meh { x: &UnsafeCell::new(42) }; = warning: this was previously accepted by the compiler but is being phased out; it will become a hard error in a future release! = note: for more information, see issue #122153 +error[E0080]: it is undefined behavior to use this value + --> $DIR/mutable_references.rs:29:1 + | +LL | static MEH: Meh = Meh { x: &UnsafeCell::new(42) }; + | ^^^^^^^^^^^^^^^ constructing invalid value at .x.: encountered `UnsafeCell` in read-only memory + | + = note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior. + = note: the raw bytes of the constant (size: $SIZE, align: $ALIGN) { + HEX_DUMP + } + error: encountered mutable pointer in final value of static - --> $DIR/mutable_references.rs:32:1 + --> $DIR/mutable_references.rs:34:1 | LL | static OH_YES: &mut i32 = &mut 42; | ^^^^^^^^^^^^^^^^^^^^^^^ @@ -49,7 +71,7 @@ LL | static OH_YES: &mut i32 = &mut 42; = note: for more information, see issue #122153 error[E0080]: it is undefined behavior to use this value - --> $DIR/mutable_references.rs:32:1 + --> $DIR/mutable_references.rs:34:1 | LL | static OH_YES: &mut i32 = &mut 42; | ^^^^^^^^^^^^^^^^^^^^^^^ constructing invalid value: encountered mutable reference or box pointing to read-only memory @@ -60,7 +82,7 @@ LL | static OH_YES: &mut i32 = &mut 42; } error[E0594]: cannot assign to `*OH_YES`, as `OH_YES` is an immutable static item - --> $DIR/mutable_references.rs:41:5 + --> $DIR/mutable_references.rs:43:5 | LL | *OH_YES = 99; | ^^^^^^^^^^^^ cannot assign @@ -73,27 +95,27 @@ help: skipping check that does not even have a feature gate LL | static FOO: &&mut u32 = &&mut 42; | ^^^^^^^ help: skipping check that does not even have a feature gate - --> $DIR/mutable_references.rs:14:23 + --> $DIR/mutable_references.rs:15:23 | LL | static BAR: &mut () = &mut (); | ^^^^^^^ help: skipping check that does not even have a feature gate - --> $DIR/mutable_references.rs:20:28 + --> $DIR/mutable_references.rs:21:28 | LL | static BOO: &mut Foo<()> = &mut Foo(()); | ^^^^^^^^^^^^ help: skipping check that does not even have a feature gate - --> $DIR/mutable_references.rs:28:28 + --> $DIR/mutable_references.rs:29:28 | LL | static MEH: Meh = Meh { x: &UnsafeCell::new(42) }; | ^^^^^^^^^^^^^^^^^^^^ help: skipping check that does not even have a feature gate - --> $DIR/mutable_references.rs:32:27 + --> $DIR/mutable_references.rs:34:27 | LL | static OH_YES: &mut i32 = &mut 42; | ^^^^^^^ -error: aborting due to 7 previous errors; 1 warning emitted +error: aborting due to 9 previous errors; 1 warning emitted Some errors have detailed explanations: E0080, E0594. For more information about an error, try `rustc --explain E0080`. @@ -114,7 +136,7 @@ LL | #![deny(const_eval_mutable_ptr_in_final_value)] Future breakage diagnostic: error: encountered mutable pointer in final value of static - --> $DIR/mutable_references.rs:14:1 + --> $DIR/mutable_references.rs:15:1 | LL | static BAR: &mut () = &mut (); | ^^^^^^^^^^^^^^^^^^^ @@ -129,7 +151,7 @@ LL | #![deny(const_eval_mutable_ptr_in_final_value)] Future breakage diagnostic: error: encountered mutable pointer in final value of static - --> $DIR/mutable_references.rs:20:1 + --> $DIR/mutable_references.rs:21:1 | LL | static BOO: &mut Foo<()> = &mut Foo(()); | ^^^^^^^^^^^^^^^^^^^^^^^^ @@ -144,7 +166,7 @@ LL | #![deny(const_eval_mutable_ptr_in_final_value)] Future breakage diagnostic: error: encountered mutable pointer in final value of static - --> $DIR/mutable_references.rs:28:1 + --> $DIR/mutable_references.rs:29:1 | LL | static MEH: Meh = Meh { x: &UnsafeCell::new(42) }; | ^^^^^^^^^^^^^^^ @@ -159,7 +181,7 @@ LL | #![deny(const_eval_mutable_ptr_in_final_value)] Future breakage diagnostic: error: encountered mutable pointer in final value of static - --> $DIR/mutable_references.rs:32:1 + --> $DIR/mutable_references.rs:34:1 | LL | static OH_YES: &mut i32 = &mut 42; | ^^^^^^^^^^^^^^^^^^^^^^^ diff --git a/tests/ui/consts/miri_unleashed/static-no-inner-mut.32bit.stderr b/tests/ui/consts/miri_unleashed/static-no-inner-mut.32bit.stderr index 85ed6cbd538..6fa577c1ee1 100644 --- a/tests/ui/consts/miri_unleashed/static-no-inner-mut.32bit.stderr +++ b/tests/ui/consts/miri_unleashed/static-no-inner-mut.32bit.stderr @@ -12,8 +12,19 @@ note: the lint level is defined here LL | #![deny(const_eval_mutable_ptr_in_final_value)] | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +error[E0080]: it is undefined behavior to use this value + --> $DIR/static-no-inner-mut.rs:9:1 + | +LL | static REF: &AtomicI32 = &AtomicI32::new(42); + | ^^^^^^^^^^^^^^^^^^^^^^ constructing invalid value at ..v: encountered `UnsafeCell` in read-only memory + | + = note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior. + = note: the raw bytes of the constant (size: 4, align: 4) { + ╾ALLOC0╼ │ ╾──╼ + } + error: encountered mutable pointer in final value of static - --> $DIR/static-no-inner-mut.rs:13:1 + --> $DIR/static-no-inner-mut.rs:14:1 | LL | static REFMUT: &mut i32 = &mut 0; | ^^^^^^^^^^^^^^^^^^^^^^^ @@ -22,18 +33,18 @@ LL | static REFMUT: &mut i32 = &mut 0; = note: for more information, see issue #122153 error[E0080]: it is undefined behavior to use this value - --> $DIR/static-no-inner-mut.rs:13:1 + --> $DIR/static-no-inner-mut.rs:14:1 | LL | static REFMUT: &mut i32 = &mut 0; | ^^^^^^^^^^^^^^^^^^^^^^^ constructing invalid value: encountered mutable reference or box pointing to read-only memory | = note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior. = note: the raw bytes of the constant (size: 4, align: 4) { - ╾ALLOC0╼ │ ╾──╼ + ╾ALLOC1╼ │ ╾──╼ } error: encountered mutable pointer in final value of static - --> $DIR/static-no-inner-mut.rs:19:1 + --> $DIR/static-no-inner-mut.rs:20:1 | LL | static REF2: &AtomicI32 = {let x = AtomicI32::new(42); &{x}}; | ^^^^^^^^^^^^^^^^^^^^^^^ @@ -41,8 +52,19 @@ LL | static REF2: &AtomicI32 = {let x = AtomicI32::new(42); &{x}}; = warning: this was previously accepted by the compiler but is being phased out; it will become a hard error in a future release! = note: for more information, see issue #122153 +error[E0080]: it is undefined behavior to use this value + --> $DIR/static-no-inner-mut.rs:20:1 + | +LL | static REF2: &AtomicI32 = {let x = AtomicI32::new(42); &{x}}; + | ^^^^^^^^^^^^^^^^^^^^^^^ constructing invalid value at ..v: encountered `UnsafeCell` in read-only memory + | + = note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior. + = note: the raw bytes of the constant (size: 4, align: 4) { + ╾ALLOC2╼ │ ╾──╼ + } + error: encountered mutable pointer in final value of static - --> $DIR/static-no-inner-mut.rs:23:1 + --> $DIR/static-no-inner-mut.rs:25:1 | LL | static REFMUT2: &mut i32 = {let mut x = 0; &mut {x}}; | ^^^^^^^^^^^^^^^^^^^^^^^^ @@ -51,18 +73,18 @@ LL | static REFMUT2: &mut i32 = {let mut x = 0; &mut {x}}; = note: for more information, see issue #122153 error[E0080]: it is undefined behavior to use this value - --> $DIR/static-no-inner-mut.rs:23:1 + --> $DIR/static-no-inner-mut.rs:25:1 | LL | static REFMUT2: &mut i32 = {let mut x = 0; &mut {x}}; | ^^^^^^^^^^^^^^^^^^^^^^^^ constructing invalid value: encountered mutable reference or box pointing to read-only memory | = note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior. = note: the raw bytes of the constant (size: 4, align: 4) { - ╾ALLOC1╼ │ ╾──╼ + ╾ALLOC3╼ │ ╾──╼ } error: encountered mutable pointer in final value of static - --> $DIR/static-no-inner-mut.rs:41:1 + --> $DIR/static-no-inner-mut.rs:43:1 | LL | static RAW_SYNC: SyncPtr = SyncPtr { x: &AtomicI32::new(42) }; | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ @@ -71,7 +93,7 @@ LL | static RAW_SYNC: SyncPtr = SyncPtr { x: &AtomicI32::new(42) }; = note: for more information, see issue #122153 error: encountered mutable pointer in final value of static - --> $DIR/static-no-inner-mut.rs:45:1 + --> $DIR/static-no-inner-mut.rs:47:1 | LL | static RAW_MUT_CAST: SyncPtr = SyncPtr { x : &mut 42 as *mut _ as *const _ }; | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ @@ -80,7 +102,7 @@ LL | static RAW_MUT_CAST: SyncPtr = SyncPtr { x : &mut 42 as *mut _ as *con = note: for more information, see issue #122153 error: encountered mutable pointer in final value of static - --> $DIR/static-no-inner-mut.rs:49:1 + --> $DIR/static-no-inner-mut.rs:51:1 | LL | static RAW_MUT_COERCE: SyncPtr = SyncPtr { x: &mut 0 }; | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ @@ -96,37 +118,37 @@ help: skipping check that does not even have a feature gate LL | static REF: &AtomicI32 = &AtomicI32::new(42); | ^^^^^^^^^^^^^^^^^^^ help: skipping check that does not even have a feature gate - --> $DIR/static-no-inner-mut.rs:13:27 + --> $DIR/static-no-inner-mut.rs:14:27 | LL | static REFMUT: &mut i32 = &mut 0; | ^^^^^^ help: skipping check that does not even have a feature gate - --> $DIR/static-no-inner-mut.rs:19:56 + --> $DIR/static-no-inner-mut.rs:20:56 | LL | static REF2: &AtomicI32 = {let x = AtomicI32::new(42); &{x}}; | ^^^^ help: skipping check that does not even have a feature gate - --> $DIR/static-no-inner-mut.rs:23:44 + --> $DIR/static-no-inner-mut.rs:25:44 | LL | static REFMUT2: &mut i32 = {let mut x = 0; &mut {x}}; | ^^^^^^^^ help: skipping check that does not even have a feature gate - --> $DIR/static-no-inner-mut.rs:41:52 + --> $DIR/static-no-inner-mut.rs:43:52 | LL | static RAW_SYNC: SyncPtr = SyncPtr { x: &AtomicI32::new(42) }; | ^^^^^^^^^^^^^^^^^^^ help: skipping check that does not even have a feature gate - --> $DIR/static-no-inner-mut.rs:45:51 + --> $DIR/static-no-inner-mut.rs:47:51 | LL | static RAW_MUT_CAST: SyncPtr = SyncPtr { x : &mut 42 as *mut _ as *const _ }; | ^^^^^^^ help: skipping check that does not even have a feature gate - --> $DIR/static-no-inner-mut.rs:49:52 + --> $DIR/static-no-inner-mut.rs:51:52 | LL | static RAW_MUT_COERCE: SyncPtr = SyncPtr { x: &mut 0 }; | ^^^^^^ -error: aborting due to 9 previous errors; 1 warning emitted +error: aborting due to 11 previous errors; 1 warning emitted For more information about this error, try `rustc --explain E0080`. Future incompatibility report: Future breakage diagnostic: @@ -146,7 +168,7 @@ LL | #![deny(const_eval_mutable_ptr_in_final_value)] Future breakage diagnostic: error: encountered mutable pointer in final value of static - --> $DIR/static-no-inner-mut.rs:13:1 + --> $DIR/static-no-inner-mut.rs:14:1 | LL | static REFMUT: &mut i32 = &mut 0; | ^^^^^^^^^^^^^^^^^^^^^^^ @@ -161,7 +183,7 @@ LL | #![deny(const_eval_mutable_ptr_in_final_value)] Future breakage diagnostic: error: encountered mutable pointer in final value of static - --> $DIR/static-no-inner-mut.rs:19:1 + --> $DIR/static-no-inner-mut.rs:20:1 | LL | static REF2: &AtomicI32 = {let x = AtomicI32::new(42); &{x}}; | ^^^^^^^^^^^^^^^^^^^^^^^ @@ -176,7 +198,7 @@ LL | #![deny(const_eval_mutable_ptr_in_final_value)] Future breakage diagnostic: error: encountered mutable pointer in final value of static - --> $DIR/static-no-inner-mut.rs:23:1 + --> $DIR/static-no-inner-mut.rs:25:1 | LL | static REFMUT2: &mut i32 = {let mut x = 0; &mut {x}}; | ^^^^^^^^^^^^^^^^^^^^^^^^ @@ -191,7 +213,7 @@ LL | #![deny(const_eval_mutable_ptr_in_final_value)] Future breakage diagnostic: error: encountered mutable pointer in final value of static - --> $DIR/static-no-inner-mut.rs:41:1 + --> $DIR/static-no-inner-mut.rs:43:1 | LL | static RAW_SYNC: SyncPtr = SyncPtr { x: &AtomicI32::new(42) }; | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ @@ -206,7 +228,7 @@ LL | #![deny(const_eval_mutable_ptr_in_final_value)] Future breakage diagnostic: error: encountered mutable pointer in final value of static - --> $DIR/static-no-inner-mut.rs:45:1 + --> $DIR/static-no-inner-mut.rs:47:1 | LL | static RAW_MUT_CAST: SyncPtr = SyncPtr { x : &mut 42 as *mut _ as *const _ }; | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ @@ -221,7 +243,7 @@ LL | #![deny(const_eval_mutable_ptr_in_final_value)] Future breakage diagnostic: error: encountered mutable pointer in final value of static - --> $DIR/static-no-inner-mut.rs:49:1 + --> $DIR/static-no-inner-mut.rs:51:1 | LL | static RAW_MUT_COERCE: SyncPtr = SyncPtr { x: &mut 0 }; | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ diff --git a/tests/ui/consts/miri_unleashed/static-no-inner-mut.64bit.stderr b/tests/ui/consts/miri_unleashed/static-no-inner-mut.64bit.stderr index 5aa1cd0b15f..e6e81ce648d 100644 --- a/tests/ui/consts/miri_unleashed/static-no-inner-mut.64bit.stderr +++ b/tests/ui/consts/miri_unleashed/static-no-inner-mut.64bit.stderr @@ -12,8 +12,19 @@ note: the lint level is defined here LL | #![deny(const_eval_mutable_ptr_in_final_value)] | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +error[E0080]: it is undefined behavior to use this value + --> $DIR/static-no-inner-mut.rs:9:1 + | +LL | static REF: &AtomicI32 = &AtomicI32::new(42); + | ^^^^^^^^^^^^^^^^^^^^^^ constructing invalid value at ..v: encountered `UnsafeCell` in read-only memory + | + = note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior. + = note: the raw bytes of the constant (size: 8, align: 8) { + ╾ALLOC0╼ │ ╾──────╼ + } + error: encountered mutable pointer in final value of static - --> $DIR/static-no-inner-mut.rs:13:1 + --> $DIR/static-no-inner-mut.rs:14:1 | LL | static REFMUT: &mut i32 = &mut 0; | ^^^^^^^^^^^^^^^^^^^^^^^ @@ -22,18 +33,18 @@ LL | static REFMUT: &mut i32 = &mut 0; = note: for more information, see issue #122153 error[E0080]: it is undefined behavior to use this value - --> $DIR/static-no-inner-mut.rs:13:1 + --> $DIR/static-no-inner-mut.rs:14:1 | LL | static REFMUT: &mut i32 = &mut 0; | ^^^^^^^^^^^^^^^^^^^^^^^ constructing invalid value: encountered mutable reference or box pointing to read-only memory | = note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior. = note: the raw bytes of the constant (size: 8, align: 8) { - ╾ALLOC0╼ │ ╾──────╼ + ╾ALLOC1╼ │ ╾──────╼ } error: encountered mutable pointer in final value of static - --> $DIR/static-no-inner-mut.rs:19:1 + --> $DIR/static-no-inner-mut.rs:20:1 | LL | static REF2: &AtomicI32 = {let x = AtomicI32::new(42); &{x}}; | ^^^^^^^^^^^^^^^^^^^^^^^ @@ -41,8 +52,19 @@ LL | static REF2: &AtomicI32 = {let x = AtomicI32::new(42); &{x}}; = warning: this was previously accepted by the compiler but is being phased out; it will become a hard error in a future release! = note: for more information, see issue #122153 +error[E0080]: it is undefined behavior to use this value + --> $DIR/static-no-inner-mut.rs:20:1 + | +LL | static REF2: &AtomicI32 = {let x = AtomicI32::new(42); &{x}}; + | ^^^^^^^^^^^^^^^^^^^^^^^ constructing invalid value at ..v: encountered `UnsafeCell` in read-only memory + | + = note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior. + = note: the raw bytes of the constant (size: 8, align: 8) { + ╾ALLOC2╼ │ ╾──────╼ + } + error: encountered mutable pointer in final value of static - --> $DIR/static-no-inner-mut.rs:23:1 + --> $DIR/static-no-inner-mut.rs:25:1 | LL | static REFMUT2: &mut i32 = {let mut x = 0; &mut {x}}; | ^^^^^^^^^^^^^^^^^^^^^^^^ @@ -51,18 +73,18 @@ LL | static REFMUT2: &mut i32 = {let mut x = 0; &mut {x}}; = note: for more information, see issue #122153 error[E0080]: it is undefined behavior to use this value - --> $DIR/static-no-inner-mut.rs:23:1 + --> $DIR/static-no-inner-mut.rs:25:1 | LL | static REFMUT2: &mut i32 = {let mut x = 0; &mut {x}}; | ^^^^^^^^^^^^^^^^^^^^^^^^ constructing invalid value: encountered mutable reference or box pointing to read-only memory | = note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior. = note: the raw bytes of the constant (size: 8, align: 8) { - ╾ALLOC1╼ │ ╾──────╼ + ╾ALLOC3╼ │ ╾──────╼ } error: encountered mutable pointer in final value of static - --> $DIR/static-no-inner-mut.rs:41:1 + --> $DIR/static-no-inner-mut.rs:43:1 | LL | static RAW_SYNC: SyncPtr = SyncPtr { x: &AtomicI32::new(42) }; | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ @@ -71,7 +93,7 @@ LL | static RAW_SYNC: SyncPtr = SyncPtr { x: &AtomicI32::new(42) }; = note: for more information, see issue #122153 error: encountered mutable pointer in final value of static - --> $DIR/static-no-inner-mut.rs:45:1 + --> $DIR/static-no-inner-mut.rs:47:1 | LL | static RAW_MUT_CAST: SyncPtr = SyncPtr { x : &mut 42 as *mut _ as *const _ }; | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ @@ -80,7 +102,7 @@ LL | static RAW_MUT_CAST: SyncPtr = SyncPtr { x : &mut 42 as *mut _ as *con = note: for more information, see issue #122153 error: encountered mutable pointer in final value of static - --> $DIR/static-no-inner-mut.rs:49:1 + --> $DIR/static-no-inner-mut.rs:51:1 | LL | static RAW_MUT_COERCE: SyncPtr = SyncPtr { x: &mut 0 }; | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ @@ -96,37 +118,37 @@ help: skipping check that does not even have a feature gate LL | static REF: &AtomicI32 = &AtomicI32::new(42); | ^^^^^^^^^^^^^^^^^^^ help: skipping check that does not even have a feature gate - --> $DIR/static-no-inner-mut.rs:13:27 + --> $DIR/static-no-inner-mut.rs:14:27 | LL | static REFMUT: &mut i32 = &mut 0; | ^^^^^^ help: skipping check that does not even have a feature gate - --> $DIR/static-no-inner-mut.rs:19:56 + --> $DIR/static-no-inner-mut.rs:20:56 | LL | static REF2: &AtomicI32 = {let x = AtomicI32::new(42); &{x}}; | ^^^^ help: skipping check that does not even have a feature gate - --> $DIR/static-no-inner-mut.rs:23:44 + --> $DIR/static-no-inner-mut.rs:25:44 | LL | static REFMUT2: &mut i32 = {let mut x = 0; &mut {x}}; | ^^^^^^^^ help: skipping check that does not even have a feature gate - --> $DIR/static-no-inner-mut.rs:41:52 + --> $DIR/static-no-inner-mut.rs:43:52 | LL | static RAW_SYNC: SyncPtr = SyncPtr { x: &AtomicI32::new(42) }; | ^^^^^^^^^^^^^^^^^^^ help: skipping check that does not even have a feature gate - --> $DIR/static-no-inner-mut.rs:45:51 + --> $DIR/static-no-inner-mut.rs:47:51 | LL | static RAW_MUT_CAST: SyncPtr = SyncPtr { x : &mut 42 as *mut _ as *const _ }; | ^^^^^^^ help: skipping check that does not even have a feature gate - --> $DIR/static-no-inner-mut.rs:49:52 + --> $DIR/static-no-inner-mut.rs:51:52 | LL | static RAW_MUT_COERCE: SyncPtr = SyncPtr { x: &mut 0 }; | ^^^^^^ -error: aborting due to 9 previous errors; 1 warning emitted +error: aborting due to 11 previous errors; 1 warning emitted For more information about this error, try `rustc --explain E0080`. Future incompatibility report: Future breakage diagnostic: @@ -146,7 +168,7 @@ LL | #![deny(const_eval_mutable_ptr_in_final_value)] Future breakage diagnostic: error: encountered mutable pointer in final value of static - --> $DIR/static-no-inner-mut.rs:13:1 + --> $DIR/static-no-inner-mut.rs:14:1 | LL | static REFMUT: &mut i32 = &mut 0; | ^^^^^^^^^^^^^^^^^^^^^^^ @@ -161,7 +183,7 @@ LL | #![deny(const_eval_mutable_ptr_in_final_value)] Future breakage diagnostic: error: encountered mutable pointer in final value of static - --> $DIR/static-no-inner-mut.rs:19:1 + --> $DIR/static-no-inner-mut.rs:20:1 | LL | static REF2: &AtomicI32 = {let x = AtomicI32::new(42); &{x}}; | ^^^^^^^^^^^^^^^^^^^^^^^ @@ -176,7 +198,7 @@ LL | #![deny(const_eval_mutable_ptr_in_final_value)] Future breakage diagnostic: error: encountered mutable pointer in final value of static - --> $DIR/static-no-inner-mut.rs:23:1 + --> $DIR/static-no-inner-mut.rs:25:1 | LL | static REFMUT2: &mut i32 = {let mut x = 0; &mut {x}}; | ^^^^^^^^^^^^^^^^^^^^^^^^ @@ -191,7 +213,7 @@ LL | #![deny(const_eval_mutable_ptr_in_final_value)] Future breakage diagnostic: error: encountered mutable pointer in final value of static - --> $DIR/static-no-inner-mut.rs:41:1 + --> $DIR/static-no-inner-mut.rs:43:1 | LL | static RAW_SYNC: SyncPtr = SyncPtr { x: &AtomicI32::new(42) }; | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ @@ -206,7 +228,7 @@ LL | #![deny(const_eval_mutable_ptr_in_final_value)] Future breakage diagnostic: error: encountered mutable pointer in final value of static - --> $DIR/static-no-inner-mut.rs:45:1 + --> $DIR/static-no-inner-mut.rs:47:1 | LL | static RAW_MUT_CAST: SyncPtr = SyncPtr { x : &mut 42 as *mut _ as *const _ }; | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ @@ -221,7 +243,7 @@ LL | #![deny(const_eval_mutable_ptr_in_final_value)] Future breakage diagnostic: error: encountered mutable pointer in final value of static - --> $DIR/static-no-inner-mut.rs:49:1 + --> $DIR/static-no-inner-mut.rs:51:1 | LL | static RAW_MUT_COERCE: SyncPtr = SyncPtr { x: &mut 0 }; | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ diff --git a/tests/ui/consts/miri_unleashed/static-no-inner-mut.rs b/tests/ui/consts/miri_unleashed/static-no-inner-mut.rs index e82ca50d882..c423bf73a9b 100644 --- a/tests/ui/consts/miri_unleashed/static-no-inner-mut.rs +++ b/tests/ui/consts/miri_unleashed/static-no-inner-mut.rs @@ -9,6 +9,7 @@ use std::sync::atomic::*; static REF: &AtomicI32 = &AtomicI32::new(42); //~^ ERROR mutable pointer in final value //~| WARNING this was previously accepted by the compiler +//~| ERROR it is undefined behavior to use this value static REFMUT: &mut i32 = &mut 0; //~^ ERROR mutable pointer in final value @@ -19,6 +20,7 @@ static REFMUT: &mut i32 = &mut 0; static REF2: &AtomicI32 = {let x = AtomicI32::new(42); &{x}}; //~^ ERROR mutable pointer in final value //~| WARNING this was previously accepted by the compiler +//~| ERROR it is undefined behavior to use this value static REFMUT2: &mut i32 = {let mut x = 0; &mut {x}}; //~^ ERROR mutable pointer in final value diff --git a/tests/ui/statics/mutable_memory_validation.rs b/tests/ui/statics/mutable_memory_validation.rs new file mode 100644 index 00000000000..fcf6ad16277 --- /dev/null +++ b/tests/ui/statics/mutable_memory_validation.rs @@ -0,0 +1,21 @@ +//issue: rust-lang/rust#122548 + +// Strip out raw byte dumps to make comparison platform-independent: +//@ normalize-stderr-test "(the raw bytes of the constant) \(size: [0-9]*, align: [0-9]*\)" -> "$1 (size: $$SIZE, align: $$ALIGN)" +//@ normalize-stderr-test "([0-9a-f][0-9a-f] |╾─*A(LLOC)?[0-9]+(\+[a-z0-9]+)?()?─*╼ )+ *│.*" -> "HEX_DUMP" + +#![feature(const_mut_refs)] +#![feature(const_refs_to_static)] + +use std::cell::UnsafeCell; + +struct Meh { + x: &'static UnsafeCell, +} + +const MUH: Meh = Meh { x: unsafe { &mut *(&READONLY as *const _ as *mut _) } }; +//~^ ERROR: it is undefined behavior to use this value + +static READONLY: i32 = 0; + +pub fn main() {} diff --git a/tests/ui/statics/mutable_memory_validation.stderr b/tests/ui/statics/mutable_memory_validation.stderr new file mode 100644 index 00000000000..f21269235e9 --- /dev/null +++ b/tests/ui/statics/mutable_memory_validation.stderr @@ -0,0 +1,14 @@ +error[E0080]: it is undefined behavior to use this value + --> $DIR/mutable_memory_validation.rs:16:1 + | +LL | const MUH: Meh = Meh { x: unsafe { &mut *(&READONLY as *const _ as *mut _) } }; + | ^^^^^^^^^^^^^^ constructing invalid value at .x.: encountered `UnsafeCell` in read-only memory + | + = note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior. + = note: the raw bytes of the constant (size: $SIZE, align: $ALIGN) { + HEX_DUMP + } + +error: aborting due to 1 previous error + +For more information about this error, try `rustc --explain E0080`.