Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add a feature gate for allowing integers as the address of references in constants #72042

Closed
wants to merge 2 commits into from
Closed

Add a feature gate for allowing integers as the address of references in constants #72042

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
c5a0cd0
Add a feature gate for allowing integers as the address of references…
oli-obk May 9, 2020
398cca3
Address review comments
oli-obk May 11, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions src/librustc_feature/active.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -565,6 +565,9 @@ declare_features! (
/// Allow conditional compilation depending on rust version
(active, cfg_version, "1.45.0", Some(64796), None),

/// Allows constants of reference type to have integers for the address.
(active, const_int_ref, "1.45.0", Some(63197), None),
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shouldn't there be a dedicated tracking issue? Not sure what the usual process is.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We can change that issue to a tracking issue

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reading that issue, it contains so much unrelated discussion, I'd prefer a new clean tracking issue.


// -------------------------------------------------------------------------
// feature-group-end: actual feature gates
// -------------------------------------------------------------------------
Expand Down
34 changes: 26 additions & 8 deletions src/librustc_mir/interpret/validity.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -382,14 +382,25 @@ impl<'rt, 'mir, 'tcx: 'mir, M: Machine<'mir, 'tcx>> ValidityVisitor<'rt, 'mir, '
// alignment and size determined by the layout (size will be 0,
// alignment should take attributes into account).
.unwrap_or_else(|| (place.layout.size, place.layout.align.abi));

// Direct call to `check_ptr_access_align` checks alignment even on CTFE machines.
let ptr = self.ecx.memory.check_ptr_access_align(
place.ptr,
size,
Some(align),
CheckInAllocMsg::InboundsTest,
);
// In CTFE we allow integers as the address of references.
// See https://github.com/rust-lang/rust/issues/63197 for details.
if self.ref_tracking_for_consts.is_some() {
if let Err(InterpErrorInfo { kind: err_unsup!(ReadBytesAsPointer), ..}) = ptr {
if self.ecx.tcx.features().const_int_ref {
return Ok(());
}
}
}
let ptr: Option<_> = try_validation!(
self.ecx.memory.check_ptr_access_align(
place.ptr,
size,
Some(align),
CheckInAllocMsg::InboundsTest,
),
ptr,
self.path,
err_ub!(AlignmentCheckFailed { required, has }) =>
{
Expand All @@ -404,8 +415,15 @@ impl<'rt, 'mir, 'tcx: 'mir, M: Machine<'mir, 'tcx>> ValidityVisitor<'rt, 'mir, '
{ "a dangling {} (address 0x{:x} is unallocated)", kind, i },
err_ub!(PointerOutOfBounds { .. }) =>
{ "a dangling {} (going beyond the bounds of its allocation)", kind },
err_unsup!(ReadBytesAsPointer) =>
{ "a dangling {} (created from integer)", kind },
err_unsup!(ReadBytesAsPointer) => {
"a dangling {} (created from integer).{}",
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The . should also be moved to the nightly-only part.

kind,
if self.ecx.tcx.sess.opts.unstable_features.is_nightly_build() {
" Add `#![feature(const_int_ref)]` to the crate attributes to enable"
} else {
""
}
},
// This cannot happen during const-eval (because interning already detects
// dangling pointers), but it can happen in Miri.
err_ub!(PointerUseAfterFree(..)) =>
Expand Down
1 change: 1 addition & 0 deletions src/librustc_span/symbol.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -219,6 +219,7 @@ symbols! {
const_generics,
const_if_match,
const_indexing,
const_int_ref,
const_in_array_repeat_expressions,
const_let,
const_loop,
Expand Down
4 changes: 2 additions & 2 deletions src/test/ui/consts/const-eval/ub-ref.stderr
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -58,15 +58,15 @@ error[E0080]: it is undefined behavior to use this value
--> $DIR/ub-ref.rs:33:1
|
LL | const USIZE_AS_REF: &'static u8 = unsafe { mem::transmute(1337usize) };
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ type validation failed: encountered a dangling reference (created from integer)
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ type validation failed: encountered a dangling reference (created from integer). Add `#![feature(const_int_ref)]` to the crate attributes to enable
|
= note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior.

error[E0080]: it is undefined behavior to use this value
--> $DIR/ub-ref.rs:36:1
|
LL | const USIZE_AS_BOX: Box<u8> = unsafe { mem::transmute(1337usize) };
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ type validation failed: encountered a dangling box (created from integer)
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ type validation failed: encountered a dangling box (created from integer). Add `#![feature(const_int_ref)]` to the crate attributes to enable
|
= note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior.

Expand Down
17 changes: 17 additions & 0 deletions src/test/ui/consts/const-int-ref.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
// gate-test-const_int_refs
// revisions: gated vanilla

//[gated] check-pass

#![cfg_attr(gated, feature(const_int_ref))]

#[repr(C)]
union Transmute {
int: usize,
ptr: &'static i32
}

const GPIO: &i32 = unsafe { Transmute { int: 0x800 }.ptr };
//[vanilla]~^ ERROR it is undefined behavior

fn main() {}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please add a test making sure we still catch NULL and unaligned references.

15 changes: 15 additions & 0 deletions src/test/ui/consts/const-int-ref.stderr
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
error[E0601]: `main` function not found in crate `const_int_ref`
--> $DIR/const-int-ref.rs:3:1
|
LL | / #[repr(C)]
LL | | union Transmute {
LL | | int: usize,
LL | | ptr: &'static i32
LL | | }
LL | |
LL | | const GPIO: &i32 = unsafe { Transmute { int: 0x800 }.ptr };
| |___________________________________________________________^ consider adding a `main` function to `$DIR/const-int-ref.rs`

error: aborting due to previous error

For more information about this error, try `rustc --explain E0601`.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This file shouldn't exist, right? It doesn't belong to any revision.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

hmm... I thought tidy warns us about such files. Yea this is leftover from a previous non-rev version

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think tidy doesn't understand revisions, it warns only about entirely stale stderr files.

11 changes: 11 additions & 0 deletions src/test/ui/consts/const-int-ref.vanilla.stderr
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
error[E0080]: it is undefined behavior to use this value
--> $DIR/const-int-ref.rs:14:1
|
LL | const GPIO: &i32 = unsafe { Transmute { int: 0x800 }.ptr };
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ type validation failed: encountered a dangling reference (created from integer). Add `#![feature(const_int_ref)]` to the crate attributes to enable
|
= note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior.

error: aborting due to previous error

For more information about this error, try `rustc --explain E0080`.