2018-10-29 21:04:56 +01:00
|
|
|
// Test various stacked-borrows-related things.
|
|
|
|
fn main() {
|
2018-11-05 16:05:17 +01:00
|
|
|
read_does_not_invalidate1();
|
|
|
|
read_does_not_invalidate2();
|
2018-11-07 14:56:25 +01:00
|
|
|
ref_raw_int_raw();
|
2018-11-07 21:08:34 +01:00
|
|
|
mut_raw_then_mut_shr();
|
2018-11-22 16:26:06 +01:00
|
|
|
mut_shr_then_mut_raw();
|
2018-11-07 21:08:20 +01:00
|
|
|
mut_raw_mut();
|
2018-11-21 16:08:46 +01:00
|
|
|
partially_invalidate_mut();
|
2018-11-22 16:26:06 +01:00
|
|
|
drop_after_sharing();
|
2018-12-07 18:01:23 +01:00
|
|
|
direct_mut_to_const_raw();
|
2019-04-17 14:28:45 +02:00
|
|
|
two_raw();
|
2019-04-17 16:02:42 +02:00
|
|
|
shr_and_raw();
|
2019-11-05 11:05:02 +01:00
|
|
|
disjoint_mutable_subborrows();
|
2018-10-29 21:04:56 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
// Make sure that reading from an `&mut` does, like reborrowing to `&`,
|
|
|
|
// NOT invalidate other reborrows.
|
2018-11-05 16:05:17 +01:00
|
|
|
fn read_does_not_invalidate1() {
|
2018-10-29 21:04:56 +01:00
|
|
|
fn foo(x: &mut (i32, i32)) -> &i32 {
|
|
|
|
let xraw = x as *mut (i32, i32);
|
|
|
|
let ret = unsafe { &(*xraw).1 };
|
|
|
|
let _val = x.1; // we just read, this does NOT invalidate the reborrows.
|
|
|
|
ret
|
|
|
|
}
|
2018-11-07 14:56:25 +01:00
|
|
|
assert_eq!(*foo(&mut (1, 2)), 2);
|
2018-11-05 16:05:17 +01:00
|
|
|
}
|
|
|
|
// Same as above, but this time we first create a raw, then read from `&mut`
|
|
|
|
// and then freeze from the raw.
|
|
|
|
fn read_does_not_invalidate2() {
|
|
|
|
fn foo(x: &mut (i32, i32)) -> &i32 {
|
|
|
|
let xraw = x as *mut (i32, i32);
|
|
|
|
let _val = x.1; // we just read, this does NOT invalidate the raw reborrow.
|
|
|
|
let ret = unsafe { &(*xraw).1 };
|
|
|
|
ret
|
|
|
|
}
|
2018-11-07 14:56:25 +01:00
|
|
|
assert_eq!(*foo(&mut (1, 2)), 2);
|
|
|
|
}
|
|
|
|
|
|
|
|
// Just to make sure that casting a ref to raw, to int and back to raw
|
2019-02-16 01:43:56 +00:00
|
|
|
// and only then using it works. This rules out ideas like "do escape-to-raw lazily";
|
|
|
|
// after casting to int and back, we lost the tag that could have let us do that.
|
2018-11-07 14:56:25 +01:00
|
|
|
fn ref_raw_int_raw() {
|
|
|
|
let mut x = 3;
|
|
|
|
let xref = &mut x;
|
|
|
|
let xraw = xref as *mut i32 as usize as *mut i32;
|
|
|
|
assert_eq!(unsafe { *xraw }, 3);
|
2018-10-29 21:04:56 +01:00
|
|
|
}
|
2018-11-07 21:08:34 +01:00
|
|
|
|
|
|
|
// Escape a mut to raw, then share the same mut and use the share, then the raw.
|
|
|
|
// That should work.
|
|
|
|
fn mut_raw_then_mut_shr() {
|
|
|
|
let mut x = 2;
|
2018-11-20 12:41:34 +01:00
|
|
|
let xref = &mut x;
|
|
|
|
let xraw = &mut *xref as *mut _;
|
|
|
|
let xshr = &*xref;
|
|
|
|
assert_eq!(*xshr, 2);
|
|
|
|
unsafe { *xraw = 4; }
|
2018-11-07 21:08:34 +01:00
|
|
|
assert_eq!(x, 4);
|
|
|
|
}
|
2018-11-07 21:08:20 +01:00
|
|
|
|
2018-11-22 16:26:06 +01:00
|
|
|
// Create first a shared reference and then a raw pointer from a `&mut`
|
|
|
|
// should permit mutation through that raw pointer.
|
|
|
|
fn mut_shr_then_mut_raw() {
|
|
|
|
let xref = &mut 2;
|
|
|
|
let _xshr = &*xref;
|
|
|
|
let xraw = xref as *mut _;
|
|
|
|
unsafe { *xraw = 3; }
|
|
|
|
assert_eq!(*xref, 3);
|
|
|
|
}
|
|
|
|
|
2018-11-07 21:08:20 +01:00
|
|
|
// Ensure that if we derive from a mut a raw, and then from that a mut,
|
|
|
|
// and then read through the original mut, that does not invalidate the raw.
|
|
|
|
// This shows that the read-exception for `&mut` applies even if the `Shr` item
|
|
|
|
// on the stack is not at the top.
|
|
|
|
fn mut_raw_mut() {
|
|
|
|
let mut x = 2;
|
|
|
|
{
|
|
|
|
let xref1 = &mut x;
|
|
|
|
let xraw = xref1 as *mut _;
|
|
|
|
let _xref2 = unsafe { &mut *xraw };
|
|
|
|
let _val = *xref1;
|
|
|
|
unsafe { *xraw = 4; }
|
|
|
|
// we can now use both xraw and xref1, for reading
|
|
|
|
assert_eq!(*xref1, 4);
|
|
|
|
assert_eq!(unsafe { *xraw }, 4);
|
|
|
|
assert_eq!(*xref1, 4);
|
|
|
|
assert_eq!(unsafe { *xraw }, 4);
|
|
|
|
// we cannot use xref2; see `compile-fail/stacked-borows/illegal_read4.rs`
|
|
|
|
}
|
|
|
|
assert_eq!(x, 4);
|
|
|
|
}
|
2018-11-21 16:08:46 +01:00
|
|
|
|
|
|
|
fn partially_invalidate_mut() {
|
|
|
|
let data = &mut (0u8, 0u8);
|
|
|
|
let reborrow = &mut *data as *mut (u8, u8);
|
|
|
|
let shard = unsafe { &mut (*reborrow).0 };
|
2019-02-16 01:43:56 +00:00
|
|
|
data.1 += 1; // the deref overlaps with `shard`, but that is ok; the access does not overlap.
|
2018-11-21 16:08:46 +01:00
|
|
|
*shard += 1; // so we can still use `shard`.
|
|
|
|
assert_eq!(*data, (1, 1));
|
|
|
|
}
|
2018-11-22 16:26:06 +01:00
|
|
|
|
|
|
|
// Make sure that we can handle the situation where a loaction is frozen when being dropped.
|
|
|
|
fn drop_after_sharing() {
|
|
|
|
let x = String::from("hello!");
|
|
|
|
let _len = x.len();
|
|
|
|
}
|
2018-12-07 18:01:23 +01:00
|
|
|
|
|
|
|
// Make sure that coercing &mut T to *const T produces a writeable pointer.
|
|
|
|
fn direct_mut_to_const_raw() {
|
2020-01-30 13:29:55 +01:00
|
|
|
// TODO: This is currently disabled, waiting on a decision on <https://github.com/rust-lang/rust/issues/56604>
|
2018-12-07 18:01:23 +01:00
|
|
|
/*let x = &mut 0;
|
|
|
|
let y: *const i32 = x;
|
|
|
|
unsafe { *(y as *mut i32) = 1; }
|
|
|
|
assert_eq!(*x, 1);
|
|
|
|
*/
|
|
|
|
}
|
2019-04-17 14:28:45 +02:00
|
|
|
|
|
|
|
// Make sure that we can create two raw pointers from a mutable reference and use them both.
|
|
|
|
fn two_raw() { unsafe {
|
|
|
|
let x = &mut 0;
|
|
|
|
let y1 = x as *mut _;
|
|
|
|
let y2 = x as *mut _;
|
|
|
|
*y1 += 2;
|
|
|
|
*y2 += 1;
|
|
|
|
} }
|
2019-04-17 16:02:42 +02:00
|
|
|
|
|
|
|
// Make sure that creating a *mut does not invalidate existing shared references.
|
2020-01-30 12:17:02 +01:00
|
|
|
fn shr_and_raw() { unsafe {
|
2019-04-17 16:02:42 +02:00
|
|
|
use std::mem;
|
|
|
|
let x = &mut 0;
|
|
|
|
let y1: &i32 = mem::transmute(&*x); // launder lifetimes
|
|
|
|
let y2 = x as *mut _;
|
|
|
|
let _val = *y1;
|
|
|
|
*y2 += 1;
|
2020-01-30 12:17:02 +01:00
|
|
|
} }
|
2019-11-05 11:05:02 +01:00
|
|
|
|
|
|
|
fn disjoint_mutable_subborrows() {
|
|
|
|
struct Foo {
|
|
|
|
a: String,
|
|
|
|
b: Vec<u32>,
|
|
|
|
}
|
|
|
|
|
|
|
|
unsafe fn borrow_field_a<'a>(this:*mut Foo) -> &'a mut String {
|
|
|
|
&mut (*this).a
|
|
|
|
}
|
|
|
|
|
|
|
|
unsafe fn borrow_field_b<'a>(this:*mut Foo) -> &'a mut Vec<u32> {
|
|
|
|
&mut (*this).b
|
|
|
|
}
|
|
|
|
|
|
|
|
let mut foo = Foo {
|
|
|
|
a: "hello".into(),
|
|
|
|
b: vec![0,1,2],
|
|
|
|
};
|
|
|
|
|
|
|
|
let ptr = &mut foo as *mut Foo;
|
|
|
|
|
|
|
|
let a = unsafe{ borrow_field_a(ptr) };
|
|
|
|
let b = unsafe{ borrow_field_b(ptr) };
|
|
|
|
b.push(4);
|
|
|
|
a.push_str(" world");
|
2020-01-30 12:17:02 +01:00
|
|
|
eprintln!("{:?} {:?}", a, b);
|
2019-11-05 11:05:02 +01:00
|
|
|
}
|