2018-10-26 04:31:20 -05:00
|
|
|
use std::cell::RefCell;
|
2018-10-16 11:01:50 -05:00
|
|
|
|
2018-10-26 04:31:20 -05:00
|
|
|
use rustc::ty::{self, Ty, layout::Size};
|
2018-10-18 09:59:08 -05:00
|
|
|
use rustc::hir;
|
2018-10-16 11:01:50 -05:00
|
|
|
|
|
|
|
|
use super::{
|
2018-10-22 11:01:32 -05:00
|
|
|
MemoryAccess, MemoryKind, MiriMemoryKind, RangeMap, EvalResult, AllocId,
|
2018-10-24 10:17:44 -05:00
|
|
|
Pointer, PlaceTy,
|
2018-10-16 11:01:50 -05:00
|
|
|
};
|
2018-10-16 04:21:38 -05:00
|
|
|
|
|
|
|
|
pub type Timestamp = u64;
|
|
|
|
|
|
|
|
|
|
/// Information about a potentially mutable borrow
|
|
|
|
|
#[derive(Copy, Clone, Debug, Hash, PartialEq, Eq)]
|
|
|
|
|
pub enum Mut {
|
2018-10-17 08:15:53 -05:00
|
|
|
/// A unique, mutable reference
|
|
|
|
|
Uniq(Timestamp),
|
|
|
|
|
/// Any raw pointer, or a shared borrow with interior mutability
|
|
|
|
|
Raw,
|
2018-10-16 04:21:38 -05:00
|
|
|
}
|
|
|
|
|
|
2018-10-16 11:01:50 -05:00
|
|
|
impl Mut {
|
|
|
|
|
#[inline(always)]
|
2018-10-24 04:39:31 -05:00
|
|
|
pub fn is_raw(self) -> bool {
|
2018-10-16 11:01:50 -05:00
|
|
|
match self {
|
|
|
|
|
Mut::Raw => true,
|
|
|
|
|
_ => false,
|
|
|
|
|
}
|
|
|
|
|
}
|
2018-10-24 04:39:31 -05:00
|
|
|
|
|
|
|
|
#[inline(always)]
|
|
|
|
|
pub fn is_uniq(self) -> bool {
|
|
|
|
|
match self {
|
|
|
|
|
Mut::Uniq(_) => true,
|
|
|
|
|
_ => false,
|
|
|
|
|
}
|
|
|
|
|
}
|
2018-10-16 11:01:50 -05:00
|
|
|
}
|
|
|
|
|
|
2018-10-16 04:21:38 -05:00
|
|
|
/// Information about any kind of borrow
|
|
|
|
|
#[derive(Copy, Clone, Debug, Hash, PartialEq, Eq)]
|
|
|
|
|
pub enum Borrow {
|
2018-10-17 08:15:53 -05:00
|
|
|
/// A mutable borrow, a raw pointer, or a shared borrow with interior mutability
|
|
|
|
|
Mut(Mut),
|
|
|
|
|
/// A shared borrow without interior mutability
|
|
|
|
|
Frz(Timestamp)
|
2018-10-16 04:21:38 -05:00
|
|
|
}
|
|
|
|
|
|
2018-10-16 11:01:50 -05:00
|
|
|
impl Borrow {
|
|
|
|
|
#[inline(always)]
|
2018-10-24 04:39:31 -05:00
|
|
|
pub fn is_uniq(self) -> bool {
|
|
|
|
|
match self {
|
|
|
|
|
Borrow::Mut(m) => m.is_uniq(),
|
|
|
|
|
_ => false,
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#[inline(always)]
|
|
|
|
|
pub fn is_frz(self) -> bool {
|
2018-10-16 11:01:50 -05:00
|
|
|
match self {
|
2018-10-24 04:39:31 -05:00
|
|
|
Borrow::Frz(_) => true,
|
2018-10-16 11:01:50 -05:00
|
|
|
_ => false,
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2018-10-16 04:21:38 -05:00
|
|
|
/// An item in the borrow stack
|
|
|
|
|
#[derive(Copy, Clone, Debug, Hash, PartialEq, Eq)]
|
|
|
|
|
pub enum BorStackItem {
|
2018-10-17 08:15:53 -05:00
|
|
|
/// Defines which references are permitted to mutate *if* the location is not frozen
|
|
|
|
|
Mut(Mut),
|
|
|
|
|
/// A barrier, tracking the function it belongs to by its index on the call stack
|
|
|
|
|
#[allow(dead_code)] // for future use
|
|
|
|
|
FnBarrier(usize)
|
2018-10-16 04:21:38 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
impl Default for Borrow {
|
|
|
|
|
fn default() -> Self {
|
|
|
|
|
Borrow::Mut(Mut::Raw)
|
|
|
|
|
}
|
|
|
|
|
}
|
2018-10-16 11:01:50 -05:00
|
|
|
|
2018-10-19 09:07:40 -05:00
|
|
|
/// What kind of reference are we talking about?
|
|
|
|
|
#[derive(Copy, Clone, Debug, Hash, PartialEq, Eq)]
|
|
|
|
|
pub enum RefKind {
|
|
|
|
|
Mut,
|
|
|
|
|
Shr,
|
|
|
|
|
Raw,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
impl From<Option<hir::Mutability>> for RefKind {
|
|
|
|
|
fn from(mutbl: Option<hir::Mutability>) -> Self {
|
|
|
|
|
match mutbl {
|
|
|
|
|
None => RefKind::Raw,
|
|
|
|
|
Some(hir::MutMutable) => RefKind::Mut,
|
|
|
|
|
Some(hir::MutImmutable) => RefKind::Shr,
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2018-10-16 11:01:50 -05:00
|
|
|
/// Extra global machine state
|
|
|
|
|
#[derive(Clone, Debug)]
|
|
|
|
|
pub struct State {
|
2018-10-26 04:31:20 -05:00
|
|
|
clock: Timestamp
|
2018-10-16 11:01:50 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
impl State {
|
|
|
|
|
pub fn new() -> State {
|
2018-10-26 04:31:20 -05:00
|
|
|
State { clock: 0 }
|
2018-10-16 11:01:50 -05:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/// Extra per-location state
|
|
|
|
|
#[derive(Clone, Debug)]
|
|
|
|
|
struct Stack {
|
|
|
|
|
borrows: Vec<BorStackItem>, // used as a stack
|
|
|
|
|
frozen_since: Option<Timestamp>,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
impl Default for Stack {
|
|
|
|
|
fn default() -> Self {
|
|
|
|
|
Stack {
|
2018-10-22 11:01:32 -05:00
|
|
|
borrows: vec![BorStackItem::Mut(Mut::Raw)],
|
2018-10-16 11:01:50 -05:00
|
|
|
frozen_since: None,
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/// Extra per-allocation state
|
|
|
|
|
#[derive(Clone, Debug, Default)]
|
|
|
|
|
pub struct Stacks {
|
2018-10-26 04:31:20 -05:00
|
|
|
// Even reading memory can have effects on the stack, so we need a `RefCell` here.
|
2018-10-16 11:01:50 -05:00
|
|
|
stacks: RefCell<RangeMap<Stack>>,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/// Core operations
|
|
|
|
|
impl<'tcx> Stack {
|
2018-10-19 09:07:40 -05:00
|
|
|
/// Check if `bor` is currently active. We accept a `Raw` on a frozen location
|
|
|
|
|
/// because this could be a shared (re)borrow. If you want to mutate, this
|
|
|
|
|
/// is not the right function to call!
|
2018-10-16 11:01:50 -05:00
|
|
|
fn check(&self, bor: Borrow) -> bool {
|
|
|
|
|
match bor {
|
|
|
|
|
Borrow::Frz(acc_t) =>
|
|
|
|
|
// Must be frozen at least as long as the `acc_t` says.
|
|
|
|
|
self.frozen_since.map_or(false, |loc_t| loc_t <= acc_t),
|
|
|
|
|
Borrow::Mut(acc_m) =>
|
|
|
|
|
// Raw pointers are fine with frozen locations. This is important because &Cell is raw!
|
|
|
|
|
if self.frozen_since.is_some() {
|
|
|
|
|
acc_m.is_raw()
|
|
|
|
|
} else {
|
|
|
|
|
self.borrows.last().map_or(false, |&loc_itm| loc_itm == BorStackItem::Mut(acc_m))
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2018-10-19 09:07:40 -05:00
|
|
|
/// Check if `bor` could be activated by unfreezing and popping.
|
2018-10-23 08:59:50 -05:00
|
|
|
/// `force_mut` indicates whether being frozen is potentially acceptable.
|
|
|
|
|
/// Returns `Err` if the answer is "no"; otherwise the data says
|
|
|
|
|
/// what needs to happen to activate this: `None` = nothing,
|
|
|
|
|
/// `Some(n)` = unfreeze and make item `n` the top item of the stack.
|
|
|
|
|
fn reactivatable(&self, bor: Borrow, force_mut: bool) -> Result<Option<usize>, String> {
|
2018-10-17 08:15:53 -05:00
|
|
|
// Unless mutation is bound to happen, do NOT change anything if `bor` is already active.
|
|
|
|
|
// In particular, if it is a `Mut(Raw)` and we are frozen, this should be a NOP.
|
2018-10-16 11:01:50 -05:00
|
|
|
if !force_mut && self.check(bor) {
|
2018-10-23 08:59:50 -05:00
|
|
|
return Ok(None);
|
2018-10-16 11:01:50 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
let acc_m = match bor {
|
2018-10-19 09:07:40 -05:00
|
|
|
Borrow::Frz(since) =>
|
2018-10-23 08:59:50 -05:00
|
|
|
return Err(if force_mut {
|
|
|
|
|
format!("Using a shared borrow for mutation")
|
2018-10-17 08:15:53 -05:00
|
|
|
} else {
|
2018-10-23 08:59:50 -05:00
|
|
|
format!(
|
2018-10-19 09:07:40 -05:00
|
|
|
"Location should be frozen since {} but {}",
|
|
|
|
|
since,
|
|
|
|
|
match self.frozen_since {
|
|
|
|
|
None => format!("it is not frozen at all"),
|
|
|
|
|
Some(since) => format!("it is only frozen since {}", since),
|
|
|
|
|
}
|
2018-10-23 08:59:50 -05:00
|
|
|
)
|
|
|
|
|
}),
|
|
|
|
|
Borrow::Mut(acc_m) => acc_m
|
2018-10-16 11:01:50 -05:00
|
|
|
};
|
2018-10-23 08:59:50 -05:00
|
|
|
// This is where we would unfreeze.
|
|
|
|
|
for (idx, &itm) in self.borrows.iter().enumerate().rev() {
|
2018-10-16 11:01:50 -05:00
|
|
|
match itm {
|
2018-10-23 08:59:50 -05:00
|
|
|
BorStackItem::FnBarrier(_) =>
|
|
|
|
|
return Err(format!("Trying to reactivate a mutable borrow ({:?}) that lives behind a barrier", acc_m)),
|
2018-10-16 11:01:50 -05:00
|
|
|
BorStackItem::Mut(loc_m) => {
|
2018-10-23 08:59:50 -05:00
|
|
|
if loc_m == acc_m { return Ok(Some(idx)); }
|
2018-10-16 11:01:50 -05:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2018-10-22 11:01:32 -05:00
|
|
|
// Nothing to be found.
|
2018-10-23 08:59:50 -05:00
|
|
|
Err(format!("Mutable borrow-to-reactivate ({:?}) does not exist on the stack", acc_m))
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/// Reactive `bor` for this stack. If `force_mut` is set, we want to aggressively
|
|
|
|
|
/// unfreeze this location (because we are about to mutate, so a frozen `Raw` is not okay).
|
|
|
|
|
fn reactivate(&mut self, bor: Borrow, force_mut: bool) -> EvalResult<'tcx> {
|
|
|
|
|
let action = match self.reactivatable(bor, force_mut) {
|
|
|
|
|
Ok(action) => action,
|
|
|
|
|
Err(err) => return err!(MachineError(err)),
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
match action {
|
|
|
|
|
None => {}, // nothing to do
|
|
|
|
|
Some(top) => {
|
|
|
|
|
self.frozen_since = None;
|
|
|
|
|
self.borrows.truncate(top+1);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
Ok(())
|
2018-10-16 11:01:50 -05:00
|
|
|
}
|
|
|
|
|
|
2018-10-19 09:07:40 -05:00
|
|
|
/// Initiate `bor`; mostly this means freezing or pushing.
|
2018-10-16 11:01:50 -05:00
|
|
|
fn initiate(&mut self, bor: Borrow) -> EvalResult<'tcx> {
|
|
|
|
|
match bor {
|
|
|
|
|
Borrow::Frz(t) => {
|
|
|
|
|
match self.frozen_since {
|
2018-10-19 09:07:40 -05:00
|
|
|
None => {
|
|
|
|
|
trace!("initiate: Freezing");
|
|
|
|
|
self.frozen_since = Some(t);
|
|
|
|
|
}
|
|
|
|
|
Some(since) => {
|
|
|
|
|
trace!("initiate: Already frozen");
|
|
|
|
|
assert!(since <= t);
|
|
|
|
|
}
|
2018-10-16 11:01:50 -05:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
Borrow::Mut(m) => {
|
|
|
|
|
match self.frozen_since {
|
2018-10-19 09:07:40 -05:00
|
|
|
None => {
|
|
|
|
|
trace!("initiate: Pushing {:?}", bor);
|
|
|
|
|
self.borrows.push(BorStackItem::Mut(m))
|
|
|
|
|
}
|
|
|
|
|
Some(_) if m.is_raw() =>
|
|
|
|
|
// We only ever initiate right after activating the ref we come from.
|
|
|
|
|
// If the source ref is fine being frozen, then a raw ref we create
|
|
|
|
|
// from it is fine with this as well.
|
|
|
|
|
trace!("initiate: Initiating a raw on a frozen location, not doing a thing"),
|
2018-10-16 11:01:50 -05:00
|
|
|
Some(_) =>
|
|
|
|
|
return err!(MachineError(format!("Trying to mutate frozen location")))
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
Ok(())
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
impl State {
|
2018-10-26 04:31:20 -05:00
|
|
|
fn increment_clock(&mut self) -> Timestamp {
|
|
|
|
|
let val = self.clock;
|
|
|
|
|
self.clock = val + 1;
|
2018-10-18 09:59:08 -05:00
|
|
|
val
|
2018-10-16 11:01:50 -05:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2018-10-17 08:15:53 -05:00
|
|
|
/// Higher-level operations
|
|
|
|
|
impl<'tcx> Stacks {
|
|
|
|
|
pub fn memory_accessed(
|
|
|
|
|
&self,
|
|
|
|
|
ptr: Pointer<Borrow>,
|
|
|
|
|
size: Size,
|
|
|
|
|
access: MemoryAccess,
|
|
|
|
|
) -> EvalResult<'tcx> {
|
|
|
|
|
trace!("memory_accessed({:?}) with tag {:?}: {:?}, size {}", access, ptr.tag, ptr, size.bytes());
|
|
|
|
|
let mut stacks = self.stacks.borrow_mut();
|
|
|
|
|
for stack in stacks.iter_mut(ptr.offset, size) {
|
|
|
|
|
// FIXME: Compare this with what the blog post says.
|
|
|
|
|
stack.reactivate(ptr.tag, /*force_mut*/access == MemoryAccess::Write)?;
|
|
|
|
|
}
|
|
|
|
|
Ok(())
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
pub fn memory_deallocated(
|
|
|
|
|
&mut self,
|
|
|
|
|
ptr: Pointer<Borrow>,
|
|
|
|
|
) -> EvalResult<'tcx> {
|
|
|
|
|
trace!("memory_deallocated with tag {:?}: {:?}", ptr.tag, ptr);
|
|
|
|
|
let stacks = self.stacks.get_mut();
|
|
|
|
|
for stack in stacks.iter_mut_all() {
|
|
|
|
|
// This is like mutating.
|
|
|
|
|
stack.reactivate(ptr.tag, /*force_mut*/true)?;
|
|
|
|
|
}
|
|
|
|
|
Ok(())
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
fn reborrow(
|
|
|
|
|
&self,
|
|
|
|
|
ptr: Pointer<Borrow>,
|
|
|
|
|
size: Size,
|
|
|
|
|
new_bor: Borrow,
|
2018-10-19 09:07:40 -05:00
|
|
|
permit_redundant: bool,
|
2018-10-17 08:15:53 -05:00
|
|
|
) -> EvalResult<'tcx> {
|
|
|
|
|
let mut stacks = self.stacks.borrow_mut();
|
|
|
|
|
for stack in stacks.iter_mut(ptr.offset, size) {
|
2018-10-19 09:07:40 -05:00
|
|
|
if permit_redundant && stack.check(new_bor) {
|
2018-10-17 08:15:53 -05:00
|
|
|
// The new borrow is already active! This can happen when creating multiple
|
|
|
|
|
// shared references from the same mutable reference. Do nothing.
|
2018-10-19 09:07:40 -05:00
|
|
|
trace!("reborrow: New borrow {:?} is already active, not doing a thing", new_bor);
|
2018-10-17 08:15:53 -05:00
|
|
|
} else {
|
2018-10-19 09:07:40 -05:00
|
|
|
// If we are creating a uniq ref, we certainly want to unfreeze.
|
|
|
|
|
// Even if we are doing so from a raw.
|
2018-10-22 11:01:32 -05:00
|
|
|
// Notice that if this is a local, whenever we access it directly the
|
|
|
|
|
// tag here will be the bottommost `Uniq` for that local. That `Uniq`
|
|
|
|
|
// never is accessible by the program, so it will not be used by any
|
|
|
|
|
// other access. IOW, whenever we directly use a local this will pop
|
|
|
|
|
// everything else off the stack, invalidating all previous pointers
|
|
|
|
|
// and, in particular, *all* raw pointers. This subsumes the explicit
|
|
|
|
|
// `reset` which the blog post [1] says to perform when accessing a local.
|
|
|
|
|
//
|
|
|
|
|
// [1] https://www.ralfj.de/blog/2018/08/07/stacked-borrows.html
|
2018-10-17 08:15:53 -05:00
|
|
|
stack.reactivate(ptr.tag, /*force_mut*/new_bor.is_uniq())?;
|
|
|
|
|
stack.initiate(new_bor)?;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
Ok(())
|
|
|
|
|
}
|
2018-10-22 11:01:32 -05:00
|
|
|
|
|
|
|
|
/// Pushes the first borrow to the stacks, must be a mutable one.
|
|
|
|
|
pub fn first_borrow(
|
|
|
|
|
&mut self,
|
2018-10-30 04:41:01 -05:00
|
|
|
mut_borrow: Mut,
|
2018-10-22 11:01:32 -05:00
|
|
|
size: Size
|
|
|
|
|
) {
|
|
|
|
|
for stack in self.stacks.get_mut().iter_mut(Size::ZERO, size) {
|
|
|
|
|
assert!(stack.borrows.len() == 1 && stack.frozen_since.is_none());
|
|
|
|
|
assert_eq!(stack.borrows.pop().unwrap(), BorStackItem::Mut(Mut::Raw));
|
2018-10-30 04:41:01 -05:00
|
|
|
stack.borrows.push(BorStackItem::Mut(mut_borrow));
|
2018-10-22 11:01:32 -05:00
|
|
|
}
|
|
|
|
|
}
|
2018-10-17 08:15:53 -05:00
|
|
|
}
|
|
|
|
|
|
2018-10-16 11:01:50 -05:00
|
|
|
pub trait EvalContextExt<'tcx> {
|
|
|
|
|
fn tag_reference(
|
2018-10-26 04:31:20 -05:00
|
|
|
&mut self,
|
2018-10-16 11:01:50 -05:00
|
|
|
ptr: Pointer<Borrow>,
|
|
|
|
|
pointee_ty: Ty<'tcx>,
|
|
|
|
|
size: Size,
|
2018-10-19 09:07:40 -05:00
|
|
|
ref_kind: RefKind,
|
2018-10-16 11:01:50 -05:00
|
|
|
) -> EvalResult<'tcx, Borrow>;
|
|
|
|
|
|
2018-10-19 09:07:40 -05:00
|
|
|
|
2018-10-16 11:01:50 -05:00
|
|
|
fn tag_dereference(
|
|
|
|
|
&self,
|
|
|
|
|
ptr: Pointer<Borrow>,
|
2018-10-18 09:59:08 -05:00
|
|
|
pointee_ty: Ty<'tcx>,
|
|
|
|
|
size: Size,
|
2018-10-19 09:07:40 -05:00
|
|
|
ref_kind: RefKind,
|
2018-10-16 11:01:50 -05:00
|
|
|
) -> EvalResult<'tcx, Borrow>;
|
2018-10-22 11:01:32 -05:00
|
|
|
|
|
|
|
|
fn tag_new_allocation(
|
|
|
|
|
&mut self,
|
|
|
|
|
id: AllocId,
|
|
|
|
|
kind: MemoryKind<MiriMemoryKind>,
|
|
|
|
|
) -> Borrow;
|
2018-10-24 10:17:44 -05:00
|
|
|
|
|
|
|
|
fn retag(
|
|
|
|
|
&mut self,
|
|
|
|
|
fn_entry: bool,
|
|
|
|
|
place: PlaceTy<'tcx, Borrow>
|
|
|
|
|
) -> EvalResult<'tcx>;
|
2018-10-16 11:01:50 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
impl<'a, 'mir, 'tcx> EvalContextExt<'tcx> for super::MiriEvalContext<'a, 'mir, 'tcx> {
|
2018-10-26 04:31:20 -05:00
|
|
|
/// Called for place-to-value conversion.
|
|
|
|
|
fn tag_reference(
|
|
|
|
|
&mut self,
|
|
|
|
|
ptr: Pointer<Borrow>,
|
2018-10-16 11:01:50 -05:00
|
|
|
pointee_ty: Ty<'tcx>,
|
2018-10-26 04:31:20 -05:00
|
|
|
size: Size,
|
2018-10-19 09:07:40 -05:00
|
|
|
ref_kind: RefKind,
|
2018-10-26 04:31:20 -05:00
|
|
|
) -> EvalResult<'tcx, Borrow> {
|
2018-10-16 11:01:50 -05:00
|
|
|
let time = self.machine.stacked_borrows.increment_clock();
|
2018-10-26 04:31:20 -05:00
|
|
|
let new_bor = match ref_kind {
|
2018-10-19 09:07:40 -05:00
|
|
|
RefKind::Mut => Borrow::Mut(Mut::Uniq(time)),
|
|
|
|
|
RefKind::Shr =>
|
2018-10-22 05:51:30 -05:00
|
|
|
// FIXME This does not do enough checking when only part of the data has
|
|
|
|
|
// interior mutability. When the type is `(i32, Cell<i32>)`, we want the
|
|
|
|
|
// first field to be frozen but not the second.
|
2018-10-16 11:01:50 -05:00
|
|
|
if self.type_is_freeze(pointee_ty) {
|
|
|
|
|
Borrow::Frz(time)
|
|
|
|
|
} else {
|
2018-10-18 09:59:08 -05:00
|
|
|
// Shared reference with interior mutability.
|
2018-10-16 11:01:50 -05:00
|
|
|
Borrow::Mut(Mut::Raw)
|
2018-10-17 08:15:53 -05:00
|
|
|
},
|
2018-10-19 09:07:40 -05:00
|
|
|
RefKind::Raw => Borrow::Mut(Mut::Raw),
|
2018-10-26 04:31:20 -05:00
|
|
|
};
|
2018-10-17 08:15:53 -05:00
|
|
|
trace!("tag_reference: Creating new reference ({:?}) for {:?} (pointee {}, size {}): {:?}",
|
2018-10-19 09:07:40 -05:00
|
|
|
ref_kind, ptr, pointee_ty, size.bytes(), new_bor);
|
2018-10-16 11:01:50 -05:00
|
|
|
|
|
|
|
|
// Make sure this reference is not dangling or so
|
2018-10-19 12:51:41 -05:00
|
|
|
self.memory().check_bounds(ptr, size, false)?;
|
2018-10-16 11:01:50 -05:00
|
|
|
|
|
|
|
|
// Update the stacks. We cannot use `get_mut` becuse this might be immutable
|
|
|
|
|
// memory.
|
2018-10-19 12:51:41 -05:00
|
|
|
let alloc = self.memory().get(ptr.alloc_id).expect("We checked that the ptr is fine!");
|
2018-10-19 09:07:40 -05:00
|
|
|
let permit_redundant = ref_kind == RefKind::Shr; // redundant shared refs are okay
|
|
|
|
|
alloc.extra.reborrow(ptr, size, new_bor, permit_redundant)?;
|
2018-10-16 11:01:50 -05:00
|
|
|
|
|
|
|
|
Ok(new_bor)
|
|
|
|
|
}
|
|
|
|
|
|
2018-10-18 09:59:08 -05:00
|
|
|
/// Called for value-to-place conversion.
|
2018-10-19 09:07:40 -05:00
|
|
|
///
|
|
|
|
|
/// Note that this does NOT mean that all this memory will actually get accessed/referenced!
|
|
|
|
|
/// We could be in the middle of `&(*var).1`.
|
2018-10-16 11:01:50 -05:00
|
|
|
fn tag_dereference(
|
|
|
|
|
&self,
|
|
|
|
|
ptr: Pointer<Borrow>,
|
2018-10-26 04:31:20 -05:00
|
|
|
_pointee_ty: Ty<'tcx>,
|
2018-10-18 09:59:08 -05:00
|
|
|
size: Size,
|
2018-10-19 09:07:40 -05:00
|
|
|
ref_kind: RefKind,
|
2018-10-16 11:01:50 -05:00
|
|
|
) -> EvalResult<'tcx, Borrow> {
|
2018-10-19 09:07:40 -05:00
|
|
|
// In principle we should not have to do anything here. However, with transmutes involved,
|
|
|
|
|
// it can happen that the tag of `ptr` does not actually match `ref_kind`, and we
|
|
|
|
|
// should adjust for that.
|
|
|
|
|
// Notably, the compiler can introduce such transmutes by optimizing away `&[mut]*`.
|
|
|
|
|
// That can transmute a raw ptr to a (shared/mut) ref, and a mut ref to a shared one.
|
|
|
|
|
match (ref_kind, ptr.tag) {
|
2018-10-22 11:01:32 -05:00
|
|
|
(RefKind::Raw, _) => {
|
|
|
|
|
// Don't use the tag, this is a raw access! Even if there is a tag,
|
|
|
|
|
// that means transmute happened and we ignore the tag.
|
|
|
|
|
// Also don't do any further validation, this is raw after all.
|
|
|
|
|
return Ok(Borrow::Mut(Mut::Raw));
|
|
|
|
|
}
|
2018-10-19 09:07:40 -05:00
|
|
|
(RefKind::Mut, Borrow::Mut(Mut::Uniq(_))) |
|
|
|
|
|
(RefKind::Shr, Borrow::Frz(_)) |
|
|
|
|
|
(RefKind::Shr, Borrow::Mut(Mut::Raw)) => {
|
|
|
|
|
// Expected combinations. Nothing to do.
|
|
|
|
|
// FIXME: We probably shouldn't accept this if we got a raw shr without
|
|
|
|
|
// interior mutability.
|
|
|
|
|
}
|
2018-10-22 11:01:32 -05:00
|
|
|
(RefKind::Mut, Borrow::Mut(Mut::Raw)) => {
|
|
|
|
|
// Raw transmuted to mut ref. Keep this as raw access.
|
2018-10-19 09:07:40 -05:00
|
|
|
// We cannot reborrow here; there might be a raw in `&(*var).1` where
|
|
|
|
|
// `var` is an `&mut`. The other field of the struct might be already frozen,
|
|
|
|
|
// also using `var`, and that would be okay.
|
|
|
|
|
}
|
|
|
|
|
(RefKind::Shr, Borrow::Mut(Mut::Uniq(_))) => {
|
2018-10-26 04:31:20 -05:00
|
|
|
// A mut got transmuted to shr. The mut borrow must be reactivatable.
|
2018-10-19 09:07:40 -05:00
|
|
|
}
|
|
|
|
|
(RefKind::Mut, Borrow::Frz(_)) => {
|
|
|
|
|
// This is just invalid.
|
|
|
|
|
// If we ever allow this, we have to consider what we do when a turn a
|
|
|
|
|
// `Raw`-tagged `&mut` into a raw pointer pointing to a frozen location.
|
|
|
|
|
// We probably do not want to allow that, but we have to allow
|
|
|
|
|
// turning a `Raw`-tagged `&` into a raw ptr to a frozen location.
|
|
|
|
|
return err!(MachineError(format!("Encountered mutable reference with frozen tag {:?}", ptr.tag)))
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
// Even if we don't touch the tag, this operation is only okay if we *could*
|
|
|
|
|
// activate it. Also it must not be dangling.
|
2018-10-19 12:51:41 -05:00
|
|
|
self.memory().check_bounds(ptr, size, false)?;
|
|
|
|
|
let alloc = self.memory().get(ptr.alloc_id).expect("We checked that the ptr is fine!");
|
2018-10-19 09:07:40 -05:00
|
|
|
let mut stacks = alloc.extra.stacks.borrow_mut();
|
|
|
|
|
// We need `iter_mut` because `iter` would skip gaps!
|
|
|
|
|
for stack in stacks.iter_mut(ptr.offset, size) {
|
|
|
|
|
// We accept &mut to a frozen location here, that is just normal. There might
|
|
|
|
|
// be shared reborrows that we are about to invalidate with this access.
|
|
|
|
|
// We cannot invalidate them aggressively here because the deref might also be
|
|
|
|
|
// to just create more shared refs.
|
2018-10-23 08:59:50 -05:00
|
|
|
if let Err(err) = stack.reactivatable(ptr.tag, /*force_mut*/false) {
|
|
|
|
|
return err!(MachineError(format!("Encountered {:?} reference with non-reactivatable tag: {}", ref_kind, err)))
|
2018-10-19 09:07:40 -05:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
// All is good.
|
|
|
|
|
Ok(ptr.tag)
|
2018-10-16 11:01:50 -05:00
|
|
|
}
|
2018-10-22 11:01:32 -05:00
|
|
|
|
|
|
|
|
fn tag_new_allocation(
|
|
|
|
|
&mut self,
|
|
|
|
|
id: AllocId,
|
|
|
|
|
kind: MemoryKind<MiriMemoryKind>,
|
|
|
|
|
) -> Borrow {
|
2018-10-30 04:41:01 -05:00
|
|
|
let mut_borrow = match kind {
|
2018-10-22 11:01:32 -05:00
|
|
|
MemoryKind::Stack => {
|
|
|
|
|
// New unique borrow
|
|
|
|
|
let time = self.machine.stacked_borrows.increment_clock();
|
|
|
|
|
Mut::Uniq(time)
|
|
|
|
|
}
|
|
|
|
|
_ => {
|
|
|
|
|
// Raw for everything else
|
|
|
|
|
Mut::Raw
|
|
|
|
|
}
|
|
|
|
|
};
|
|
|
|
|
// Make this the active borrow for this allocation
|
|
|
|
|
let alloc = self.memory_mut().get_mut(id).expect("This is a new allocation, it must still exist");
|
|
|
|
|
let size = Size::from_bytes(alloc.bytes.len() as u64);
|
2018-10-30 04:41:01 -05:00
|
|
|
alloc.extra.first_borrow(mut_borrow, size);
|
|
|
|
|
Borrow::Mut(mut_borrow)
|
2018-10-22 11:01:32 -05:00
|
|
|
}
|
2018-10-24 10:17:44 -05:00
|
|
|
|
|
|
|
|
fn retag(
|
|
|
|
|
&mut self,
|
|
|
|
|
_fn_entry: bool,
|
2018-10-26 04:31:20 -05:00
|
|
|
place: PlaceTy<'tcx, Borrow>
|
2018-10-24 10:17:44 -05:00
|
|
|
) -> EvalResult<'tcx> {
|
2018-10-26 04:31:20 -05:00
|
|
|
// For now, we only retag if the toplevel type is a reference.
|
|
|
|
|
// TODO: Recurse into structs and enums, sharing code with validation.
|
|
|
|
|
let mutbl = match place.layout.ty.sty {
|
|
|
|
|
ty::Ref(_, _, mutbl) => mutbl, // go ahead
|
|
|
|
|
_ => return Ok(()), // don't do a thing
|
|
|
|
|
};
|
|
|
|
|
// We want to reborrow the reference stored there. This will call the hooks
|
|
|
|
|
// above. First deref.
|
|
|
|
|
// (This is somewhat redundant because validation already did the same thing,
|
|
|
|
|
// but what can you do.)
|
|
|
|
|
let val = self.read_value(self.place_to_op(place)?)?;
|
|
|
|
|
let dest = self.ref_to_mplace(val)?;
|
|
|
|
|
// Now put a new ref into the old place.
|
|
|
|
|
// FIXME: Honor `fn_entry`!
|
|
|
|
|
let val = self.create_ref(dest, Some(mutbl))?;
|
|
|
|
|
self.write_value(val, place)?;
|
2018-10-24 10:17:44 -05:00
|
|
|
Ok(())
|
|
|
|
|
}
|
2018-10-16 11:01:50 -05:00
|
|
|
}
|
