From e5330a4f52fcf9de8112f3dd0abb094640b668e3 Mon Sep 17 00:00:00 2001 From: Oli Scherer Date: Sun, 3 Jan 2021 14:20:51 +0100 Subject: [PATCH] Apply suggestions from code review comment nits Co-authored-by: Ralf Jung --- compiler/rustc_mir/src/transform/check_consts/ops.rs | 2 +- .../src/transform/check_consts/validation.rs | 11 ++++++++--- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/compiler/rustc_mir/src/transform/check_consts/ops.rs b/compiler/rustc_mir/src/transform/check_consts/ops.rs index cb6d16bc207..a85303d4cd3 100644 --- a/compiler/rustc_mir/src/transform/check_consts/ops.rs +++ b/compiler/rustc_mir/src/transform/check_consts/ops.rs @@ -232,7 +232,7 @@ impl NonConstOp for TransientCellBorrow { } #[derive(Debug)] -/// A borrow of a type that contains an `UnsafeCell` somewhere. The borrow escapes to +/// A borrow of a type that contains an `UnsafeCell` somewhere. The borrow might escape to /// the final value of the constant, and thus we cannot allow this (for now). We may allow /// it in the future for static items. pub struct CellBorrow; diff --git a/compiler/rustc_mir/src/transform/check_consts/validation.rs b/compiler/rustc_mir/src/transform/check_consts/validation.rs index 4770d659032..8c2525879b3 100644 --- a/compiler/rustc_mir/src/transform/check_consts/validation.rs +++ b/compiler/rustc_mir/src/transform/check_consts/validation.rs @@ -584,14 +584,19 @@ impl Visitor<'tcx> for Validator<'mir, 'tcx> { if borrowed_place_has_mut_interior { match self.const_kind() { // In a const fn all borrows are transient or point to the places given via - // references in the arguments. The borrow checker guarantees that. + // references in the arguments (so we already checked them with + // TransientCellBorrow/CellBorrow as appropriate). + // The borrow checker guarantees that no new non-transient borrows are created. // NOTE: Once we have heap allocations during CTFE we need to figure out // how to prevent `const fn` to create long-lived allocations that point // to (interior) mutable memory. hir::ConstContext::ConstFn => self.check_op(ops::TransientCellBorrow), _ => { - // Locals without StorageDead follow the "enclosing scope" rule, meaning - // they are essentially anonymous static items themselves. + // Locals StorageDead are known to not leak to the final constant, and + // it is thus inherently safe to permit such locals to have their + // address taken as we can't end up with a reference to them in the + // final value without creating a dangling pointer, which will cause + // errors during validation. // Note: This is only sound if every local that has a `StorageDead` has a // `StorageDead` in every control flow path leading to a `return` terminator. if self.local_has_storage_dead(place.local) {