Forward-compatibly deny drops in constants if they *could* actually run. #43932
Conversation
eddyb
added
the
S-waiting-on-crater
| // Deny *any* live drops anywhere other than functions. | ||
| if self.mode != Mode::Fn { | ||
| // HACK(eddyb) Emulate a bit of dataflow analysis, | ||
| // conservatively, that drop elaboration will do. |
There was a problem hiding this comment.
This is not really "drop elaboration" dataflow - drop elaboration does not know that None has no destructor - but rather "const qual" dataflow.
There was a problem hiding this comment.
Right, it's a combination of the two.
|
@bors try (for cargobomb) |
Forward-compatibly deny drops in constants if they *could* actually run. This is part of #40036, specifically the checks for user-defined destructor invocations on locals which *may not* have been moved away, the motivating example being: ```rust const FOO: i32 = (HasDrop {...}, 0).1; ``` The evaluation of constant MIR will continue to create `'static` slots for more locals than is necessary (if `Storage{Live,Dead}` statements are ignored), but it shouldn't be misusable. r? @nikomatsakis
|
☀️ Test successful - status-travis |
|
cc @rust-lang/infra Cargobomb run requested. |
|
Cargobomb run started |
|
Any news from cargobomb run? |
|
~27 hours remaining. I was away for the weekend so didn't manage to kick off a phase of the run until yesterday. |
|
Great, only regression is Rocket (which I've seen on crater before). However, I've changed by mind about it - it only uses associated |
alexcrichton
added
S-waiting-on-review
|
Switching to S-waiting-on-review as looks like cargobomb's been run, cc @nikomatsakis |
eddyb
added
the
S-waiting-on-author
|
Also waiting on me to treat inherent associated |
eddyb
force-pushed
the
const-scoping
branch
5 times, most recently
from
52667d8
to
8697b80
Compare
|
Latest crater report confirms Rocket has been fixed. r? @nikomatsakis |
eddyb
removed
the
S-waiting-on-author
|
Could you add a test for the rocket case, so we can make sure it stays fixed? |
| // HACK(eddyb) Emulate a bit of dataflow analysis, | ||
| // conservatively, that drop elaboration will do. | ||
| let needs_drop = if let Lvalue::Local(local) = *lvalue { | ||
| self.local_needs_drop[local] |
There was a problem hiding this comment.
I presume that we will reject (for constants) things that mutate "MIR locals" once they are assigned?
There was a problem hiding this comment.
Yeah that is considered an assignment and disallowed as "statement-like".
| fn drop(&mut self) {} | ||
| } | ||
|
|
||
| static FOO: Option<&'static WithDtor> = Some(&WithDtor); |
There was a problem hiding this comment.
maybe add a test with struct WithoutDtor and Some(&WithoutDtor)? Does that behave differently?
There was a problem hiding this comment.
That has worked since 1.0, but if you have something more advanced in mind that would actually stress the new code, I'm up for it.
|
(To be clear, I want to revisit shortly once I see answers.) |
|
@eddyb would you mind adding a few more tests, just to have more "exhaustive" coverage of the various cases? otherwise, r=me I think. |
|
📌 Commit c76a024 has been approved by |
nikomatsakis
added
S-waiting-on-bors
Forward-compatibly deny drops in constants if they *could* actually run. This is part of #40036, specifically the checks for user-defined destructor invocations on locals which *may not* have been moved away, the motivating example being: ```rust const FOO: i32 = (HasDrop {...}, 0).1; ``` The evaluation of constant MIR will continue to create `'static` slots for more locals than is necessary (if `Storage{Live,Dead}` statements are ignored), but it shouldn't be misusable. r? @nikomatsakis
|
☀️ Test successful - status-appveyor, status-travis |
Better StorageLive / StorageDead placement for constants. Fixes problems in miri (see rust-lang/miri#324 (comment)) caused by the new scope rules in #43932. What I've tried to do here is always have a `StorageLive` but no `StorageDead` for `'static` slots. It might not work perfectly in all cases, but it should unblock miri. r? @nikomatsakis cc @oli-obk
This is part of #40036, specifically the checks for user-defined destructor invocations on locals which may not have been moved away, the motivating example being:
The evaluation of constant MIR will continue to create
'staticslots for more locals than is necessary (ifStorage{Live,Dead}statements are ignored), but it shouldn't be misusable.r? @nikomatsakis