Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ICE: the static const safety checks accepted mutable references they should not have accepted #130392

Closed
matthiaskrgr opened this issue Sep 15, 2024 · 2 comments · Fixed by #130394
Labels
C-bug Category: This is a bug. I-ICE Issue: The compiler panicked, giving an Internal Compilation Error (ICE) ❄️ T-compiler Relevant to the compiler team, which will review and decide on the PR/issue.

Comments

@matthiaskrgr
Copy link
Member

auto-reduced (treereduce-rust):

use std::mem;

#[repr(C)]

const NULL_BOX: Box<u16> = unsafe { mem::transmute(&13) };
original code

original:

// ignore-tidy-linelength
// Strip out raw byte dumps to make comparison platform-independent:
//@ normalize-stderr-test: "(the raw bytes of the constant) \(size: [0-9]*, align: [0-9]*\)" -> "$1 (size: $$SIZE, align: $$ALIGN)"
//@ normalize-stderr-test: "([0-9a-f][0-9a-f] |╾─*ALLOC[0-9]+(\+[a-z0-9]+)?(<imm>)?─*╼ )+ *│.*" -> "HEX_DUMP"
#![allow(invalid_value)]

use std::mem;

#[repr(C)]
union MaybeUninit<T: Copy> {
    uninit: (),
    init: T,
}

const UNALIGNED: &u16 = unsafe { mem::transmute(&[0u8; 4]) };
//~^ ERROR it is undefined behavior to use this value
//~| constructing invalid value: encountered an unaligned reference (required 2 byte alignment but found 1)

const UNALIGNED_BOX: Box<u16> = unsafe { mem::transmute(&[0u8; 4]) };
//~ inside `UNALIGNED_READ`
//~| constructing invalid value: encountered an unaligned box (required 2 byte alignment but found 1)

const NULL: &u16 = unsafe { mem::transmute(0usize) };
//~^ ERROR it is undefined behavior to use this value

const NULL_BOX: Box<u16> = unsafe { mem::transmute(&13) };
//~^ ERROR it is undefined behavior to use this value


// It is very important that we reject this: We do promote `&(4 * REF_AS_USIZE)`,
// but that would fail to compile; so we ended up breaking user code that would
// have worked fine had we not promoted.
const REF_AS_USIZE: usize = unsafe { mem::transmute(&0) };
//~^ ERROR evaluation of constant value failed

const REF_AS_USIZE_SLICE: &[usize] = &[unsafe { mem::transmute(&0) }];
//~^ ERROR evaluation of constant value failed

const REF_AS_USIZE_BOX_SLICE: Box<[usize]> = unsafe { mem::transmute::<&[usize], _>(&[mem::transmute(&0)]) };
//~^ ERROR evaluation of constant value failed

const USIZE_AS_REF: &'static u8 = unsafe { mem::transmute(1337usize) };
//~^ ERROR it is undefined behavior to use this value

const USIZE_AS_BOX: Box<u8> = unsafe { mem::transmute(1337usize) };
//~^ ERROR it is undefined behavior to use this value

const UNINIT_PTR: *const i32 = unsafe { MaybeUninit { uninit: () }.init };
//~^ ERROR evaluation of constant value failed
//~| uninitialized

const NULL_FN_PTR: fn() = unsafe { mem::transmute(0usize) };
//~^ ERROR it is undefined behavior to use this value
const UNINIT_FN_PTR: fn() = unsafe { MaybeUninit { uninit: () }.init };
//~^ ERROR evaluation of constant value failed
//~| uninitialized
const DANGLING_FN_PTR: fn() = unsafe { mem::transmute(13usize) };
//~^ ERROR it is undefined behavior to use this value
const DATA_FN_PTR: fn() = unsafe { mem::transmute(&13) };
//~^ ERROR it is undefined behavior to use this value


const UNALIGNED_READ: () = unsafe {
    let x = &[0u8; 4];
    let C = x.as_ptr().cast::<u32>();
    ptr.read(); //~ inside `UNALIGNED_READ`
};


fn main() {}

Version information

rustc 1.83.0-nightly (4f1be9215 2024-09-14)
binary: rustc
commit-hash: 4f1be92153167dfc2a54215bfd49f398c04ce647
commit-date: 2024-09-14
host: x86_64-unknown-linux-gnu
release: 1.83.0-nightly
LLVM version: 19.1.0

Command:
/home/gh-matthiaskrgr/.rustup/toolchains/master/bin/rustc

Program output

error[E0601]: `main` function not found in crate `mvce`
 --> /tmp/icemaker_global_tempdir.bJIO8sESgXOC/rustc_testrunner_tmpdir_reporting.0sBZX3hnC5YA/mvce.rs:5:59
  |
5 | const NULL_BOX: Box<u16> = unsafe { mem::transmute(&13) };
  |                                                           ^ consider adding a `main` function to `/tmp/icemaker_global_tempdir.bJIO8sESgXOC/rustc_testrunner_tmpdir_reporting.0sBZX3hnC5YA/mvce.rs`

error[E0517]: attribute should be applied to a struct, enum, or union
 --> /tmp/icemaker_global_tempdir.bJIO8sESgXOC/rustc_testrunner_tmpdir_reporting.0sBZX3hnC5YA/mvce.rs:3:8
  |
3 | #[repr(C)]
  |        ^
4 |
5 | const NULL_BOX: Box<u16> = unsafe { mem::transmute(&13) };
  | ---------------------------------------------------------- not a struct, enum, or union

error: internal compiler error: compiler/rustc_const_eval/src/interpret/validity.rs:622:33: the static const safety checks accepted mutable references they should not have accepted
 --> /tmp/icemaker_global_tempdir.bJIO8sESgXOC/rustc_testrunner_tmpdir_reporting.0sBZX3hnC5YA/mvce.rs:5:1
  |
5 | const NULL_BOX: Box<u16> = unsafe { mem::transmute(&13) };
  | ^^^^^^^^^^^^^^^^^^^^^^^^

thread 'rustc' panicked at compiler/rustc_const_eval/src/interpret/validity.rs:622:33:
Box<dyn Any>
stack backtrace:
   0:     0x7bcdbda7b18a - <std::sys::backtrace::BacktraceLock::print::DisplayBacktrace as core::fmt::Display>::fmt::hf56f131060334410
   1:     0x7bcdbe203297 - core::fmt::write::hca99a1033ad8fb7e
   2:     0x7bcdbf0ce473 - std::io::Write::write_fmt::h3ee0545282dfb25b
   3:     0x7bcdbda7afe2 - std::sys::backtrace::BacktraceLock::print::he60ba974f9acf9d9
   4:     0x7bcdbda7d761 - std::panicking::default_hook::{{closure}}::hde21c1684decca25
   5:     0x7bcdbda7d594 - std::panicking::default_hook::h52af35cff2244cca
   6:     0x7bcdbcb808af - std[a418af8a4b80da9d]::panicking::update_hook::<alloc[1be92378dafe8eea]::boxed::Box<rustc_driver_impl[f105cbeea98b4d25]::install_ice_hook::{closure#0}>>::{closure#0}
   7:     0x7bcdbda7de88 - std::panicking::rust_panic_with_hook::h5733bff0390959c4
   8:     0x7bcdbcbba091 - std[a418af8a4b80da9d]::panicking::begin_panic::<rustc_errors[ca425f89e16bdd4b]::ExplicitBug>::{closure#0}
   9:     0x7bcdbcbad706 - std[a418af8a4b80da9d]::sys::backtrace::__rust_end_short_backtrace::<std[a418af8a4b80da9d]::panicking::begin_panic<rustc_errors[ca425f89e16bdd4b]::ExplicitBug>::{closure#0}, !>
  10:     0x7bcdbcba8e79 - std[a418af8a4b80da9d]::panicking::begin_panic::<rustc_errors[ca425f89e16bdd4b]::ExplicitBug>
  11:     0x7bcdbcbc3211 - <rustc_errors[ca425f89e16bdd4b]::diagnostic::BugAbort as rustc_errors[ca425f89e16bdd4b]::diagnostic::EmissionGuarantee>::emit_producing_guarantee
  12:     0x7bcdbcacad0d - <rustc_errors[ca425f89e16bdd4b]::DiagCtxtHandle>::span_bug::<rustc_span[28d86ad0cd00d34a]::span_encoding::Span, alloc[1be92378dafe8eea]::string::String>
  13:     0x7bcdbcaec838 - rustc_middle[cdd3c0f25a03279b]::util::bug::opt_span_bug_fmt::<rustc_span[28d86ad0cd00d34a]::span_encoding::Span>::{closure#0}
  14:     0x7bcdbcaec86a - rustc_middle[cdd3c0f25a03279b]::ty::context::tls::with_opt::<rustc_middle[cdd3c0f25a03279b]::util::bug::opt_span_bug_fmt<rustc_span[28d86ad0cd00d34a]::span_encoding::Span>::{closure#0}, !>::{closure#0}
  15:     0x7bcdbcae08fb - rustc_middle[cdd3c0f25a03279b]::ty::context::tls::with_context_opt::<rustc_middle[cdd3c0f25a03279b]::ty::context::tls::with_opt<rustc_middle[cdd3c0f25a03279b]::util::bug::opt_span_bug_fmt<rustc_span[28d86ad0cd00d34a]::span_encoding::Span>::{closure#0}, !>::{closure#0}, !>
  16:     0x7bcdbbb43187 - rustc_middle[cdd3c0f25a03279b]::util::bug::span_bug_fmt::<rustc_span[28d86ad0cd00d34a]::span_encoding::Span>
  17:     0x7bcdbe861d30 - <rustc_const_eval[1e343bddbce1c9f9]::interpret::validity::ValidityVisitor<rustc_const_eval[1e343bddbce1c9f9]::const_eval::machine::CompileTimeMachine>>::check_safe_pointer
  18:     0x7bcdbe867d0b - <rustc_const_eval[1e343bddbce1c9f9]::interpret::validity::ValidityVisitor<rustc_const_eval[1e343bddbce1c9f9]::const_eval::machine::CompileTimeMachine> as rustc_const_eval[1e343bddbce1c9f9]::interpret::visitor::ValueVisitor<rustc_const_eval[1e343bddbce1c9f9]::const_eval::machine::CompileTimeMachine>>::visit_value
  19:     0x7bcdbbbcf850 - rustc_const_eval[1e343bddbce1c9f9]::const_eval::eval_queries::eval_to_allocation_raw_provider
  20:     0x7bcdbe84a876 - rustc_query_impl[59345be8fa34e1e5]::plumbing::__rust_begin_short_backtrace::<rustc_query_impl[59345be8fa34e1e5]::query_impl::eval_to_allocation_raw::dynamic_query::{closure#2}::{closure#0}, rustc_middle[cdd3c0f25a03279b]::query::erase::Erased<[u8; 24usize]>>
  21:     0x7bcdbe84a092 - rustc_query_system[af0e7f2cb0d9ade9]::query::plumbing::try_execute_query::<rustc_query_impl[59345be8fa34e1e5]::DynamicConfig<rustc_query_system[af0e7f2cb0d9ade9]::query::caches::DefaultCache<rustc_middle[cdd3c0f25a03279b]::ty::ParamEnvAnd<rustc_middle[cdd3c0f25a03279b]::mir::interpret::GlobalId>, rustc_middle[cdd3c0f25a03279b]::query::erase::Erased<[u8; 24usize]>>, false, false, false>, rustc_query_impl[59345be8fa34e1e5]::plumbing::QueryCtxt, false>
  22:     0x7bcdbe849c6f - rustc_query_impl[59345be8fa34e1e5]::query_impl::eval_to_allocation_raw::get_query_non_incr::__rust_end_short_backtrace
  23:     0x7bcdbe84bad8 - rustc_const_eval[1e343bddbce1c9f9]::const_eval::eval_queries::eval_to_const_value_raw_provider
  24:     0x7bcdbe84b8f6 - rustc_query_impl[59345be8fa34e1e5]::plumbing::__rust_begin_short_backtrace::<rustc_query_impl[59345be8fa34e1e5]::query_impl::eval_to_const_value_raw::dynamic_query::{closure#2}::{closure#0}, rustc_middle[cdd3c0f25a03279b]::query::erase::Erased<[u8; 24usize]>>
  25:     0x7bcdbe84a055 - rustc_query_system[af0e7f2cb0d9ade9]::query::plumbing::try_execute_query::<rustc_query_impl[59345be8fa34e1e5]::DynamicConfig<rustc_query_system[af0e7f2cb0d9ade9]::query::caches::DefaultCache<rustc_middle[cdd3c0f25a03279b]::ty::ParamEnvAnd<rustc_middle[cdd3c0f25a03279b]::mir::interpret::GlobalId>, rustc_middle[cdd3c0f25a03279b]::query::erase::Erased<[u8; 24usize]>>, false, false, false>, rustc_query_impl[59345be8fa34e1e5]::plumbing::QueryCtxt, false>
  26:     0x7bcdbe849b73 - rustc_query_impl[59345be8fa34e1e5]::query_impl::eval_to_const_value_raw::get_query_non_incr::__rust_end_short_backtrace
  27:     0x7bcdbe45467d - <rustc_middle[cdd3c0f25a03279b]::hir::map::Map>::par_body_owners::<rustc_hir_analysis[416db8bc62cc6f14]::check_crate::{closure#3}>::{closure#0}
  28:     0x7bcdbe451f06 - rustc_hir_analysis[416db8bc62cc6f14]::check_crate
  29:     0x7bcdbe44e845 - rustc_interface[36ae3b7efb67c520]::passes::run_required_analyses
  30:     0x7bcdbeef13de - rustc_interface[36ae3b7efb67c520]::passes::analysis
  31:     0x7bcdbeef13b1 - rustc_query_impl[59345be8fa34e1e5]::plumbing::__rust_begin_short_backtrace::<rustc_query_impl[59345be8fa34e1e5]::query_impl::analysis::dynamic_query::{closure#2}::{closure#0}, rustc_middle[cdd3c0f25a03279b]::query::erase::Erased<[u8; 1usize]>>
  32:     0x7bcdbf072bee - rustc_query_system[af0e7f2cb0d9ade9]::query::plumbing::try_execute_query::<rustc_query_impl[59345be8fa34e1e5]::DynamicConfig<rustc_query_system[af0e7f2cb0d9ade9]::query::caches::SingleCache<rustc_middle[cdd3c0f25a03279b]::query::erase::Erased<[u8; 1usize]>>, false, false, false>, rustc_query_impl[59345be8fa34e1e5]::plumbing::QueryCtxt, false>
  33:     0x7bcdbf07294f - rustc_query_impl[59345be8fa34e1e5]::query_impl::analysis::get_query_non_incr::__rust_end_short_backtrace
  34:     0x7bcdbeee98fc - rustc_interface[36ae3b7efb67c520]::interface::run_compiler::<core[d660f6968a6ca250]::result::Result<(), rustc_span[28d86ad0cd00d34a]::ErrorGuaranteed>, rustc_driver_impl[f105cbeea98b4d25]::run_compiler::{closure#0}>::{closure#1}
  35:     0x7bcdbef8d410 - std[a418af8a4b80da9d]::sys::backtrace::__rust_begin_short_backtrace::<rustc_interface[36ae3b7efb67c520]::util::run_in_thread_with_globals<rustc_interface[36ae3b7efb67c520]::util::run_in_thread_pool_with_globals<rustc_interface[36ae3b7efb67c520]::interface::run_compiler<core[d660f6968a6ca250]::result::Result<(), rustc_span[28d86ad0cd00d34a]::ErrorGuaranteed>, rustc_driver_impl[f105cbeea98b4d25]::run_compiler::{closure#0}>::{closure#1}, core[d660f6968a6ca250]::result::Result<(), rustc_span[28d86ad0cd00d34a]::ErrorGuaranteed>>::{closure#0}, core[d660f6968a6ca250]::result::Result<(), rustc_span[28d86ad0cd00d34a]::ErrorGuaranteed>>::{closure#0}::{closure#0}, core[d660f6968a6ca250]::result::Result<(), rustc_span[28d86ad0cd00d34a]::ErrorGuaranteed>>
  36:     0x7bcdbef8da7a - <<std[a418af8a4b80da9d]::thread::Builder>::spawn_unchecked_<rustc_interface[36ae3b7efb67c520]::util::run_in_thread_with_globals<rustc_interface[36ae3b7efb67c520]::util::run_in_thread_pool_with_globals<rustc_interface[36ae3b7efb67c520]::interface::run_compiler<core[d660f6968a6ca250]::result::Result<(), rustc_span[28d86ad0cd00d34a]::ErrorGuaranteed>, rustc_driver_impl[f105cbeea98b4d25]::run_compiler::{closure#0}>::{closure#1}, core[d660f6968a6ca250]::result::Result<(), rustc_span[28d86ad0cd00d34a]::ErrorGuaranteed>>::{closure#0}, core[d660f6968a6ca250]::result::Result<(), rustc_span[28d86ad0cd00d34a]::ErrorGuaranteed>>::{closure#0}::{closure#0}, core[d660f6968a6ca250]::result::Result<(), rustc_span[28d86ad0cd00d34a]::ErrorGuaranteed>>::{closure#1} as core[d660f6968a6ca250]::ops::function::FnOnce<()>>::call_once::{shim:vtable#0}
  37:     0x7bcdbef8de6b - std::sys::pal::unix::thread::Thread::new::thread_start::h05af6d35f9d401bc
  38:     0x7bcdb9294ac3 - start_thread
                               at ./nptl/pthread_create.c:442:8
  39:     0x7bcdb9326850 - __GI___clone3
                               at ./misc/../sysdeps/unix/sysv/linux/x86_64/clone3.S:81
  40:                0x0 - <unknown>

note: we would appreciate a bug report: https://github.com/rust-lang/rust/issues/new?labels=C-bug%2C+I-ICE%2C+T-compiler&template=ice.md

note: please make sure that you have updated to the latest nightly

note: rustc 1.83.0-nightly (4f1be9215 2024-09-14) running on x86_64-unknown-linux-gnu

query stack during panic:
#0 [eval_to_allocation_raw] const-evaluating + checking `NULL_BOX`
#1 [eval_to_const_value_raw] simplifying constant for the type system `NULL_BOX`
end of query stack
error: aborting due to 3 previous errors

Some errors have detailed explanations: E0517, E0601.
For more information about an error, try `rustc --explain E0517`.

@matthiaskrgr matthiaskrgr added I-ICE Issue: The compiler panicked, giving an Internal Compilation Error (ICE) ❄️ T-compiler Relevant to the compiler team, which will review and decide on the PR/issue. C-bug Category: This is a bug. labels Sep 15, 2024
@rustbot rustbot added the needs-triage This issue may need triage. Remove it if it has been sufficiently triaged. label Sep 15, 2024
@matthiaskrgr
Copy link
Member Author

smaller

const NULL_BOX: Box<u16> = unsafe { std::mem::transmute(&1) };

@matthiaskrgr
Copy link
Member Author

#128543 cc @RalfJung

@bors bors closed this as completed in 62445f1 Sep 16, 2024
rust-timer added a commit to rust-lang-ci/rust that referenced this issue Sep 16, 2024
Rollup merge of rust-lang#130394 - RalfJung:mut-ref-to-immut, r=saethlin

const: don't ICE when encountering a mutable ref to immutable memory

Turns out that this can actually happen -- thanks to `@matthiaskrgr` for producing a testcase. :)

Fixes rust-lang#130392
@jieyouxu jieyouxu removed the needs-triage This issue may need triage. Remove it if it has been sufficiently triaged. label Sep 16, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
C-bug Category: This is a bug. I-ICE Issue: The compiler panicked, giving an Internal Compilation Error (ICE) ❄️ T-compiler Relevant to the compiler team, which will review and decide on the PR/issue.
Projects
None yet
Development

Successfully merging a pull request may close this issue.

3 participants