Skip to content

Functions in const declarations ignore lifetimes, mutability, violate memory safety #22382

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
lilyball opened this issue Feb 15, 2015 · 4 comments · Fixed by #22736
Closed

Functions in const declarations ignore lifetimes, mutability, violate memory safety #22382

lilyball opened this issue Feb 15, 2015 · 4 comments · Fixed by #22736
Assignees
@nikomatsakis
Milestone
1.0 beta

Comments

@lilyball
Copy link
Contributor

Functions defined inside of const declarations seem to ignore all lifetimes and mutability. This allows for massively violating the safety guarantees of Rust:

// Let's try moving out of a reference
const MOVE: fn(&String) -> String = {
    fn broken(x: &String) -> String {
        return *x
    }
    broken
};

// How about mutating an immutable vector?
const MUTATE: fn(&Vec<String>) = {
    fn broken(x: &Vec<String>) {
        x.push(format!("this is broken"));
    }
    broken
};

// Returning local references?
struct DropString {
    inner: String
}
impl Drop for DropString {
    fn drop(&mut self) {
        self.inner.clear();
        self.inner.push_str("dropped");
    }
}
const LOCAL_REF: fn() -> &'static str = {
    fn broken() -> &'static str {
        let local = DropString { inner: format!("Some local string") };
        return &local.inner;
    }
    broken
};

fn main() {
    // And yes, it all actually works
    let s = format!("some string");
    let s_moved = (MOVE)(&s);
    println!("s_moved: {}", s_moved);

    let v = vec![format!("immutable"), format!("vector")];
    (MUTATE)(&v);
    println!("mutated: {:?}", v);

    let local_ref = (LOCAL_REF)();
    println!("local_ref: {}", local_ref);
}
@steveklabnik
Copy link
Member

Nominating, this seems incredibly serious.

@lilyball
Copy link
Contributor Author

According to @eddyb it seems that the borrowck Visitor isn't bothering to walk statics/consts (see borrowck/mod.rs). Presumably this code was never updated when it became possible to use blocks as the initializer expression.

@nikomatsakis
Copy link
Contributor

Um, yeah, not good. I'll investigate soonish, presuming @eddyb doesn't get there first.

@nikomatsakis nikomatsakis self-assigned this Feb 19, 2015
@pnkfelix
Copy link
Member

P-back-compatlang, 1.0 beta

@pnkfelix pnkfelix added this to the 1.0 beta milestone Feb 19, 2015
nikomatsakis added a commit to nikomatsakis/rust that referenced this issue Feb 23, 2015
@nikomatsakis
Apply borrowck to fns that appear in const declarations.
d443f98 
Fixes rust-lang#22382.
@nikomatsakis nikomatsakis mentioned this issue Feb 23, 2015
Merged
Manishearth added a commit to Manishearth/rust that referenced this issue Feb 24, 2015
@Manishearth
Rollup merge of rust-lang#22736 - nikomatsakis:issue-22382, r=eddyb
2408698 
 Apply borrowck to fns that appear in const declarations.
Fixes rust-lang#22382.

r? @eddyb
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@nikomatsakis nikomatsakis

Labels
None yet
Projects
None yet
Milestone
1.0 beta
Development

Successfully merging a pull request may close this issue.

Apply borrowck to fns that appear in const declarations. nikomatsakis/rust
4 participants
@lilyball @steveklabnik @nikomatsakis @pnkfelix