Skip to content

Functions in const declarations ignore lifetimes, mutability, violate memory safety #22382

New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom
Closed
lilyball opened this issue Feb 15, 2015 · 4 comments · Fixed by #22736
Closed

Functions in const declarations ignore lifetimes, mutability, violate memory safety #22382

lilyball opened this issue Feb 15, 2015 · 4 comments · Fixed by #22736
Assignees
@nikomatsakis
Milestone
1.0 beta

Comments

@lilyball
Copy link
Contributor

Functions defined inside of const declarations seem to ignore all lifetimes and mutability. This allows for massively violating the safety guarantees of Rust:

// Let's try moving out of a reference
const MOVE: fn(&String) -> String = {
    fn broken(x: &String) -> String {
        return *x
    }
    broken
};

// How about mutating an immutable vector?
const MUTATE: fn(&Vec<String>) = {
    fn broken(x: &Vec<String>) {
        x.push(format!("this is broken"));
    }
    broken
};

// Returning local references?
struct DropString {
    inner: String
}
impl Drop for DropString {
    fn drop(&mut self) {
        self.inner.clear();
        self.inner.push_str("dropped");
    }
}
const LOCAL_REF: fn() -> &'static str = {
    fn broken() -> &'static str {
        let local = DropString { inner: format!("Some local string") };
        return &local.inner;
    }
    broken
};

fn main() {
    // And yes, it all actually works
    let s = format!("some string");
    let s_moved = (MOVE)(&s);
    println!("s_moved: {}", s_moved);

    let v = vec![format!("immutable"), format!("vector")];
    (MUTATE)(&v);
    println!("mutated: {:?}", v);

    let local_ref = (LOCAL_REF)();
    println!("local_ref: {}", local_ref);
}
@steveklabnik
Copy link
Member

Nominating, this seems incredibly serious.

@lilyball
Copy link
Contributor Author

According to @eddyb it seems that the borrowck Visitor isn't bothering to walk statics/consts (see borrowck/mod.rs). Presumably this code was never updated when it became possible to use blocks as the initializer expression.

@nikomatsakis
Copy link
Contributor

Um, yeah, not good. I'll investigate soonish, presuming @eddyb doesn't get there first.

@nikomatsakis nikomatsakis self-assigned this Feb 19, 2015
@pnkfelix
Copy link
Member

P-back-compatlang, 1.0 beta

@pnkfelix pnkfelix added this to the 1.0 beta milestone Feb 19, 2015
nikomatsakis added a commit to nikomatsakis/rust that referenced this issue Feb 23, 2015
@nikomatsakis
Apply borrowck to fns that appear in const declarations.
d443f98 
Fixes rust-lang#22382.
@nikomatsakis nikomatsakis mentioned this issue Feb 23, 2015
Merged
Manishearth added a commit to Manishearth/rust that referenced this issue Feb 24, 2015
@Manishearth
Rollup merge of rust-lang#22736 - nikomatsakis:issue-22382, r=eddyb
2408698 
 Apply borrowck to fns that appear in const declarations.
Fixes rust-lang#22382.

r? @eddyb
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees

@nikomatsakis nikomatsakis

Labels
None yet
Projects
None yet
Milestone
1.0 beta
Development

Successfully merging a pull request may close this issue.

Apply borrowck to fns that appear in const declarations. nikomatsakis/rust
4 participants
@lilyball @steveklabnik @nikomatsakis @pnkfelix