user0/rust
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge pull request #629 from RalfJung/rename

Browse source 
Rename things away from 'Shr'
This commit is contained in:
Ralf Jung 2019-02-12 13:02:49 +01:00 committed by GitHub
commit 4816bfb774
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
23 changed files with 53 additions and 53 deletions
Download patch file Download diff file Expand all files Collapse all files

62
src/stacked_borrows.rs
View file

@ -21,19 +21,19 @@ pub type CallId = u64;
pub enum Borrow {
/// A unique (mutable) reference.
Uniq(Timestamp),
/// A shared reference. This is also used by raw pointers, which do not track details
/// An aliasing reference. This is also used by raw pointers, which do not track details
/// of how or when they were created, hence the timestamp is optional.
/// Shr(Some(_)) does NOT mean that the destination of this reference is frozen;
/// that depends on the type! Only those parts outside of an `UnsafeCell` are actually
/// frozen.
Shr(Option<Timestamp>),
Alias(Option<Timestamp>),
}
impl Borrow {
#[inline(always)]
pub fn is_shared(self) -> bool {
pub fn is_aliasing(self) -> bool {
match self {
Borrow::Shr(_) => true,
Borrow::Alias(_) => true,
_ => false,
}
}
@ -49,7 +49,7 @@ impl Borrow {
impl Default for Borrow {
fn default() -> Self {
Borrow::Shr(None)
Borrow::Alias(None)
}
}
@ -58,10 +58,9 @@ impl Default for Borrow {
pub enum BorStackItem {
/// Indicates the unique reference that may mutate.
Uniq(Timestamp),
/// Indicates that the location has been shared. Used for raw pointers, but
/// also for shared references. The latter *additionally* get frozen
/// when there is no `UnsafeCell`.
Shr,
/// Indicates that the location has been mutably shared. Used for raw pointers as
/// well as for unfrozen shared references.
Raw,
/// A barrier, tracking the function it belongs to by its index on the call stack
FnBarrier(CallId)
}
@ -186,19 +185,19 @@ impl<'tcx> Stack {
kind: RefKind,
) -> Result<Option<usize>, String> {
// Exclude unique ref with frozen tag.
if let (RefKind::Unique, Borrow::Shr(Some(_))) = (kind, bor) {
if let (RefKind::Unique, Borrow::Alias(Some(_))) = (kind, bor) {
return Err(format!("Encountered mutable reference with frozen tag ({:?})", bor));
}
// Checks related to freezing
match bor {
Borrow::Shr(Some(bor_t)) if kind == RefKind::Frozen => {
Borrow::Alias(Some(bor_t)) if kind == RefKind::Frozen => {
// We need the location to be frozen. This ensures F3.
let frozen = self.frozen_since.map_or(false, |itm_t| itm_t <= bor_t);
return if frozen { Ok(None) } else {
Err(format!("Location is not frozen long enough"))
}
}
Borrow::Shr(_) if self.frozen_since.is_some() => {
Borrow::Alias(_) if self.frozen_since.is_some() => {
return Ok(None) // Shared deref to frozen location, looking good
}
_ => {} // Not sufficient, go on looking.
@ -210,8 +209,8 @@ impl<'tcx> Stack {
// Found matching unique item. This satisfies U3.
return Ok(Some(idx))
}
(BorStackItem::Shr, Borrow::Shr(_)) => {
// Found matching shared/raw item.
(BorStackItem::Raw, Borrow::Alias(_)) => {
// Found matching aliasing/raw item.
return Ok(Some(idx))
}
// Go on looking. We ignore barriers! When an `&mut` and an `&` alias,
@ -221,7 +220,7 @@ impl<'tcx> Stack {
}
}
// If we got here, we did not find our item. We have to error to satisfy U3.
Err(format!("Borrow being dereferenced ({:?}) does not exist on the stack", bor))
Err(format!("Borrow being dereferenced ({:?}) does not exist on the borrow stack", bor))
}
/// Perform an actual memory access using `bor`. We do not know any types here
@ -258,14 +257,15 @@ impl<'tcx> Stack {
(BorStackItem::Uniq(itm_t), Borrow::Uniq(bor_t)) if itm_t == bor_t => {
// Found matching unique item. Continue after the match.
}
(BorStackItem::Shr, _) if kind == AccessKind::Read => {
// When reading, everything can use a shared item!
(BorStackItem::Raw, _) if kind == AccessKind::Read => {
// When reading, everything can use a raw item!
// We do not want to do this when writing: Writing to an `&mut`
// should reaffirm its exclusivity (i.e., make sure it is
// on top of the stack). Continue after the match.
// on top of the stack).
// Continue after the match.
}
(BorStackItem::Shr, Borrow::Shr(_)) => {
// Found matching shared item. Continue after the match.
(BorStackItem::Raw, Borrow::Alias(_)) => {
// Found matching raw item. Continue after the match.
}
_ => {
// Pop this, go on. This ensures U2.
@ -294,7 +294,7 @@ impl<'tcx> Stack {
}
// If we got here, we did not find our item.
err!(MachineError(format!(
"Borrow being accessed ({:?}) does not exist on the stack",
"Borrow being accessed ({:?}) does not exist on the borrow stack",
bor
)))
}
@ -309,7 +309,7 @@ impl<'tcx> Stack {
// of access (like writing through raw pointers) is permitted.
if kind == RefKind::Frozen {
let bor_t = match bor {
Borrow::Shr(Some(t)) => t,
Borrow::Alias(Some(t)) => t,
_ => bug!("Creating illegal borrow {:?} for frozen ref", bor),
};
// It is possible that we already are frozen (e.g. if we just pushed a barrier,
@ -328,12 +328,12 @@ impl<'tcx> Stack {
// Push new item to the stack.
let itm = match bor {
Borrow::Uniq(t) => BorStackItem::Uniq(t),
Borrow::Shr(_) => BorStackItem::Shr,
Borrow::Alias(_) => BorStackItem::Raw,
};
if *self.borrows.last().unwrap() == itm {
// This is just an optimization, no functional change: Avoid stacking
// multiple `Shr` on top of each other.
assert!(bor.is_shared());
assert!(bor.is_aliasing());
trace!("create: Sharing a shared location is a NOP");
} else {
// This ensures U1.
@ -440,7 +440,7 @@ impl<'tcx> Stacks {
_ => false,
};
if bor_redundant {
assert!(new_bor.is_shared(), "A unique reborrow can never be redundant");
assert!(new_bor.is_aliasing(), "A unique reborrow can never be redundant");
trace!("reborrow is redundant");
continue;
}
@ -465,7 +465,7 @@ impl AllocationExtra<Borrow, MemoryState> for Stacks {
#[inline(always)]
fn memory_allocated<'tcx>(size: Size, extra: &MemoryState) -> Self {
let stack = Stack {
borrows: vec![BorStackItem::Shr],
borrows: vec![BorStackItem::Raw],
frozen_since: None,
};
Stacks {
@ -511,7 +511,7 @@ impl<'tcx> Stacks {
) {
for stack in self.stacks.get_mut().iter_mut(Size::ZERO, size) {
assert!(stack.borrows.len() == 1);
assert_eq!(stack.borrows.pop().unwrap(), BorStackItem::Shr);
assert_eq!(stack.borrows.pop().unwrap(), BorStackItem::Raw);
stack.borrows.push(itm);
}
}
@ -536,7 +536,7 @@ trait EvalContextPrivExt<'a, 'mir, 'tcx: 'a+'mir>: crate::MiriEvalContextExt<'a,
let alloc = this.memory().get(ptr.alloc_id)?;
alloc.check_bounds(this, ptr, size)?;
// Update the stacks.
if let Borrow::Shr(Some(_)) = new_bor {
if let Borrow::Alias(Some(_)) = new_bor {
// Reference that cares about freezing. We need a frozen-sensitive reborrow.
this.visit_freeze_sensitive(place, size, |cur_ptr, size, frozen| {
let kind = if frozen { RefKind::Frozen } else { RefKind::Raw };
@ -574,7 +574,7 @@ trait EvalContextPrivExt<'a, 'mir, 'tcx: 'a+'mir>: crate::MiriEvalContextExt<'a,
let time = this.machine.stacked_borrows.increment_clock();
let new_bor = match mutbl {
Some(MutMutable) => Borrow::Uniq(time),
Some(MutImmutable) => Borrow::Shr(Some(time)),
Some(MutImmutable) => Borrow::Alias(Some(time)),
None => Borrow::default(),
};
@ -586,7 +586,7 @@ trait EvalContextPrivExt<'a, 'mir, 'tcx: 'a+'mir>: crate::MiriEvalContextExt<'a,
assert!(mutbl == Some(MutMutable), "two-phase shared borrows make no sense");
// We immediately share it, to allow read accesses
let two_phase_time = this.machine.stacked_borrows.increment_clock();
let two_phase_bor = Borrow::Shr(Some(two_phase_time));
let two_phase_bor = Borrow::Alias(Some(two_phase_time));
this.reborrow(new_place, size, /*fn_barrier*/false, two_phase_bor)?;
}
@ -651,7 +651,7 @@ pub trait EvalContextExt<'a, 'mir, 'tcx: 'a+'mir>: crate::MiriEvalContextExt<'a,
let alloc = this.memory().get(ptr.alloc_id)?;
alloc.check_bounds(this, ptr, size)?;
// If we got here, we do some checking, *but* we leave the tag unchanged.
if let Borrow::Shr(Some(_)) = ptr.tag {
if let Borrow::Alias(Some(_)) = ptr.tag {
assert_eq!(mutability, Some(MutImmutable));
// We need a frozen-sensitive check
this.visit_freeze_sensitive(place, size, |cur_ptr, size, frozen| {

2
tests/compile-fail/stacked_borrows/alias_through_mutation.rs
View file

@ -9,5 +9,5 @@ fn main() {
retarget(&mut target_alias, target);
// now `target_alias` points to the same thing as `target`
*target = 13;
let _val = *target_alias; //~ ERROR does not exist on the stack
let _val = *target_alias; //~ ERROR does not exist on the borrow stack
}

2
tests/compile-fail/stacked_borrows/aliasing_mut3.rs
View file

@ -1,6 +1,6 @@
use std::mem;
pub fn safe(_x: &mut i32, _y: &i32) {} //~ ERROR does not exist on the stack
pub fn safe(_x: &mut i32, _y: &i32) {} //~ ERROR does not exist on the borrow stack
fn main() {
let mut x = 0;

2
tests/compile-fail/stacked_borrows/box_exclusive_violation1.rs
View file

@ -8,7 +8,7 @@ fn demo_mut_advanced_unique(mut our: Box<i32>) -> i32 {
unknown_code_2();
// We know this will return 5
*our //~ ERROR does not exist on the stack
*our //~ ERROR does not exist on the borrow stack
}
// Now comes the evil context

2
tests/compile-fail/stacked_borrows/buggy_as_mut_slice.rs
View file

@ -13,5 +13,5 @@ fn main() {
let v1 = safe::as_mut_slice(&v);
let _v2 = safe::as_mut_slice(&v);
v1[1] = 5;
//~^ ERROR does not exist on the stack
//~^ ERROR does not exist on the borrow stack
}

2
tests/compile-fail/stacked_borrows/buggy_split_at_mut.rs
View file

@ -9,7 +9,7 @@ mod safe {
assert!(mid <= len);
(from_raw_parts_mut(ptr, len - mid), // BUG: should be "mid" instead of "len - mid"
//~^ ERROR does not exist on the stack
//~^ ERROR does not exist on the borrow stack
from_raw_parts_mut(ptr.offset(mid as isize), len - mid))
}
}

2
tests/compile-fail/stacked_borrows/illegal_read1.rs
View file

@ -7,7 +7,7 @@ fn main() {
let xref = unsafe { &mut *xraw }; // derived from raw, so using raw is still okay...
callee(xraw);
let _val = *xref; // ...but any use of raw will invalidate our ref.
//~^ ERROR: does not exist on the stack
//~^ ERROR: does not exist on the borrow stack
}
fn callee(xraw: *mut i32) {

2
tests/compile-fail/stacked_borrows/illegal_read2.rs
View file

@ -7,7 +7,7 @@ fn main() {
let xref = unsafe { &mut *xraw }; // derived from raw, so using raw is still okay...
callee(xraw);
let _val = *xref; // ...but any use of raw will invalidate our ref.
//~^ ERROR: does not exist on the stack
//~^ ERROR: does not exist on the borrow stack
}
fn callee(xraw: *mut i32) {

2
tests/compile-fail/stacked_borrows/illegal_read3.rs
View file

@ -13,7 +13,7 @@ fn main() {
let xref2 = &mut *xref1; // derived from xref1, so using raw is still okay...
callee(xref1_sneaky);
let _val = *xref2; // ...but any use of it will invalidate our ref.
//~^ ERROR: does not exist on the stack
//~^ ERROR: does not exist on the borrow stack
}
fn callee(xref1: usize) {

2
tests/compile-fail/stacked_borrows/illegal_read4.rs
View file

@ -5,5 +5,5 @@ fn main() {
let xraw = xref1 as *mut _;
let xref2 = unsafe { &mut *xraw };
let _val = unsafe { *xraw }; // use the raw again, this invalidates xref2 *even* with the special read except for uniq refs
let _illegal = *xref2; //~ ERROR does not exist on the stack
let _illegal = *xref2; //~ ERROR does not exist on the borrow stack
}

2
tests/compile-fail/stacked_borrows/illegal_read5.rs
View file

@ -12,5 +12,5 @@ fn main() {
let _val = *xref; // we can even still use our mutable reference
mem::forget(unsafe { ptr::read(xshr) }); // but after reading through the shared ref
let _val = *xref; // the mutable one is dead and gone
//~^ ERROR does not exist on the stack
//~^ ERROR does not exist on the borrow stack
}

2
tests/compile-fail/stacked_borrows/illegal_write2.rs
View file

@ -3,6 +3,6 @@ fn main() {
let target2 = target as *mut _;
drop(&mut *target); // reborrow
// Now make sure our ref is still the only one.
unsafe { *target2 = 13; } //~ ERROR does not exist on the stack
unsafe { *target2 = 13; } //~ ERROR does not exist on the borrow stack
let _val = *target;
}

2
tests/compile-fail/stacked_borrows/illegal_write3.rs
View file

@ -3,6 +3,6 @@ fn main() {
// Make sure raw ptr with raw tag cannot mutate frozen location without breaking the shared ref.
let r#ref = &target; // freeze
let ptr = r#ref as *const _ as *mut _; // raw ptr, with raw tag
unsafe { *ptr = 42; } //~ ERROR does not exist on the stack
unsafe { *ptr = 42; } //~ ERROR does not exist on the borrow stack
let _val = *r#ref;
}

2
tests/compile-fail/stacked_borrows/illegal_write5.rs
View file

@ -7,7 +7,7 @@ fn main() {
let xref = unsafe { &mut *xraw }; // derived from raw, so using raw is still okay...
callee(xraw);
let _val = *xref; // ...but any use of raw will invalidate our ref.
//~^ ERROR: does not exist on the stack
//~^ ERROR: does not exist on the borrow stack
}
fn callee(xraw: *mut i32) {

2
tests/compile-fail/stacked_borrows/load_invalid_mut.rs
View file

@ -5,5 +5,5 @@ fn main() {
let xref = unsafe { &mut *xraw };
let xref_in_mem = Box::new(xref);
let _val = unsafe { *xraw }; // invalidate xref
let _val = *xref_in_mem; //~ ERROR does not exist on the stack
let _val = *xref_in_mem; //~ ERROR does not exist on the borrow stack
}

2
tests/compile-fail/stacked_borrows/outdated_local.rs
View file

@ -3,7 +3,7 @@ fn main() {
let y: *const i32 = &x;
x = 1; // this invalidates y by reactivating the lowermost uniq borrow for this local
assert_eq!(unsafe { *y }, 1); //~ ERROR does not exist on the stack
assert_eq!(unsafe { *y }, 1); //~ ERROR does not exist on the borrow stack
assert_eq!(x, 1);
}

2
tests/compile-fail/stacked_borrows/pass_invalid_mut.rs
View file

@ -6,5 +6,5 @@ fn main() {
let xraw = x as *mut _;
let xref = unsafe { &mut *xraw };
let _val = unsafe { *xraw }; // invalidate xref
foo(xref); //~ ERROR does not exist on the stack
foo(xref); //~ ERROR does not exist on the borrow stack
}

2
tests/compile-fail/stacked_borrows/pointer_smuggling.rs
View file

@ -8,7 +8,7 @@ fn fun1(x: &mut u8) {
fn fun2() {
// Now we use a pointer we are not allowed to use
let _x = unsafe { *PTR }; //~ ERROR does not exist on the stack
let _x = unsafe { *PTR }; //~ ERROR does not exist on the borrow stack
}
fn main() {

2
tests/compile-fail/stacked_borrows/return_invalid_mut.rs
View file

@ -3,7 +3,7 @@ fn foo(x: &mut (i32, i32)) -> &mut i32 {
let xraw = x as *mut (i32, i32);
let ret = unsafe { &mut (*xraw).1 };
let _val = unsafe { *xraw }; // invalidate xref
ret //~ ERROR does not exist on the stack
ret //~ ERROR does not exist on the borrow stack
}
fn main() {

2
tests/compile-fail/stacked_borrows/return_invalid_mut_option.rs
View file

@ -3,7 +3,7 @@ fn foo(x: &mut (i32, i32)) -> Option<&mut i32> {
let xraw = x as *mut (i32, i32);
let ret = Some(unsafe { &mut (*xraw).1 });
let _val = unsafe { *xraw }; // invalidate xref
ret //~ ERROR does not exist on the stack
ret //~ ERROR does not exist on the borrow stack
}
fn main() {

2
tests/compile-fail/stacked_borrows/return_invalid_mut_tuple.rs
View file

@ -3,7 +3,7 @@ fn foo(x: &mut (i32, i32)) -> (&mut i32,) {
let xraw = x as *mut (i32, i32);
let ret = (unsafe { &mut (*xraw).1 },);
let _val = unsafe { *xraw }; // invalidate xref
ret //~ ERROR does not exist on the stack
ret //~ ERROR does not exist on the borrow stack
}
fn main() {

2
tests/compile-fail/stacked_borrows/transmute-is-no-escape.rs
View file

@ -10,5 +10,5 @@ fn main() {
let _raw: *mut i32 = unsafe { mem::transmute(&mut x[0]) };
// `raw` still carries a tag, so we get another pointer to the same location that does not carry a tag
let raw = (&mut x[1] as *mut i32).wrapping_offset(-1);
unsafe { *raw = 13; } //~ ERROR does not exist on the stack
unsafe { *raw = 13; } //~ ERROR does not exist on the borrow stack
}

2
tests/compile-fail/stacked_borrows/unescaped_local.rs
View file

@ -4,5 +4,5 @@ fn main() {
let mut x = 42;
let raw = &mut x as *mut i32 as usize as *mut i32;
let _ptr = &mut x;
unsafe { *raw = 13; } //~ ERROR does not exist on the stack
unsafe { *raw = 13; } //~ ERROR does not exist on the borrow stack
}