Skip to content

Ensure copy* intrinsics also perform the static self-init checks #142575

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Ensure copy* intrinsics also perform the static self-init checks #142575

wants to merge 2 commits into from
+45 −0

Conversation

oli-obk
Copy link
Contributor

@oli-obk oli-obk commented Jun 16, 2025
edited by rustbot
Loading

fixes #142532

r? @RalfJung

@rustbot rustbot added S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. T-compiler Relevant to the compiler team, which will review and decide on the PR/issue. labels Jun 16, 2025
@rustbot
Copy link
Collaborator

rustbot commented Jun 16, 2025

Some changes occurred to the CTFE machinery

cc @RalfJung, @oli-obk, @lcnr

Some changes occurred to the CTFE / Miri interpreter

cc @rust-lang/miri

@oli-obk oli-obk added the relnotes Marks issues that should be documented in the release notes of the next release. label Jun 16, 2025
@rustbot rustbot mentioned this pull request Jun 16, 2025
Open
@oli-obk
Copy link
Contributor Author

oli-obk commented Jun 16, 2025
edited
Loading

Adding relnotes as this will break stable code if someone wrote such code in the last year, but there is absolutely no reason to do so, so not even gonna crater it.

@workingjubilee
Copy link
Member

It's a soundness fix and is only reachable by having incorrect unsafe code that should be rejected by const eval anyway, right? Then we're justified in "break first, figure out how to migrate smoothly later".

@theemathas
Copy link
Contributor

In theory, this could also affect code where there's correct unsafe code in one crate, and there's incorrect safe code in another crate misusing the first crate.

@RalfJung RalfJung mentioned this pull request Jun 17, 2025
Open
RalfJung
RalfJung reviewed Jun 17, 2025
View reviewed changes
compiler/rustc_const_eval/src/interpret/memory.rs Outdated
// And our own "do not read from static items while initializing them" checks
if let Ok((alloc_id, ..)) = self.ptr_try_get_alloc_id(src, size.bytes() as i64) {
M::before_alloc_read(self, alloc_id)?;
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is it possible to move this to right before the before_memory_read below so that we handle both hooks together?

RalfJung
RalfJung reviewed Jun 17, 2025
View reviewed changes
tests/ui/statics/read_before_init.rs Outdated
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please add a comment explaining what this is testing and referencing the issue.

@oli-obk oli-obk force-pushed the sneaky-self-init branch from 16daf7d to 04f835f Compare June 17, 2025 15:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@RalfJung RalfJung RalfJung left review comments

Assignees

@RalfJung RalfJung

Labels
relnotes Marks issues that should be documented in the release notes of the next release. S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. T-compiler Relevant to the compiler team, which will review and decide on the PR/issue.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

std::ptr::copy() can read from uninitialized statics (unsound)
5 participants
@oli-obk @rustbot @workingjubilee @theemathas @RalfJung