Also check typed raw pointers in validation for dangliness

Author: oli-obk

compiler/rustc_const_eval/src/interpret/validity.rs

@@ -606,6 +606,18 @@ impl<'rt, 'mir, 'tcx: 'mir, M: Machine<'mir, 'tcx>> ValidityVisitor<'rt, 'mir, '
                 if place.layout.is_unsized() {
                     self.check_wide_ptr_meta(place.meta(), place.layout)?;
                 }
+                if let Some(prov) = place.ptr().provenance {
+                    if let Some(alloc_id) = prov.get_alloc_id() {
+                        if let AllocKind::Dead = self.ecx.get_alloc_info(alloc_id).2 {
+                            throw_validation_failure!(
+                                self.path,
+                                DanglingPtrUseAfterFree {
+                                    ptr_kind: PointerKind::Ref(Mutability::Not)
+                                }
+                            )
+                        }
+                    }
+                }
                 Ok(true)
             }
             ty::Ref(_, _ty, mutbl) => {

tests/ui/consts/const-mut-refs/mut_ref_in_final_dynamic_check.stderr

@@ -35,7 +35,7 @@ error[E0080]: it is undefined behavior to use this value
   --> $DIR/mut_ref_in_final_dynamic_check.rs:36:1
    |
 LL | const DANGLING: Option<&mut i32> = helper_dangling();
-   | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ constructing invalid value at .<enum-variant(Some)>.0: encountered a dangling reference (use-after-free)
+   | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ constructing invalid value at .<enum-tag>: encountered a dangling reference (use-after-free)
    |
    = note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior.
    = note: the raw bytes of the constant (size: $SIZE, align: $ALIGN) {
@@ -46,7 +46,7 @@ error[E0080]: it is undefined behavior to use this value
   --> $DIR/mut_ref_in_final_dynamic_check.rs:37:1
    |
 LL | static DANGLING_STATIC: Option<&mut i32> = helper_dangling();
-   | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ constructing invalid value at .<enum-variant(Some)>.0: encountered a dangling reference (use-after-free)
+   | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ constructing invalid value at .<enum-tag>: encountered a dangling reference (use-after-free)
    |
    = note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior.
    = note: the raw bytes of the constant (size: $SIZE, align: $ALIGN) {

tests/ui/consts/dangling_raw_ptr.rs

@@ -1,4 +1,4 @@
-const FOO: *const u32 = { //~ ERROR encountered dangling pointer in final value of constant
+const FOO: *const u32 = { //~ ERROR it is undefined behavior
     let x = 42;
     &x
 };

tests/ui/consts/dangling_raw_ptr.stderr

@@ -1,8 +1,14 @@
-error: encountered dangling pointer in final value of constant
+error[E0080]: it is undefined behavior to use this value
   --> $DIR/dangling_raw_ptr.rs:1:1
    |
 LL | const FOO: *const u32 = {
-   | ^^^^^^^^^^^^^^^^^^^^^
+   | ^^^^^^^^^^^^^^^^^^^^^ constructing invalid value: encountered a dangling reference (use-after-free)
+   |
+   = note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior.
+   = note: the raw bytes of the constant (size: 8, align: 8) {
+               ╾ALLOC0<imm>╼                         │ ╾──────╼
+           }
 
 error: aborting due to 1 previous error
 
+For more information about this error, try `rustc --explain E0080`.

tests/ui/consts/std/cell.rs

@@ -4,9 +4,9 @@ use std::cell::*;
 
 // not ok, because this creates a dangling pointer, just like `let x = Cell::new(42).as_ptr()` would
 static FOO: Wrap<*mut u32> = Wrap(Cell::new(42).as_ptr());
-//~^ ERROR encountered dangling pointer
+//~^ ERROR it is undefined behavior
 const FOO_CONST: Wrap<*mut u32> = Wrap(Cell::new(42).as_ptr());
-//~^ ERROR encountered dangling pointer
+//~^ ERROR it is undefined behavior
 
 // Ok, these are just base values and it is the `Wrap` author's job to uphold `Send` and `Sync`
 // invariants, since they used `unsafe impl`.
@@ -20,27 +20,27 @@ static FOO4: Wrap<*mut u32> = Wrap(FOO3.0.as_ptr());
 // its memory will get freed before the constant is finished evaluating, thus creating a dangling
 // pointer. This would happen exactly the same at runtime.
 const FOO4_CONST: Wrap<*mut u32> = Wrap(FOO3_CONST.0.as_ptr());
-//~^ ERROR encountered dangling pointer
+//~^ ERROR it is undefined behavior
 
 // not ok, because the `as_ptr` call takes a reference to a temporary that will get freed
 // before the constant is finished evaluating.
 const FOO2: *mut u32 = Cell::new(42).as_ptr();
-//~^ ERROR encountered dangling pointer
+//~^ ERROR it is undefined behavior
 
 struct IMSafeTrustMe(UnsafeCell<u32>);
 unsafe impl Send for IMSafeTrustMe {}
 unsafe impl Sync for IMSafeTrustMe {}
 
 static BAR: IMSafeTrustMe = IMSafeTrustMe(UnsafeCell::new(5));
 
-
-
 struct Wrap<T>(T);
 unsafe impl<T> Send for Wrap<T> {}
 unsafe impl<T> Sync for Wrap<T> {}
 
 static BAR_PTR: Wrap<*mut u32> = Wrap(BAR.0.get());
 
-const fn fst_ref<T, U>(x: &(T, U)) -> &T { &x.0 }
+const fn fst_ref<T, U>(x: &(T, U)) -> &T {
+    &x.0
+}
 
 fn main() {}

tests/ui/consts/std/cell.stderr

@@ -1,26 +1,47 @@
-error: encountered dangling pointer in final value of static
+error[E0080]: it is undefined behavior to use this value
   --> $DIR/cell.rs:6:1
    |
 LL | static FOO: Wrap<*mut u32> = Wrap(Cell::new(42).as_ptr());
-   | ^^^^^^^^^^^^^^^^^^^^^^^^^^
+   | ^^^^^^^^^^^^^^^^^^^^^^^^^^ constructing invalid value at .0: encountered a dangling reference (use-after-free)
+   |
+   = note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior.
+   = note: the raw bytes of the constant (size: 8, align: 8) {
+               ╾ALLOC0╼                         │ ╾──────╼
+           }
 
-error: encountered dangling pointer in final value of constant
+error[E0080]: it is undefined behavior to use this value
   --> $DIR/cell.rs:8:1
    |
 LL | const FOO_CONST: Wrap<*mut u32> = Wrap(Cell::new(42).as_ptr());
-   | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+   | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ constructing invalid value at .0: encountered a dangling reference (use-after-free)
+   |
+   = note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior.
+   = note: the raw bytes of the constant (size: 8, align: 8) {
+               ╾ALLOC1╼                         │ ╾──────╼
+           }
 
-error: encountered dangling pointer in final value of constant
+error[E0080]: it is undefined behavior to use this value
   --> $DIR/cell.rs:22:1
    |
 LL | const FOO4_CONST: Wrap<*mut u32> = Wrap(FOO3_CONST.0.as_ptr());
-   | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+   | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ constructing invalid value at .0: encountered a dangling reference (use-after-free)
+   |
+   = note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior.
+   = note: the raw bytes of the constant (size: 8, align: 8) {
+               ╾ALLOC2╼                         │ ╾──────╼
+           }
 
-error: encountered dangling pointer in final value of constant
+error[E0080]: it is undefined behavior to use this value
   --> $DIR/cell.rs:27:1
    |
 LL | const FOO2: *mut u32 = Cell::new(42).as_ptr();
-   | ^^^^^^^^^^^^^^^^^^^^
+   | ^^^^^^^^^^^^^^^^^^^^ constructing invalid value: encountered a dangling reference (use-after-free)
+   |
+   = note: The rules on what exactly is undefined behavior aren't clear, so this check might be overzealous. Please open an issue on the rustc repository if you believe it should not be considered undefined behavior.
+   = note: the raw bytes of the constant (size: 8, align: 8) {
+               ╾ALLOC3╼                         │ ╾──────╼
+           }
 
 error: aborting due to 4 previous errors
 
+For more information about this error, try `rustc --explain E0080`.