From 55fb12c274898b56d05e4ee8c97d4417e38e8ecc Mon Sep 17 00:00:00 2001
From: Santiago Pastorino <spastorino@gmail.com>
Date: Wed, 11 Apr 2018 15:11:51 -0300
Subject: [PATCH] Fix unsoundness bug in functions input references

Check that function input references are well formed
---
 .../borrow_check/nll/type_check/mod.rs        |  5 ++++
 src/test/ui/issue-48803.rs                    | 25 +++++++++++++++++++
 src/test/ui/issue-48803.stderr                | 15 +++++++++++
 3 files changed, 45 insertions(+)
 create mode 100644 src/test/ui/issue-48803.rs
 create mode 100644 src/test/ui/issue-48803.stderr

diff --git a/src/librustc_mir/borrow_check/nll/type_check/mod.rs b/src/librustc_mir/borrow_check/nll/type_check/mod.rs
index d68175de9ddc9..faa382738b06f 100644
--- a/src/librustc_mir/borrow_check/nll/type_check/mod.rs
+++ b/src/librustc_mir/borrow_check/nll/type_check/mod.rs
@@ -898,6 +898,11 @@ impl<'a, 'gcx, 'tcx> TypeChecker<'a, 'gcx, 'tcx> {
                 let sig = self.normalize(&sig, term_location);
                 self.check_call_dest(mir, term, &sig, destination, term_location);
 
+                self.prove_predicates(
+                    sig.inputs().iter().map(|ty| ty::Predicate::WellFormed(ty)),
+                    term_location,
+                );
+
                 // The ordinary liveness rules will ensure that all
                 // regions in the type of the callee are live here. We
                 // then further constrain the late-bound regions that
diff --git a/src/test/ui/issue-48803.rs b/src/test/ui/issue-48803.rs
new file mode 100644
index 0000000000000..c6d14ace8b344
--- /dev/null
+++ b/src/test/ui/issue-48803.rs
@@ -0,0 +1,25 @@
+// Copyright 2018 The Rust Project Developers. See the COPYRIGHT
+// file at the top-level directory of this distribution and at
+// http://rust-lang.org/COPYRIGHT.
+//
+// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
+// http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
+// <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your
+// option. This file may not be copied, modified, or distributed
+// except according to those terms.
+
+#![feature(nll)]
+
+fn flatten<'a, 'b, T>(x: &'a &'b T) -> &'a T {
+    x
+}
+
+fn main() {
+    let mut x = "original";
+    let y = &x;
+    let z = &y;
+    let w = flatten(z);
+    x = "modified";
+    //~^ ERROR cannot assign to `x` because it is borrowed [E0506]
+    println!("{}", w); // prints "modified"
+}
diff --git a/src/test/ui/issue-48803.stderr b/src/test/ui/issue-48803.stderr
new file mode 100644
index 0000000000000..b37e2c07d23d7
--- /dev/null
+++ b/src/test/ui/issue-48803.stderr
@@ -0,0 +1,15 @@
+error[E0506]: cannot assign to `x` because it is borrowed
+  --> $DIR/issue-48803.rs:22:5
+   |
+LL |     let y = &x;
+   |             -- borrow of `x` occurs here
+...
+LL |     x = "modified";
+   |     ^^^^^^^^^^^^^^ assignment to borrowed `x` occurs here
+LL |     //~^ ERROR cannot assign to `x` because it is borrowed [E0506]
+LL |     println!("{}", w); // prints "modified"
+   |                    - borrow later used here
+
+error: aborting due to previous error
+
+For more information about this error, try `rustc --explain E0506`.