Skip to content

/rust

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Inconsistent evaluation order for assignment operations #27868

Open
eefriedman opened this Issue Aug 17, 2015 · 9 comments

Comments

Assignees
No one assigned
Labels
A-NLL A-borrow-checker C-bug E-mentor I-unsound 💥 NLL-fixed-by-NLL P-medium T-lang
Projects
None yet
Milestone
No milestone
10 participants
@eefriedman @nrc @nikomatsakis @Mark-Simulacrum @RalfJung @pnkfelix @steveklabnik @brson @bluss @rust-highfive
@eefriedman
Copy link
Contributor

eefriedman commented Aug 17, 2015
edited by nikomatsakis

UPDATE: This is fixed by the MIR-based borrow checker and just needs a test. See the mentoring instructions below.

Currently, the borrow checker thinks that the RHS of += is evaluated before the LHS. trans thinks that the LHS is evaluated before the RHS. The disagreement leads to bad results.

fn main() {
    let x = Box::new(0);
    let mut y = 0;
    *{ drop(x); &mut y } += *x;
    assert_eq!(y, 0);
}

@eefriedman eefriedman referenced this issue Aug 19, 2015

Closed

Primitive binops are translated wrong when the LHS is mutated #27054

@bluss bluss added the I-wrong label Aug 19, 2015

@bluss bluss referenced this issue Sep 1, 2015

Merged

RFC: Stabilize catch_panic #1236

@eefriedman eefriedman referenced this issue Sep 1, 2015

Open

Settle execution order uncertainty for `+=` #28160

@nrc

This comment has been minimized.

Sign in to view
Copy link
Member

nrc commented Nov 19, 2015
edited by pnkfelix

triage: P-medium

Also fixed by MIR (almost a dup of #28160, but not quite)/

@rust-highfive rust-highfive added the P-medium label Nov 19, 2015

@brson brson added E-hard A-lang A-borrow-checker labels Aug 4, 2016

@nikomatsakis

This comment has been minimized.

Sign in to view
Copy link
Contributor

nikomatsakis commented Oct 21, 2016

See this internals thread: https://internals.rust-lang.org/t/settling-execution-order-for/4253

@steveklabnik steveklabnik added T-lang and removed A-lang labels Mar 24, 2017

@Mark-Simulacrum

This comment has been minimized.

Sign in to view
Copy link
Member

Mark-Simulacrum commented May 6, 2017

So the internals thread says this: "before MIR, we were actually quite inconsistent here, in that borrowck and trans disagreed on some of the particulars. MIR eliminated that inconsistency, but there are still some matters that we should try to resolve -- and quick!" If that's the case, then this should be closed. @nikomatsakis Is this the case?
@nikomatsakis

This comment has been minimized.

Sign in to view
Copy link
Contributor

nikomatsakis commented May 8, 2017

Well, we're not yet running the borrowck on MIR, so I'm not sure.
@nikomatsakis

This comment has been minimized.

Sign in to view
Copy link
Contributor

nikomatsakis commented May 8, 2017

But certainly the example seems to work ok now.
@RalfJung

This comment has been minimized.

Sign in to view
Copy link
Member

RalfJung commented Jun 15, 2017
edited

Assignment operators are still wrong, which can lead to use-after-free:

use std::ops::AddAssign;

struct MyVec<T>(Vec<T>);

impl <T> Drop for MyVec<T> {
    fn drop(&mut self) {
        println!("Being dropped.");
    }
}

impl<T> AddAssign<T> for MyVec<T> {
    fn add_assign(&mut self, _elem: T) {
        println!("In add_assign.");
    }
}

fn main() {
    let mut vec = MyVec(vec![0]);
    let mut vecvec = vec![vec];

    vecvec[0] += {
        vecvec = vec![];
        0
    };
}

Prints

Being dropped.
In add_assign.

Credit to @xfix for bringing this up in rust-lang/rfcs#2025 (comment), I just weaponized it.

@RalfJung RalfJung referenced this issue Jun 15, 2017

Merged

RFC: Enable nested method calls #2025

@nikomatsakis nikomatsakis added the I-unsound 💥 label Jun 15, 2017

@Mark-Simulacrum Mark-Simulacrum added C-bug and removed I-wrong labels Jul 22, 2017

@bstrie bstrie referenced this issue Sep 17, 2017

Open

borrowed referent of a `&T` sometimes incorrectly allowed #38899

@pnkfelix pnkfelix added A-NLL WG-compiler-nll labels Dec 21, 2017

@nikomatsakis

This comment has been minimized.

Sign in to view
Copy link
Contributor

nikomatsakis commented Apr 3, 2018

@RalfJung's example gets an error with MIR borrowck enabled (as expected):

https://play.rust-lang.org/?gist=761478ea89b3cd1df50ee274cb7a909d&version=nightly

I am filing this under "bugs fixed by MIR borrowck" #47366

@nikomatsakis nikomatsakis added the NLL-deferred label Apr 3, 2018

@nikomatsakis nikomatsakis referenced this issue Apr 3, 2018

Open

tracking issue for bugs fixed by the MIR borrow checker or NLL #47366

6 of 13 tasks complete

@nikomatsakis nikomatsakis added E-needstest E-mentor and removed E-hard labels Apr 3, 2018

@nikomatsakis

This comment has been minimized.

Sign in to view
Copy link
Contributor

nikomatsakis commented Apr 3, 2018
edited

Marking as E-needstest and E-mentor:

Since this code works now, what we need to do is add it to our test-suite. To do that, you would create a file in src/test/ui/nll named issue-27868.rs containing the example I linked to here. There are general instructions for adding new tests here.

memoryruins added a commit to memoryruins/rust that referenced this issue Aug 14, 2018

@memoryruins
[nll] add regression test for issue rust-lang#27868
e390182

@memoryruins memoryruins referenced this issue Aug 14, 2018

Merged

[nll] add regression test for issue #27868 #53326

frewsxcv added a commit to frewsxcv/rust that referenced this issue Aug 17, 2018

@frewsxcv
Rollup merge of rust-lang#53326 - memoryruins:issue-27868-test, r=nik… 
…omatsakis

[nll] add regression test for issue rust-lang#27868

Adds a test for rust-lang#27868 ``Inconsistent evaluation order for assignment operations``

apart of rust-lang#47366 ``tracking issue for bugs fixed by the MIR borrow checker or NLL``

r? @nikomatsakis
Verified
This commit was created on GitHub.com and signed with a verified signature using GitHub’s key.
GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits
9018807

@frewsxcv frewsxcv referenced this issue Aug 17, 2018

Merged

Rollup of 11 pull requests #53449

bors added a commit that referenced this issue Aug 17, 2018

@bors
Auto merge of #53449 - frewsxcv:rollup, r=frewsxcv 
Rollup of 11 pull requests

Successful merges:

 - #52858 (Implement Iterator::size_hint for Elaborator.)
 - #53321 (Fix usage of `wasm_target_feature`)
 - #53326 ([nll] add regression test for issue #27868)
 - #53347 (rustc_resolve: don't allow paths starting with `::crate`.)
 - #53349 ([nll] add tests for #48697 and #30104)
 - #53357 (Pretty print btreemap for GDB)
 - #53358 (`{to,from}_{ne,le,be}_bytes` for unsigned integer types)
 - #53406 (Do not suggest conversion method that is already there)
 - #53407 (make more ported compile fail tests more robust w.r.t. NLL)
 - #53413 (Warn that `#![feature(rust_2018_preview)]` is implied when the edition is set to Rust 2018.)
 - #53434 (wasm: Remove --strip-debug argument to LLD)

Failed merges:

r? @ghost
Loading status checks…
de21ea8

@nikomatsakis nikomatsakis removed the WG-compiler-nll label Aug 27, 2018

@pnkfelix

This comment has been minimized.

Sign in to view
Copy link
Member

pnkfelix commented Oct 26, 2018

Apparently PR #53326 added the desired test here. So this is NLL-fixed-by-NLL now, I think.

@pnkfelix pnkfelix added NLL-fixed-by-NLL and removed E-needstest NLL-deferred labels Oct 26, 2018

@matthewjasper matthewjasper referenced this issue Mar 12, 2019

Closed

cannot borrow `*self` as immutable #561

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.