Move "mutable thing in const" check from interning to validity #78351
Conversation
rust-highfive
added
the
S-waiting-on-review
RalfJung
force-pushed
the
validity-unsafe-cell
branch
from
a74e5ac
to
7c7b90d
Compare
|
Thank you for taking pity on the interner and finally cleaning up that mess I left in there @bors r+ |
|
📌 Commit 7c7b90d has been approved by |
bors
added
S-waiting-on-bors
|
I was complicit in creating the mess, having been the reviewer and prompting you to add more and more sanity checks. ;) I added a comment at the top of the file explaining why interning is a bit more complicated than it might seem -- I think now wanting to make @bors r- |
bors
added
S-waiting-on-author
|
But this made me realize that if we used the "leftover interner" for consts and promoteds, the type-based traversal would be used only for statics, which would be a possible future simplification (if we are willing to give up that "untyped pointers are not allowed in constant" error)... just a possibility to keep in mind. ;) |
|
My main worry with not handling all these pointers here is that validation doesn't care about pointers in padding, unions or anywhere else outside of typed values. So users could start putting raw pointers to mutable allocations into constants, and rightfully expect these to stay mutable (as that is fine at runtime). So we couldn't just make them immutable silently, and reporting errors on |
|
I think we totally can make them silently immutable. "Everything in a constant is immutable period" seems like a rule we could impose on such code. But anyway, that's a discussion for the future. ;) |
|
@bors r+ |
|
📌 Commit db01d97 has been approved by |
bors
added
S-waiting-on-bors
…i-obk Move "mutable thing in const" check from interning to validity This moves the check for mutable things (such as `UnsafeCell` or `&mut`) in a`const` from interning to validity. That means we can give more targeted error messages (pointing out *where* the problem lies), and we can simplify interning a bit. Also fix the interning mode used for promoteds in statics. r? @oli-obk
This comment has been minimized.
This comment has been minimized.
bors
added
S-waiting-on-author
…ner; we no longer need the ignore_interior_mut_in_const hack
RalfJung
force-pushed
the
validity-unsafe-cell
branch
from
db01d97
to
744dfd8
Compare
|
@bors r=oli-obk |
|
📌 Commit 744dfd8 has been approved by |
bors
added
S-waiting-on-bors
Rollup of 10 pull requests Successful merges: - rust-lang#78152 (Separate unsized locals) - rust-lang#78297 (Suggest calling await on method call and field access) - rust-lang#78351 (Move "mutable thing in const" check from interning to validity) - rust-lang#78365 (check object safety of generic constants) - rust-lang#78379 (Tweak invalid `fn` header and body parsing) - rust-lang#78391 (Add const_fn in generics test) - rust-lang#78401 (resolve: private fields in tuple struct ctor diag) - rust-lang#78408 (Remove tokens from foreign items in `TokenStripper`) - rust-lang#78447 (Fix typo in comment) - rust-lang#78453 (Fix typo in comments) Failed merges: r? `@ghost`
| //! is picking the right mutability for the allocations in a `static` initializer: we want to make | ||
| //! as many allocations as possible immutable so LLVM can put them into read-only memory. At the | ||
| //! same time, we need to make memory that could be mutated by the program mutable to avoid | ||
| //! incorrect compilations. To achieve this, we do a type-based traversal of the final value, | ||
| //! tracking mutable and shared references and `UnsafeCell` to determine the current mutability. |
There was a problem hiding this comment.
Does that mean we could theoretically mark all static allocations as mutable? Is this pass slow to run, would that have any significant speedup?
There was a problem hiding this comment.
It's the other way around, we can just mark all allocations in constants as immutable. I'm not sure whether we'd get a speedup though.
There was a problem hiding this comment.
Does that mean we could theoretically mark all static allocations as mutable? Is this pass slow to run, would that have any significant speedup?
For allocations in a static, yes, And then many people will complain that their read-only static are not put into read-only memory. So that's not really an option.
This moves the check for mutable things (such as
UnsafeCellor&mut) in aconstfrom interning to validity. That means we can give more targeted error messages (pointing out where the problem lies), and we can simplify interning a bit.Also fix the interning mode used for promoteds in statics.
r? @oli-obk