Skip to content

InstCombine introduces an incorrect use of a local after its storage has ended #78192

New issue
New issue
Closed
Closed
InstCombine introduces an incorrect use of a local after its storage has ended#78192
#78434 (+2)
Labels
A-mir-optArea: MIR optimizationsC-bugCategory: This is a bug.I-unsoundIssue: A soundness hole (worst kind of bug), see: https://en.wikipedia.org/wiki/SoundnessT-compilerRelevant to the compiler team, which will review and decide on the PR/issue.requires-nightlyThis issue requires a nightly compiler in some way.
@tmiasko

Description

@tmiasko
tmiasko
opened on Oct 21, 2020
pub fn f<T>(a: &T) -> *const T { let b: &*const T = &(a as *const T); *b }
--- mir_dump/a.f.005-003.InstCombine.before.mir +++ mir_dump/a.f.005-003.InstCombine.after.mir @@ -1,2 +1,2 @@ -// MIR for `f` before InstCombine +// MIR for `f` after InstCombine @@ -18,5 +18,5 @@ _3 = &_4; // scope 0 at a.rs:2:24: 2:40 - _2 = &(*_3); // scope 0 at a.rs:2:24: 2:40 + _2 = _3; // scope 0 at a.rs:2:24: 2:40 StorageDead(_3); // scope 0 at a.rs:2:40: 2:41 - _0 = (*_2); // scope 1 at a.rs:3:5: 3:7 + _0 = (*_3); // scope 1 at a.rs:3:5: 3:7 StorageDead(_4); // scope 0 at a.rs:4:1: 4:2

Found by MIR validator #77369 & #78147.

cc @simonvandel #76683

Metadata

Metadata

Assignees

No one assigned

    Labels

    A-mir-optArea: MIR optimizationsC-bugCategory: This is a bug.I-unsoundIssue: A soundness hole (worst kind of bug), see: https://en.wikipedia.org/wiki/SoundnessT-compilerRelevant to the compiler team, which will review and decide on the PR/issue.requires-nightlyThis issue requires a nightly compiler in some way.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions