Skip to content

Inliner use of storage statements is unsound #119366

New issue
New issue
Closed
#126154
Closed
Inliner use of storage statements is unsound#119366
#126154
Labels
A-MIRArea: Mid-level IR (MIR) - https://blog.rust-lang.org/2016/04/19/MIR.htmlA-mir-optArea: MIR optimizationsA-mir-opt-inliningArea: MIR inliningA-miriArea: The miri toolC-bugCategory: This is a bug.I-unsoundIssue: A soundness hole (worst kind of bug), see: https://en.wikipedia.org/wiki/SoundnessT-opsemRelevant to the opsem team
@tmiasko

Description

@tmiasko
tmiasko
opened on Dec 27, 2023

The inliner strategy for dealing with storage statements is simple. If a callee local already has some storage statements, they are preserved as is when integrating callee into the caller. There are no new storage statements for such locals.

Turns out this approach is unsound due to peculiar semantics of MIR. It is well defined to return from a function while there are still some live locals. At the same time it is undefined behaviour to execute StorageLive for already live local. Effectively inliner is obliged to end the storage for locals that are still live when callee returns, which it doesn't do at the moment.

Arguably this is more of a bug in MIR semantics, then one in the inliner rust-lang/unsafe-code-guidelines#129 (comment).

Metadata

Metadata

Assignees

No one assigned

    Labels

    A-MIRArea: Mid-level IR (MIR) - https://blog.rust-lang.org/2016/04/19/MIR.htmlA-mir-optArea: MIR optimizationsA-mir-opt-inliningArea: MIR inliningA-miriArea: The miri toolC-bugCategory: This is a bug.I-unsoundIssue: A soundness hole (worst kind of bug), see: https://en.wikipedia.org/wiki/SoundnessT-opsemRelevant to the opsem team

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions