Rollup merge of #125834 - workingjubilee:weaken-thir-unsafeck-for-addr-of-static-mut, r=compiler-errors

matthiaskrgr · web-flow · commit ea072f1866b5 · 2024-07-23T13:06:54.000+02:00
treat `&raw (const|mut) UNSAFE_STATIC` implied deref as safe Fixes rust-lang/rust#125833 As reported in that and related issues, `static mut STATIC_MUT: T` is very often used in embedded code, and is in many ways equivalent to `static STATIC_CELL: SyncUnsafeCell<T>`. The Rust expression of `&raw mut STATIC_MUT` and `SyncUnsafeCell::get(&STATIC_CELL)` are approximately equal, and both evaluate to `*mut T`. The library function is safe because it has *declared itself* to be safe. However, the raw ref operator is unsafe because all uses of `static mut` are considered unsafe, even though the static's value is not used by this expression (unlike, for example, `&STATIC_MUT`). We can fix this unnatural difference by simply adding the proper exclusion for the safety check inside the THIR unsafeck, so that we do not declare it unsafe if it is not. While the primary concern here is `static mut`, this change is made for all instances of an "unsafe static", which includes a static declared inside `extern "abi" {}`. Hypothetically, we could go as far as generalizing this to all instances of `&raw (const|mut) *ptr`, but today we do not, as we have not actually considered the range of possible expressions that use a similar encoding. We do not even extend this to thread-local equivalents, because they have less clear semantics.
diff --git a/tests/fail/extern_static.rs b/tests/fail/extern_static.rs
@@ -5,5 +5,5 @@ extern "C" {
 }
 
 fn main() {
-    let _val = unsafe { std::ptr::addr_of!(FOO) }; //~ ERROR: is not supported by Miri
+    let _val = std::ptr::addr_of!(FOO); //~ ERROR: is not supported by Miri
 }
diff --git a/tests/fail/extern_static.stderr b/tests/fail/extern_static.stderr
@@ -1,8 +1,8 @@
 error: unsupported operation: extern static `FOO` is not supported by Miri
   --> $DIR/extern_static.rs:LL:CC
    |
-LL |     let _val = unsafe { std::ptr::addr_of!(FOO) };
-   |                                            ^^^ extern static `FOO` is not supported by Miri
+LL |     let _val = std::ptr::addr_of!(FOO);
+   |                                   ^^^ extern static `FOO` is not supported by Miri
    |
    = help: this is likely not a bug in the program; it indicates that the program performed an operation that Miri does not support
    = note: BACKTRACE:
diff --git a/tests/pass/static_mut.rs b/tests/pass/static_mut.rs
@@ -2,7 +2,7 @@ use std::ptr::addr_of;
 
 static mut FOO: i32 = 42;
 
-static BAR: Foo = Foo(unsafe { addr_of!(FOO) });
+static BAR: Foo = Foo(addr_of!(FOO));
 
 #[allow(dead_code)]
 struct Foo(*const i32);

Original file line number	Diff line number	Diff line change
`@@ -5,5 +5,5 @@ extern "C" {`
`5`	`5`	`}`
`6`	`6`
`7`	`7`	`fn main() {`
`8`		`- let _val = unsafe { std::ptr::addr_of!(FOO) }; //~ ERROR: is not supported by Miri`
	`8`	`+ let _val = std::ptr::addr_of!(FOO); //~ ERROR: is not supported by Miri`
`9`	`9`	`}`
Original file line number	Diff line number	Diff line change
`@@ -1,8 +1,8 @@`
`1`	`1`	error: unsupported operation: extern static `FOO` is not supported by Miri
`2`	`2`	`--> $DIR/extern_static.rs:LL:CC`
`3`	`3`	`\|`
`4`		`-LL \| let _val = unsafe { std::ptr::addr_of!(FOO) };`
`5`		- \| ^^^ extern static `FOO` is not supported by Miri
	`4`	`+LL \| let _val = std::ptr::addr_of!(FOO);`
	`5`	+ \| ^^^ extern static `FOO` is not supported by Miri
`6`	`6`	`\|`
`7`	`7`	`= help: this is likely not a bug in the program; it indicates that the program performed an operation that Miri does not support`
`8`	`8`	`= note: BACKTRACE:`