Move the place in &pin mut $place to ensure soundness

frank-king · frank-king · commit d7cbb083e982 · 2025-04-04T12:17:31.000+08:00
diff --git a/compiler/rustc_mir_build/src/thir/cx/expr.rs b/compiler/rustc_mir_build/src/thir/cx/expr.rs
@@ -477,15 +477,40 @@ impl<'tcx> ThirBuildCx<'tcx> {
             }
 
             // Make `&pin mut $expr` and `&pin const $expr` into
-            // `Pin { __pointer: &mut $expr }` and `Pin { __pointer: &$expr }`.
+            // `Pin { __pointer: &mut { $expr } }` and `Pin { __pointer: &$expr }`.
             hir::ExprKind::AddrOf(hir::BorrowKind::Pin, mutbl, arg) => match expr_ty.kind() {
                 &ty::Adt(adt_def, args)
                     if tcx.is_lang_item(adt_def.did(), rustc_hir::LangItem::Pin) =>
                 {
-                    let arg = self.mirror_expr(arg);
+                    let ty = args.type_at(0);
+                    let arg_ty = self.typeck_results.expr_ty(arg);
+                    let mut arg = self.mirror_expr(arg);
+                    // for `&pin mut $place`, move the place `$place` to ensure it will not be used afterwards
+                    if mutbl.is_mut() {
+                        let block = self.thir.blocks.push(Block {
+                            targeted_by_break: false,
+                            region_scope: region::Scope {
+                                local_id: expr.hir_id.local_id,
+                                data: region::ScopeData::Node,
+                            },
+                            span: expr.span,
+                            stmts: Box::new([]),
+                            expr: Some(arg),
+                            safety_mode: BlockSafety::Safe,
+                        });
+                        arg = self.thir.exprs.push(Expr {
+                            temp_lifetime: TempLifetime {
+                                temp_lifetime: None,
+                                backwards_incompatible: None,
+                            },
+                            ty: arg_ty,
+                            span: expr.span,
+                            kind: ExprKind::Block { block },
+                        });
+                    }
                     let expr = self.thir.exprs.push(Expr {
                         temp_lifetime: TempLifetime { temp_lifetime, backwards_incompatible },
-                        ty: args.type_at(0),
+                        ty,
                         span: expr.span,
                         kind: ExprKind::Borrow { borrow_kind: mutbl.to_borrow_kind(), arg },
                     });
diff --git a/tests/ui/pin-ergonomics/borrow-mut-xor-share.rs b/tests/ui/pin-ergonomics/borrow-mut-xor-share.rs
@@ -1,7 +1,10 @@
 #![feature(pin_ergonomics)]
 #![allow(dead_code, incomplete_features)]
 
-// Makes sure `&pin mut place` and `&pin const place` cannot violate the mut-xor-share rules.
+// For now, we move the place in `&pin mut place` to ensure soundness.
+// In the next step, we borrow the place instead of moving it, after that we
+// have to makes sure `&pin mut place` and `&pin const place` cannot violate
+// the mut-xor-share rules.
 
 use std::pin::Pin;
 
@@ -21,37 +24,37 @@ fn foo_pin_ref(_: Pin<&Foo>) {
 
 fn bar() {
     let foo = Foo;
-    foo_pin_mut(&pin mut foo); //~ ERROR cannot borrow `foo` as mutable, as it is not declared as mutable
+    foo_pin_mut(&pin mut foo); // ok because `foo` is moved`
 
     let mut foo = Foo;
     let x = &pin mut foo;
-    foo_pin_ref(&pin const foo); //~ ERROR cannot borrow `foo` as immutable because it is also borrowed as mutable
-    foo_pin_mut(&pin mut foo); //~ ERROR cannot borrow `foo` as mutable more than once at a time
-    foo_ref(&foo); //~ ERROR cannot borrow `foo` as immutable because it is also borrowed as mutable
-    foo_mut(&mut foo); //~ ERROR cannot borrow `foo` as mutable more than once at a time
+    foo_pin_ref(&pin const foo); //~ ERROR borrow of moved value: `foo`
+    foo_pin_mut(&pin mut foo); // ok
+    foo_ref(&foo); //~ ERROR borrow of moved value: `foo`
+    foo_mut(&mut foo); // ok
 
     foo_pin_mut(x);
 
     let mut foo = Foo;
     let x = &pin const foo;
     foo_pin_ref(&pin const foo); // ok
-    foo_pin_mut(&pin mut foo); //~ ERROR cannot borrow `foo` as mutable because it is also borrowed as immutable
-    foo_ref(&foo); // ok
+    foo_pin_mut(&pin mut foo); //~ ERROR cannot move out of `foo` because it is borrowed
+    foo_ref(&foo); //~ ERROR borrow of moved value: `foo`
     foo_mut(&mut foo); //~ ERROR cannot borrow `foo` as mutable because it is also borrowed as immutable
 
     foo_pin_ref(x);
 
     let mut foo = Foo;
     let x = &mut foo;
     foo_pin_ref(&pin const foo); //~ ERROR cannot borrow `foo` as immutable because it is also borrowed as mutable
-    foo_pin_mut(&pin mut foo); //~ ERROR cannot borrow `foo` as mutable more than once at a time
+    foo_pin_mut(&pin mut foo); //~ ERROR cannot move out of `foo` because it is borrowed
 
     foo_mut(x);
 
     let mut foo = Foo;
     let x = &foo;
     foo_pin_ref(&pin const foo); // ok
-    foo_pin_mut(&pin mut foo); //~ ERROR cannot borrow `foo` as mutable because it is also borrowed as immutable
+    foo_pin_mut(&pin mut foo); //~ ERROR cannot move out of `foo` because it is borrowed
 
     foo_ref(x);
 }
diff --git a/tests/ui/pin-ergonomics/borrow-mut-xor-share.stderr b/tests/ui/pin-ergonomics/borrow-mut-xor-share.stderr
@@ -1,75 +1,87 @@
-error[E0596]: cannot borrow `foo` as mutable, as it is not declared as mutable
-  --> $DIR/borrow-mut-xor-share.rs:24:17
-   |
-LL |     foo_pin_mut(&pin mut foo);
-   |                 ^^^^^^^^^^^^ cannot borrow as mutable
-   |
-help: consider changing this to be mutable
+error[E0382]: borrow of moved value: `foo`
+  --> $DIR/borrow-mut-xor-share.rs:31:17
    |
 LL |     let mut foo = Foo;
-   |         +++
-
-error[E0502]: cannot borrow `foo` as immutable because it is also borrowed as mutable
-  --> $DIR/borrow-mut-xor-share.rs:28:17
-   |
+   |         ------- move occurs because `foo` has type `Foo`, which does not implement the `Copy` trait
 LL |     let x = &pin mut foo;
-   |             ------------ mutable borrow occurs here
+   |                      --- value moved here
 LL |     foo_pin_ref(&pin const foo);
-   |                 ^^^^^^^^^^^^^^ immutable borrow occurs here
-...
-LL |     foo_pin_mut(x);
-   |                 - mutable borrow later used here
-
-error[E0499]: cannot borrow `foo` as mutable more than once at a time
-  --> $DIR/borrow-mut-xor-share.rs:29:17
+   |                 ^^^^^^^^^^^^^^ value borrowed here after move
    |
-LL |     let x = &pin mut foo;
-   |             ------------ first mutable borrow occurs here
-LL |     foo_pin_ref(&pin const foo);
-LL |     foo_pin_mut(&pin mut foo);
-   |                 ^^^^^^^^^^^^ second mutable borrow occurs here
+note: if `Foo` implemented `Clone`, you could clone the value
+  --> $DIR/borrow-mut-xor-share.rs:11:1
+   |
+LL | struct Foo;
+   | ^^^^^^^^^^ consider implementing `Clone` for this type
 ...
-LL |     foo_pin_mut(x);
-   |                 - first borrow later used here
+LL |     let x = &pin mut foo;
+   |                      --- you could clone this value
 
-error[E0502]: cannot borrow `foo` as immutable because it is also borrowed as mutable
-  --> $DIR/borrow-mut-xor-share.rs:30:13
+error[E0382]: borrow of moved value: `foo`
+  --> $DIR/borrow-mut-xor-share.rs:33:13
    |
-LL |     let x = &pin mut foo;
-   |             ------------ mutable borrow occurs here
+LL |     let mut foo = Foo;
+   |         ------- move occurs because `foo` has type `Foo`, which does not implement the `Copy` trait
 ...
+LL |     foo_pin_mut(&pin mut foo); // ok
+   |                          --- value moved here
 LL |     foo_ref(&foo);
-   |             ^^^^ immutable borrow occurs here
-...
-LL |     foo_pin_mut(x);
-   |                 - mutable borrow later used here
-
-error[E0499]: cannot borrow `foo` as mutable more than once at a time
-  --> $DIR/borrow-mut-xor-share.rs:31:13
+   |             ^^^^ value borrowed here after move
    |
-LL |     let x = &pin mut foo;
-   |             ------------ first mutable borrow occurs here
+note: if `Foo` implemented `Clone`, you could clone the value
+  --> $DIR/borrow-mut-xor-share.rs:11:1
+   |
+LL | struct Foo;
+   | ^^^^^^^^^^ consider implementing `Clone` for this type
 ...
-LL |     foo_mut(&mut foo);
-   |             ^^^^^^^^ second mutable borrow occurs here
-LL |
-LL |     foo_pin_mut(x);
-   |                 - first borrow later used here
+LL |     foo_pin_mut(&pin mut foo); // ok
+   |                          --- you could clone this value
 
-error[E0502]: cannot borrow `foo` as mutable because it is also borrowed as immutable
-  --> $DIR/borrow-mut-xor-share.rs:38:17
+error[E0505]: cannot move out of `foo` because it is borrowed
+  --> $DIR/borrow-mut-xor-share.rs:41:26
    |
+LL |     let mut foo = Foo;
+   |         ------- binding `foo` declared here
 LL |     let x = &pin const foo;
-   |             -------------- immutable borrow occurs here
+   |             -------------- borrow of `foo` occurs here
 LL |     foo_pin_ref(&pin const foo); // ok
 LL |     foo_pin_mut(&pin mut foo);
-   |                 ^^^^^^^^^^^^ mutable borrow occurs here
+   |                          ^^^ move out of `foo` occurs here
 ...
 LL |     foo_pin_ref(x);
-   |                 - immutable borrow later used here
+   |                 - borrow later used here
+   |
+note: if `Foo` implemented `Clone`, you could clone the value
+  --> $DIR/borrow-mut-xor-share.rs:11:1
+   |
+LL | struct Foo;
+   | ^^^^^^^^^^ consider implementing `Clone` for this type
+...
+LL |     let x = &pin const foo;
+   |                        --- you could clone this value
+
+error[E0382]: borrow of moved value: `foo`
+  --> $DIR/borrow-mut-xor-share.rs:42:13
+   |
+LL |     let mut foo = Foo;
+   |         ------- move occurs because `foo` has type `Foo`, which does not implement the `Copy` trait
+...
+LL |     foo_pin_mut(&pin mut foo);
+   |                          --- value moved here
+LL |     foo_ref(&foo);
+   |             ^^^^ value borrowed here after move
+   |
+note: if `Foo` implemented `Clone`, you could clone the value
+  --> $DIR/borrow-mut-xor-share.rs:11:1
+   |
+LL | struct Foo;
+   | ^^^^^^^^^^ consider implementing `Clone` for this type
+...
+LL |     foo_pin_mut(&pin mut foo);
+   |                          --- you could clone this value
 
 error[E0502]: cannot borrow `foo` as mutable because it is also borrowed as immutable
-  --> $DIR/borrow-mut-xor-share.rs:40:13
+  --> $DIR/borrow-mut-xor-share.rs:43:13
    |
 LL |     let x = &pin const foo;
    |             -------------- immutable borrow occurs here
@@ -81,7 +93,7 @@ LL |     foo_pin_ref(x);
    |                 - immutable borrow later used here
 
 error[E0502]: cannot borrow `foo` as immutable because it is also borrowed as mutable
-  --> $DIR/borrow-mut-xor-share.rs:46:17
+  --> $DIR/borrow-mut-xor-share.rs:49:17
    |
 LL |     let x = &mut foo;
    |             -------- mutable borrow occurs here
@@ -91,31 +103,53 @@ LL |     foo_pin_ref(&pin const foo);
 LL |     foo_mut(x);
    |             - mutable borrow later used here
 
-error[E0499]: cannot borrow `foo` as mutable more than once at a time
-  --> $DIR/borrow-mut-xor-share.rs:47:17
+error[E0505]: cannot move out of `foo` because it is borrowed
+  --> $DIR/borrow-mut-xor-share.rs:50:26
    |
+LL |     let mut foo = Foo;
+   |         ------- binding `foo` declared here
 LL |     let x = &mut foo;
-   |             -------- first mutable borrow occurs here
+   |             -------- borrow of `foo` occurs here
 LL |     foo_pin_ref(&pin const foo);
 LL |     foo_pin_mut(&pin mut foo);
-   |                 ^^^^^^^^^^^^ second mutable borrow occurs here
+   |                          ^^^ move out of `foo` occurs here
 LL |
 LL |     foo_mut(x);
-   |             - first borrow later used here
+   |             - borrow later used here
+   |
+note: if `Foo` implemented `Clone`, you could clone the value
+  --> $DIR/borrow-mut-xor-share.rs:11:1
+   |
+LL | struct Foo;
+   | ^^^^^^^^^^ consider implementing `Clone` for this type
+...
+LL |     let x = &mut foo;
+   |                  --- you could clone this value
 
-error[E0502]: cannot borrow `foo` as mutable because it is also borrowed as immutable
-  --> $DIR/borrow-mut-xor-share.rs:54:17
+error[E0505]: cannot move out of `foo` because it is borrowed
+  --> $DIR/borrow-mut-xor-share.rs:57:26
    |
+LL |     let mut foo = Foo;
+   |         ------- binding `foo` declared here
 LL |     let x = &foo;
-   |             ---- immutable borrow occurs here
+   |             ---- borrow of `foo` occurs here
 LL |     foo_pin_ref(&pin const foo); // ok
 LL |     foo_pin_mut(&pin mut foo);
-   |                 ^^^^^^^^^^^^ mutable borrow occurs here
+   |                          ^^^ move out of `foo` occurs here
 LL |
 LL |     foo_ref(x);
-   |             - immutable borrow later used here
+   |             - borrow later used here
+   |
+note: if `Foo` implemented `Clone`, you could clone the value
+  --> $DIR/borrow-mut-xor-share.rs:11:1
+   |
+LL | struct Foo;
+   | ^^^^^^^^^^ consider implementing `Clone` for this type
+...
+LL |     let x = &foo;
+   |              --- you could clone this value
 
-error: aborting due to 10 previous errors
+error: aborting due to 8 previous errors
 
-Some errors have detailed explanations: E0499, E0502, E0596.
-For more information about an error, try `rustc --explain E0499`.
+Some errors have detailed explanations: E0382, E0502, E0505.
+For more information about an error, try `rustc --explain E0382`.
diff --git a/tests/ui/pin-ergonomics/borrow.rs b/tests/ui/pin-ergonomics/borrow.rs
@@ -1,10 +1,8 @@
-//@ check-pass
-
 #![feature(pin_ergonomics)]
 #![allow(dead_code, incomplete_features)]
 
 // Makes sure we can handle `&pin mut place` and `&pin const place` as sugar for
-// `unsafe { Pin::new_unchecked(&mut place) }` and `Pin::new(&place)`.
+// `std::pin::pin!(place)` and `Pin::new(&place)`.
 
 use std::pin::Pin;
 
@@ -28,4 +26,13 @@ fn bar() {
     foo_pin_ref(x);
 }
 
+fn baz(mut x: Foo, y: Foo) {
+    // For now, `x` is moved to ensure soundness of creating this `Pin<&mut Foo>`.
+    let _x = &pin mut x;
+    let _x = x; //~ ERROR use of moved value: `x`
+
+    let _y = &pin const y;
+    let _y = y; // ok because `&pin const y` dosn't move `y`
+}
+
 fn main() {}
diff --git a/tests/ui/pin-ergonomics/borrow.stderr b/tests/ui/pin-ergonomics/borrow.stderr
@@ -0,0 +1,23 @@
+error[E0382]: use of moved value: `x`
+  --> $DIR/borrow.rs:32:14
+   |
+LL | fn baz(mut x: Foo, y: Foo) {
+   |        ----- move occurs because `x` has type `Foo`, which does not implement the `Copy` trait
+LL |     // For now, `x` is moved to ensure soundness of creating this `Pin<&mut Foo>`.
+LL |     let _x = &pin mut x;
+   |                       - value moved here
+LL |     let _x = x;
+   |              ^ value used here after move
+   |
+note: if `Foo` implemented `Clone`, you could clone the value
+  --> $DIR/borrow.rs:9:1
+   |
+LL | struct Foo;
+   | ^^^^^^^^^^ consider implementing `Clone` for this type
+...
+LL |     let _x = &pin mut x;
+   |                       - you could clone this value
+
+error: aborting due to 1 previous error
+
+For more information about this error, try `rustc --explain E0382`.
