@@ -584,14 +584,19 @@ impl Visitor<'tcx> for Validator<'mir, 'tcx> {
584584 if borrowed_place_has_mut_interior {
585585 match self . const_kind ( ) {
586586 // In a const fn all borrows are transient or point to the places given via
587- // references in the arguments. The borrow checker guarantees that.
587+ // references in the arguments (so we already checked them with
588+ // TransientCellBorrow/CellBorrow as appropriate).
589+ // The borrow checker guarantees that no new non-transient borrows are created.
588590 // NOTE: Once we have heap allocations during CTFE we need to figure out
589591 // how to prevent `const fn` to create long-lived allocations that point
590592 // to (interior) mutable memory.
591593 hir:: ConstContext :: ConstFn => self . check_op ( ops:: TransientCellBorrow ) ,
592594 _ => {
593- // Locals without StorageDead follow the "enclosing scope" rule, meaning
594- // they are essentially anonymous static items themselves.
595+ // Locals StorageDead are known to not leak to the final constant, and
596+ // it is thus inherently safe to permit such locals to have their
597+ // address taken as we can't end up with a reference to them in the
598+ // final value without creating a dangling pointer, which will cause
599+ // errors during validation.
595600 // Note: This is only sound if every local that has a `StorageDead` has a
596601 // `StorageDead` in every control flow path leading to a `return` terminator.
597602 if self . local_has_storage_dead ( place. local ) {
0 commit comments