From 2bb5f3aa8c241d8ef1e1114f120c1a2a6c24048c Mon Sep 17 00:00:00 2001 From: Ali MJ Al-Nasrawy Date: Sun, 6 Nov 2022 19:26:25 +0300 Subject: [PATCH 1/4] borrowck: wf-check fn item args --- compiler/rustc_borrowck/src/type_check/mod.rs | 10 ++++ library/std/src/collections/hash/map.rs | 5 +- tests/ui/borrowck/fn-item-check-trait-ref.rs | 15 +++++ .../borrowck/fn-item-check-trait-ref.stderr | 12 ++++ .../ui/borrowck/fn-item-check-type-params.rs | 57 +++++++++++++++++++ .../borrowck/fn-item-check-type-params.stderr | 43 ++++++++++++++ .../higher-ranked/trait-bounds/issue-59311.rs | 1 + .../trait-bounds/issue-59311.stderr | 11 +++- .../implied-bounds-on-trait-hierarchy.rs | 9 ++- .../lifetimes/lifetime-errors/issue_74400.rs | 2 + .../lifetime-errors/issue_74400.stderr | 32 ++++++++++- .../wf-nested.fail.stderr | 2 +- .../wf-nested.pass_sound.stderr | 17 +++++- tests/ui/type-alias-impl-trait/wf-nested.rs | 4 +- tests/ui/wf/wf-in-fn-type-implicit.rs | 17 ++---- 15 files changed, 213 insertions(+), 24 deletions(-) create mode 100644 tests/ui/borrowck/fn-item-check-trait-ref.rs create mode 100644 tests/ui/borrowck/fn-item-check-trait-ref.stderr create mode 100644 tests/ui/borrowck/fn-item-check-type-params.rs create mode 100644 tests/ui/borrowck/fn-item-check-type-params.stderr diff --git a/compiler/rustc_borrowck/src/type_check/mod.rs b/compiler/rustc_borrowck/src/type_check/mod.rs index 9f30d9d8ba12b..76011ecb4a9ff 100644 --- a/compiler/rustc_borrowck/src/type_check/mod.rs +++ b/compiler/rustc_borrowck/src/type_check/mod.rs @@ -414,6 +414,16 @@ impl<'a, 'b, 'tcx> Visitor<'tcx> for TypeVerifier<'a, 'b, 'tcx> { instantiated_predicates, locations, ); + + assert!(!matches!( + tcx.impl_of_method(def_id).map(|imp| tcx.def_kind(imp)), + Some(DefKind::Impl { of_trait: true }) + )); + self.cx.prove_predicates( + args.types().map(|ty| ty::ClauseKind::WellFormed(ty.into())), + locations, + ConstraintCategory::Boring, + ); } } } diff --git a/library/std/src/collections/hash/map.rs b/library/std/src/collections/hash/map.rs index 4d109285d1645..cacd49bdf4a09 100644 --- a/library/std/src/collections/hash/map.rs +++ b/library/std/src/collections/hash/map.rs @@ -3052,8 +3052,9 @@ where #[stable(feature = "hash_extend_copy", since = "1.4.0")] impl<'a, K, V, S> Extend<(&'a K, &'a V)> for HashMap where - K: Eq + Hash + Copy, - V: Copy, + // FIXME(aliemjay): the bound `+ 'a` should not be necessary. + K: Eq + Hash + Copy + 'a, + V: Copy + 'a, S: BuildHasher, { #[inline] diff --git a/tests/ui/borrowck/fn-item-check-trait-ref.rs b/tests/ui/borrowck/fn-item-check-trait-ref.rs new file mode 100644 index 0000000000000..bdbb52e974f60 --- /dev/null +++ b/tests/ui/borrowck/fn-item-check-trait-ref.rs @@ -0,0 +1,15 @@ +// The method `assert_static` should be callable only for static values, +// because the impl has an implied bound `where T: 'static`. + +// check-fail + +trait AnyStatic: Sized { + fn assert_static(self) {} +} + +impl AnyStatic<&'static T> for T {} + +fn main() { + (&String::new()).assert_static(); + //~^ ERROR temporary value dropped while borrowed +} diff --git a/tests/ui/borrowck/fn-item-check-trait-ref.stderr b/tests/ui/borrowck/fn-item-check-trait-ref.stderr new file mode 100644 index 0000000000000..c972ab11a9dfd --- /dev/null +++ b/tests/ui/borrowck/fn-item-check-trait-ref.stderr @@ -0,0 +1,12 @@ +error[E0716]: temporary value dropped while borrowed + --> $DIR/fn-item-check-trait-ref.rs:13:7 + | +LL | (&String::new()).assert_static(); + | --^^^^^^^^^^^^^------------------ temporary value is freed at the end of this statement + | | | + | | creates a temporary value which is freed while still in use + | argument requires that borrow lasts for `'static` + +error: aborting due to previous error + +For more information about this error, try `rustc --explain E0716`. diff --git a/tests/ui/borrowck/fn-item-check-type-params.rs b/tests/ui/borrowck/fn-item-check-type-params.rs new file mode 100644 index 0000000000000..805c0d00de5de --- /dev/null +++ b/tests/ui/borrowck/fn-item-check-type-params.rs @@ -0,0 +1,57 @@ +// Regression test for #104005. +// +// Previously, different borrowck implementations used to disagree here. +// The status of each is documented on `fn test_*`. + +// check-fail + +use std::fmt::Display; + +trait Displayable { + fn display(self) -> Box; +} + +impl Displayable for (T, Option<&'static T>) { + fn display(self) -> Box { + Box::new(self.0) + } +} + +fn extend_lt(val: T) -> Box +where + (T, Option): Displayable, +{ + Displayable::display((val, None)) +} + +// AST: fail +// HIR: pass +// MIR: pass +pub fn test_call<'a>(val: &'a str) { + extend_lt(val); + //~^ ERROR borrowed data escapes outside of function +} + +// AST: fail +// HIR: fail +// MIR: pass +pub fn test_coercion<'a>() { + let _: fn(&'a str) -> _ = extend_lt; + //~^ ERROR lifetime may not live long enough +} + +// AST: fail +// HIR: fail +// MIR: fail +pub fn test_arg() { + fn want(_: I, _: impl Fn(I) -> O) {} + want(&String::new(), extend_lt); + //~^ ERROR temporary value dropped while borrowed +} + +// An exploit of the unsoundness. +fn main() { + let val = extend_lt(&String::from("blah blah blah")); + //~^ ERROR temporary value dropped while borrowed + println!("{}", val); +} diff --git a/tests/ui/borrowck/fn-item-check-type-params.stderr b/tests/ui/borrowck/fn-item-check-type-params.stderr new file mode 100644 index 0000000000000..3a29edc55c54f --- /dev/null +++ b/tests/ui/borrowck/fn-item-check-type-params.stderr @@ -0,0 +1,43 @@ +error[E0521]: borrowed data escapes outside of function + --> $DIR/fn-item-check-type-params.rs:31:5 + | +LL | pub fn test_call<'a>(val: &'a str) { + | -- --- `val` is a reference that is only valid in the function body + | | + | lifetime `'a` defined here +LL | extend_lt(val); + | ^^^^^^^^^^^^^^ + | | + | `val` escapes the function body here + | argument requires that `'a` must outlive `'static` + +error: lifetime may not live long enough + --> $DIR/fn-item-check-type-params.rs:39:12 + | +LL | pub fn test_coercion<'a>() { + | -- lifetime `'a` defined here +LL | let _: fn(&'a str) -> _ = extend_lt; + | ^^^^^^^^^^^^^^^^ type annotation requires that `'a` must outlive `'static` + +error[E0716]: temporary value dropped while borrowed + --> $DIR/fn-item-check-type-params.rs:48:11 + | +LL | want(&String::new(), extend_lt); + | ------^^^^^^^^^^^^^------------- temporary value is freed at the end of this statement + | | | + | | creates a temporary value which is freed while still in use + | argument requires that borrow lasts for `'static` + +error[E0716]: temporary value dropped while borrowed + --> $DIR/fn-item-check-type-params.rs:54:26 + | +LL | let val = extend_lt(&String::from("blah blah blah")); + | -----------^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^-- temporary value is freed at the end of this statement + | | | + | | creates a temporary value which is freed while still in use + | argument requires that borrow lasts for `'static` + +error: aborting due to 4 previous errors + +Some errors have detailed explanations: E0521, E0716. +For more information about an error, try `rustc --explain E0521`. diff --git a/tests/ui/higher-ranked/trait-bounds/issue-59311.rs b/tests/ui/higher-ranked/trait-bounds/issue-59311.rs index 3ad548450e583..387c78a802a72 100644 --- a/tests/ui/higher-ranked/trait-bounds/issue-59311.rs +++ b/tests/ui/higher-ranked/trait-bounds/issue-59311.rs @@ -17,6 +17,7 @@ where v.t(|| {}); //~^ ERROR: higher-ranked lifetime error //~| ERROR: higher-ranked lifetime error + //~| ERROR: higher-ranked lifetime error } fn main() {} diff --git a/tests/ui/higher-ranked/trait-bounds/issue-59311.stderr b/tests/ui/higher-ranked/trait-bounds/issue-59311.stderr index 28c259be35f6f..2420e57f94bd2 100644 --- a/tests/ui/higher-ranked/trait-bounds/issue-59311.stderr +++ b/tests/ui/higher-ranked/trait-bounds/issue-59311.stderr @@ -6,6 +6,15 @@ LL | v.t(|| {}); | = note: could not prove `{closure@$DIR/issue-59311.rs:17:9: 17:11} well-formed` +error: higher-ranked lifetime error + --> $DIR/issue-59311.rs:17:5 + | +LL | v.t(|| {}); + | ^^^^^^^^^^ + | + = note: could not prove `{closure@$DIR/issue-59311.rs:17:9: 17:11} well-formed` + = note: duplicate diagnostic emitted due to `-Z deduplicate-diagnostics=no` + error: higher-ranked lifetime error --> $DIR/issue-59311.rs:17:9 | @@ -14,5 +23,5 @@ LL | v.t(|| {}); | = note: could not prove `for<'a> &'a V: 'static` -error: aborting due to 2 previous errors +error: aborting due to 3 previous errors diff --git a/tests/ui/implied-bounds/implied-bounds-on-trait-hierarchy.rs b/tests/ui/implied-bounds/implied-bounds-on-trait-hierarchy.rs index 9c26cd59d100a..b532a110a1c7b 100644 --- a/tests/ui/implied-bounds/implied-bounds-on-trait-hierarchy.rs +++ b/tests/ui/implied-bounds/implied-bounds-on-trait-hierarchy.rs @@ -1,9 +1,7 @@ -// check-pass -// known-bug: #84591 +// issue: #84591 -// Should fail. Subtrait can incorrectly extend supertrait lifetimes even when -// supertrait has weaker implied bounds than subtrait. Strongly related to -// issue #25860. +// Subtrait was able to incorrectly extend supertrait lifetimes even when +// supertrait had weaker implied bounds than subtrait. trait Subtrait: Supertrait {} trait Supertrait { @@ -34,6 +32,7 @@ fn main() { { let x = "Hello World".to_string(); subs_to_soup((x.as_str(), &mut d)); + //~^ does not live long enough } println!("{}", d); } diff --git a/tests/ui/lifetimes/lifetime-errors/issue_74400.rs b/tests/ui/lifetimes/lifetime-errors/issue_74400.rs index ddb8bacce8f90..f17e0a678c96b 100644 --- a/tests/ui/lifetimes/lifetime-errors/issue_74400.rs +++ b/tests/ui/lifetimes/lifetime-errors/issue_74400.rs @@ -11,6 +11,8 @@ fn f(data: &[T], key: impl Fn(&T) -> S) { fn g(data: &[T]) { f(data, identity) //~^ ERROR the parameter type + //~| ERROR the parameter type + //~| ERROR the parameter type //~| ERROR mismatched types //~| ERROR implementation of `FnOnce` is not general } diff --git a/tests/ui/lifetimes/lifetime-errors/issue_74400.stderr b/tests/ui/lifetimes/lifetime-errors/issue_74400.stderr index dbc587dd004a4..4a7a7941eee4a 100644 --- a/tests/ui/lifetimes/lifetime-errors/issue_74400.stderr +++ b/tests/ui/lifetimes/lifetime-errors/issue_74400.stderr @@ -12,6 +12,36 @@ help: consider adding an explicit lifetime bound LL | fn g(data: &[T]) { | +++++++++ +error[E0310]: the parameter type `T` may not live long enough + --> $DIR/issue_74400.rs:12:5 + | +LL | f(data, identity) + | ^^^^^^^^^^^^^^^^^ + | | + | the parameter type `T` must be valid for the static lifetime... + | ...so that the type `T` will meet its required lifetime bounds + | + = note: duplicate diagnostic emitted due to `-Z deduplicate-diagnostics=no` +help: consider adding an explicit lifetime bound + | +LL | fn g(data: &[T]) { + | +++++++++ + +error[E0310]: the parameter type `T` may not live long enough + --> $DIR/issue_74400.rs:12:5 + | +LL | f(data, identity) + | ^^^^^^^^^^^^^^^^^ + | | + | the parameter type `T` must be valid for the static lifetime... + | ...so that the type `T` will meet its required lifetime bounds + | + = note: duplicate diagnostic emitted due to `-Z deduplicate-diagnostics=no` +help: consider adding an explicit lifetime bound + | +LL | fn g(data: &[T]) { + | +++++++++ + error[E0308]: mismatched types --> $DIR/issue_74400.rs:12:5 | @@ -35,7 +65,7 @@ LL | f(data, identity) = note: `fn(&'2 T) -> &'2 T {identity::<&'2 T>}` must implement `FnOnce<(&'1 T,)>`, for any lifetime `'1`... = note: ...but it actually implements `FnOnce<(&'2 T,)>`, for some specific lifetime `'2` -error: aborting due to 3 previous errors +error: aborting due to 5 previous errors Some errors have detailed explanations: E0308, E0310. For more information about an error, try `rustc --explain E0308`. diff --git a/tests/ui/type-alias-impl-trait/wf-nested.fail.stderr b/tests/ui/type-alias-impl-trait/wf-nested.fail.stderr index 2858afcd46f04..2251e4f53970c 100644 --- a/tests/ui/type-alias-impl-trait/wf-nested.fail.stderr +++ b/tests/ui/type-alias-impl-trait/wf-nested.fail.stderr @@ -1,5 +1,5 @@ error[E0310]: the parameter type `T` may not live long enough - --> $DIR/wf-nested.rs:55:27 + --> $DIR/wf-nested.rs:57:27 | LL | type InnerOpaque = impl Sized; | ^^^^^^^^^^ diff --git a/tests/ui/type-alias-impl-trait/wf-nested.pass_sound.stderr b/tests/ui/type-alias-impl-trait/wf-nested.pass_sound.stderr index 285e4f18ca30c..f5d3a218542cd 100644 --- a/tests/ui/type-alias-impl-trait/wf-nested.pass_sound.stderr +++ b/tests/ui/type-alias-impl-trait/wf-nested.pass_sound.stderr @@ -12,6 +12,21 @@ help: consider adding an explicit lifetime bound LL | fn test() { | +++++++++ -error: aborting due to previous error +error[E0310]: the parameter type `T` may not live long enough + --> $DIR/wf-nested.rs:46:17 + | +LL | let _ = outer.get(); + | ^^^^^^^^^^^ + | | + | the parameter type `T` must be valid for the static lifetime... + | ...so that the type `T` will meet its required lifetime bounds + | + = note: duplicate diagnostic emitted due to `-Z deduplicate-diagnostics=no` +help: consider adding an explicit lifetime bound + | +LL | fn test() { + | +++++++++ + +error: aborting due to 2 previous errors For more information about this error, try `rustc --explain E0310`. diff --git a/tests/ui/type-alias-impl-trait/wf-nested.rs b/tests/ui/type-alias-impl-trait/wf-nested.rs index de38832948918..2f90c4e00e380 100644 --- a/tests/ui/type-alias-impl-trait/wf-nested.rs +++ b/tests/ui/type-alias-impl-trait/wf-nested.rs @@ -43,7 +43,9 @@ mod pass_sound { fn test() { let outer = define::(); - let _ = outer.get(); //[pass_sound]~ ERROR `T` may not live long enough + let _ = outer.get(); + //[pass_sound]~^ ERROR `T` may not live long enough + //[pass_sound]~| ERROR `T` may not live long enough } } diff --git a/tests/ui/wf/wf-in-fn-type-implicit.rs b/tests/ui/wf/wf-in-fn-type-implicit.rs index c5ff92c88754a..b7cb237586fc9 100644 --- a/tests/ui/wf/wf-in-fn-type-implicit.rs +++ b/tests/ui/wf/wf-in-fn-type-implicit.rs @@ -1,11 +1,7 @@ -// check-pass -// known-bug: #104005 +// issue: #104005 -// Should fail. Function type parameters with implicit type annotations are not -// checked for well-formedness, which allows incorrect borrowing. - -// In contrast, user annotations are always checked for well-formedness, and the -// commented code below is correctly rejected by the borrow checker. +// Function type parameters with implicit type annotations were not +// checked for well-formedness, which allowed incorrect borrowing. use std::fmt::Display; @@ -27,11 +23,8 @@ where } fn main() { - // *incorrectly* compiles + // This used to compile let val = extend_lt(&String::from("blah blah blah")); + //~^ ERROR temporary value dropped while borrowed println!("{}", val); - - // *correctly* fails to compile - // let val = extend_lt::<_, &_>(&String::from("blah blah blah")); - // println!("{}", val); } From 533358eeb4e46e0c63d8770504163eddd6b2f3f4 Mon Sep 17 00:00:00 2001 From: Ali MJ Al-Nasrawy Date: Mon, 7 Nov 2022 12:39:54 +0300 Subject: [PATCH 2/4] borrowck: use implied bounds from impl header --- .../src/type_check/free_region_relations.rs | 25 +++++++++- library/std/src/collections/hash/map.rs | 5 +- tests/ui/wf/wf-associated-const.rs | 42 +++++++++++++++++ tests/ui/wf/wf-associated-const.stderr | 14 ++++++ tests/ui/wf/wf-static-method.rs | 13 ++--- tests/ui/wf/wf-static-method.stderr | 47 ++----------------- 6 files changed, 89 insertions(+), 57 deletions(-) create mode 100644 tests/ui/wf/wf-associated-const.rs create mode 100644 tests/ui/wf/wf-associated-const.stderr diff --git a/compiler/rustc_borrowck/src/type_check/free_region_relations.rs b/compiler/rustc_borrowck/src/type_check/free_region_relations.rs index c84256f8ff321..935c5387c16f8 100644 --- a/compiler/rustc_borrowck/src/type_check/free_region_relations.rs +++ b/compiler/rustc_borrowck/src/type_check/free_region_relations.rs @@ -1,5 +1,6 @@ use rustc_data_structures::frozen::Frozen; use rustc_data_structures::transitive_relation::{TransitiveRelation, TransitiveRelationBuilder}; +use rustc_hir::def::DefKind; use rustc_infer::infer::canonical::QueryRegionConstraints; use rustc_infer::infer::outlives; use rustc_infer::infer::outlives::env::RegionBoundPairs; @@ -195,7 +196,9 @@ impl<'tcx> UniversalRegionRelationsBuilder<'_, 'tcx> { #[instrument(level = "debug", skip(self))] pub(crate) fn create(mut self) -> CreateResult<'tcx> { - let span = self.infcx.tcx.def_span(self.universal_regions.defining_ty.def_id()); + let tcx = self.infcx.tcx; + let defining_ty_def_id = self.universal_regions.defining_ty.def_id().expect_local(); + let span = tcx.def_span(defining_ty_def_id); // Insert the facts we know from the predicates. Why? Why not. let param_env = self.param_env; @@ -275,6 +278,26 @@ impl<'tcx> UniversalRegionRelationsBuilder<'_, 'tcx> { normalized_inputs_and_output.push(norm_ty); } + // Add implied bounds from impl header. + if matches!(tcx.def_kind(defining_ty_def_id), DefKind::AssocFn | DefKind::AssocConst) { + for &(ty, _) in tcx.assumed_wf_types(tcx.local_parent(defining_ty_def_id)) { + let Ok(TypeOpOutput { output: norm_ty, constraints: c, .. }) = self + .param_env + .and(type_op::normalize::Normalize::new(ty)) + .fully_perform(self.infcx, span) + else { + tcx.sess.delay_span_bug(span, &format!("failed to normalize {ty:?}")); + continue; + }; + constraints.extend(c); + + // We currently add implied bounds from the normalized ty only. + // This is more conservative and matches wfcheck behavior. + let c = self.add_implied_bounds(norm_ty); + constraints.extend(c); + } + } + for c in constraints { self.push_region_constraints(c, span); } diff --git a/library/std/src/collections/hash/map.rs b/library/std/src/collections/hash/map.rs index cacd49bdf4a09..4d109285d1645 100644 --- a/library/std/src/collections/hash/map.rs +++ b/library/std/src/collections/hash/map.rs @@ -3052,9 +3052,8 @@ where #[stable(feature = "hash_extend_copy", since = "1.4.0")] impl<'a, K, V, S> Extend<(&'a K, &'a V)> for HashMap where - // FIXME(aliemjay): the bound `+ 'a` should not be necessary. - K: Eq + Hash + Copy + 'a, - V: Copy + 'a, + K: Eq + Hash + Copy, + V: Copy, S: BuildHasher, { #[inline] diff --git a/tests/ui/wf/wf-associated-const.rs b/tests/ui/wf/wf-associated-const.rs new file mode 100644 index 0000000000000..dffa1713eff8f --- /dev/null +++ b/tests/ui/wf/wf-associated-const.rs @@ -0,0 +1,42 @@ +// check that associated consts can assume the impl header is well-formed. + +// FIXME(aliemjay): we should check the impl header is WF at the use site +// but we currently don't in some cases. This is *unsound*. + +trait Foo<'a, 'b, T>: Sized { + const EVIL: fn(u: &'b u32) -> &'a u32; +} + +struct Evil<'a, 'b: 'a>(Option<&'a &'b ()>); + +impl<'a, 'b> Foo<'a, 'b, Evil<'a, 'b>> for () { + const EVIL: fn(&'b u32) -> &'a u32 = { |u| u }; +} + +struct IndirectEvil<'a, 'b: 'a>(Option<&'a &'b ()>); + +impl<'a, 'b> Foo<'a, 'b, ()> for IndirectEvil<'a, 'b> { + const EVIL: fn(&'b u32) -> &'a u32 = { |u| u }; +} + +impl<'a, 'b> Evil<'a, 'b> { + const INHERENT_EVIL: fn(&'b u32) -> &'a u32 = { |u| u }; +} + +// while static methods can *assume* this, we should still +// *check* that it holds at the use site. + +fn evil<'a, 'b>(b: &'b u32) -> &'a u32 { + <()>::EVIL(b) // FIXME: should be an error +} + +fn indirect_evil<'a, 'b>(b: &'b u32) -> &'a u32 { + ::EVIL(b) // FIXME: should be an error +} + +fn inherent_evil<'a, 'b>(b: &'b u32) -> &'a u32 { + ::INHERENT_EVIL(b) + //~^ ERROR lifetime may not live long enough +} + +fn main() {} diff --git a/tests/ui/wf/wf-associated-const.stderr b/tests/ui/wf/wf-associated-const.stderr new file mode 100644 index 0000000000000..e025d5d468a14 --- /dev/null +++ b/tests/ui/wf/wf-associated-const.stderr @@ -0,0 +1,14 @@ +error: lifetime may not live long enough + --> $DIR/wf-associated-const.rs:38:5 + | +LL | fn inherent_evil<'a, 'b>(b: &'b u32) -> &'a u32 { + | -- -- lifetime `'b` defined here + | | + | lifetime `'a` defined here +LL | ::INHERENT_EVIL(b) + | ^^^^^^^^^^^^^^^^^^^^^^^^ function was supposed to return data with lifetime `'a` but it is returning data with lifetime `'b` + | + = help: consider adding the following bound: `'b: 'a` + +error: aborting due to previous error + diff --git a/tests/ui/wf/wf-static-method.rs b/tests/ui/wf/wf-static-method.rs index 7ff195230bfed..66546ac489df7 100644 --- a/tests/ui/wf/wf-static-method.rs +++ b/tests/ui/wf/wf-static-method.rs @@ -1,8 +1,4 @@ -// check that static methods don't get to assume their trait-ref -// is well-formed. -// FIXME(#27579): this is just a bug. However, our checking with -// static inherent methods isn't quite working - need to -// fix that before removing the check. +// check that static methods can assume their trait-ref is well-formed. trait Foo<'a, 'b, T>: Sized { fn make_me() -> Self { loop {} } @@ -15,7 +11,6 @@ impl<'a, 'b> Foo<'a, 'b, Evil<'a, 'b>> for () { fn make_me() -> Self { } fn static_evil(u: &'b u32) -> &'a u32 { u - //~^ ERROR lifetime may not live long enough } } @@ -25,7 +20,6 @@ impl<'a, 'b> Foo<'a, 'b, ()> for IndirectEvil<'a, 'b> { fn make_me() -> Self { IndirectEvil(None) } fn static_evil(u: &'b u32) -> &'a u32 { let me = Self::make_me(); - //~^ ERROR lifetime may not live long enough loop {} // (`me` could be used for the lifetime transmute). } } @@ -33,12 +27,11 @@ impl<'a, 'b> Foo<'a, 'b, ()> for IndirectEvil<'a, 'b> { impl<'a, 'b> Evil<'a, 'b> { fn inherent_evil(u: &'b u32) -> &'a u32 { u - //~^ ERROR lifetime may not live long enough } } -// while static methods don't get to *assume* this, we still -// *check* that they hold. +// while static methods can *assume* this, we should still +// *check* that it holds at the use site. fn evil<'a, 'b>(b: &'b u32) -> &'a u32 { <()>::static_evil(b) diff --git a/tests/ui/wf/wf-static-method.stderr b/tests/ui/wf/wf-static-method.stderr index 161609a5f86a1..6c49098aad398 100644 --- a/tests/ui/wf/wf-static-method.stderr +++ b/tests/ui/wf/wf-static-method.stderr @@ -1,44 +1,5 @@ error: lifetime may not live long enough - --> $DIR/wf-static-method.rs:17:9 - | -LL | impl<'a, 'b> Foo<'a, 'b, Evil<'a, 'b>> for () { - | -- -- lifetime `'b` defined here - | | - | lifetime `'a` defined here -... -LL | u - | ^ associated function was supposed to return data with lifetime `'a` but it is returning data with lifetime `'b` - | - = help: consider adding the following bound: `'b: 'a` - -error: lifetime may not live long enough - --> $DIR/wf-static-method.rs:27:18 - | -LL | impl<'a, 'b> Foo<'a, 'b, ()> for IndirectEvil<'a, 'b> { - | -- -- lifetime `'b` defined here - | | - | lifetime `'a` defined here -... -LL | let me = Self::make_me(); - | ^^^^^^^^^^^^^ requires that `'b` must outlive `'a` - | - = help: consider adding the following bound: `'b: 'a` - -error: lifetime may not live long enough - --> $DIR/wf-static-method.rs:35:9 - | -LL | impl<'a, 'b> Evil<'a, 'b> { - | -- -- lifetime `'b` defined here - | | - | lifetime `'a` defined here -LL | fn inherent_evil(u: &'b u32) -> &'a u32 { -LL | u - | ^ associated function was supposed to return data with lifetime `'a` but it is returning data with lifetime `'b` - | - = help: consider adding the following bound: `'b: 'a` - -error: lifetime may not live long enough - --> $DIR/wf-static-method.rs:44:5 + --> $DIR/wf-static-method.rs:37:5 | LL | fn evil<'a, 'b>(b: &'b u32) -> &'a u32 { | -- -- lifetime `'b` defined here @@ -50,7 +11,7 @@ LL | <()>::static_evil(b) = help: consider adding the following bound: `'b: 'a` error: lifetime may not live long enough - --> $DIR/wf-static-method.rs:49:5 + --> $DIR/wf-static-method.rs:42:5 | LL | fn indirect_evil<'a, 'b>(b: &'b u32) -> &'a u32 { | -- -- lifetime `'b` defined here @@ -62,7 +23,7 @@ LL | ::static_evil(b) = help: consider adding the following bound: `'b: 'a` error: lifetime may not live long enough - --> $DIR/wf-static-method.rs:54:5 + --> $DIR/wf-static-method.rs:47:5 | LL | fn inherent_evil<'a, 'b>(b: &'b u32) -> &'a u32 { | -- -- lifetime `'b` defined here @@ -73,5 +34,5 @@ LL | ::inherent_evil(b) | = help: consider adding the following bound: `'b: 'a` -error: aborting due to 6 previous errors +error: aborting due to 3 previous errors From 4174b2df833f7bc0024b59924c32170f85973253 Mon Sep 17 00:00:00 2001 From: Ali MJ Al-Nasrawy Date: Wed, 8 Nov 2023 09:22:24 +0000 Subject: [PATCH 3/4] wf-check type annotations before normalization --- .../traits/query/type_op/ascribe_user_type.rs | 54 +++++++++++-------- tests/ui/wf/wf-associated-const.rs | 9 ++-- tests/ui/wf/wf-associated-const.stderr | 28 +++++++++- 3 files changed, 62 insertions(+), 29 deletions(-) diff --git a/compiler/rustc_trait_selection/src/traits/query/type_op/ascribe_user_type.rs b/compiler/rustc_trait_selection/src/traits/query/type_op/ascribe_user_type.rs index 302b6016e5ea6..2bf8d05b4db93 100644 --- a/compiler/rustc_trait_selection/src/traits/query/type_op/ascribe_user_type.rs +++ b/compiler/rustc_trait_selection/src/traits/query/type_op/ascribe_user_type.rs @@ -63,13 +63,16 @@ fn relate_mir_and_user_ty<'tcx>( user_ty: Ty<'tcx>, ) -> Result<(), NoSolution> { let cause = ObligationCause::dummy_with_span(span); + ocx.register_obligation(Obligation::new( + ocx.infcx.tcx, + cause.clone(), + param_env, + ty::ClauseKind::WellFormed(user_ty.into()), + )); + let user_ty = ocx.normalize(&cause, param_env, user_ty); ocx.eq(&cause, param_env, mir_ty, user_ty)?; - // FIXME(#104764): We should check well-formedness before normalization. - let predicate = - ty::Binder::dummy(ty::PredicateKind::Clause(ty::ClauseKind::WellFormed(user_ty.into()))); - ocx.register_obligation(Obligation::new(ocx.infcx.tcx, cause, param_env, predicate)); Ok(()) } @@ -113,31 +116,38 @@ fn relate_mir_and_user_args<'tcx>( ocx.register_obligation(Obligation::new(tcx, cause, param_env, instantiated_predicate)); } + // Now prove the well-formedness of `def_id` with `substs`. + // Note for some items, proving the WF of `ty` is not sufficient because the + // well-formedness of an item may depend on the WF of gneneric args not present in the + // item's type. Currently this is true for associated consts, e.g.: + // ```rust + // impl MyTy { + // const CONST: () = { /* arbitrary code that depends on T being WF */ }; + // } + // ``` + for arg in args { + ocx.register_obligation(Obligation::new( + tcx, + cause.clone(), + param_env, + ty::ClauseKind::WellFormed(arg), + )); + } + if let Some(UserSelfTy { impl_def_id, self_ty }) = user_self_ty { + ocx.register_obligation(Obligation::new( + tcx, + cause.clone(), + param_env, + ty::ClauseKind::WellFormed(self_ty.into()), + )); + let self_ty = ocx.normalize(&cause, param_env, self_ty); let impl_self_ty = tcx.type_of(impl_def_id).instantiate(tcx, args); let impl_self_ty = ocx.normalize(&cause, param_env, impl_self_ty); ocx.eq(&cause, param_env, self_ty, impl_self_ty)?; - let predicate = ty::Binder::dummy(ty::PredicateKind::Clause(ty::ClauseKind::WellFormed( - impl_self_ty.into(), - ))); - ocx.register_obligation(Obligation::new(tcx, cause.clone(), param_env, predicate)); } - // In addition to proving the predicates, we have to - // prove that `ty` is well-formed -- this is because - // the WF of `ty` is predicated on the args being - // well-formed, and we haven't proven *that*. We don't - // want to prove the WF of types from `args` directly because they - // haven't been normalized. - // - // FIXME(nmatsakis): Well, perhaps we should normalize - // them? This would only be relevant if some input - // type were ill-formed but did not appear in `ty`, - // which...could happen with normalization... - let predicate = - ty::Binder::dummy(ty::PredicateKind::Clause(ty::ClauseKind::WellFormed(ty.into()))); - ocx.register_obligation(Obligation::new(tcx, cause, param_env, predicate)); Ok(()) } diff --git a/tests/ui/wf/wf-associated-const.rs b/tests/ui/wf/wf-associated-const.rs index dffa1713eff8f..629d807cb7f30 100644 --- a/tests/ui/wf/wf-associated-const.rs +++ b/tests/ui/wf/wf-associated-const.rs @@ -1,8 +1,5 @@ // check that associated consts can assume the impl header is well-formed. -// FIXME(aliemjay): we should check the impl header is WF at the use site -// but we currently don't in some cases. This is *unsound*. - trait Foo<'a, 'b, T>: Sized { const EVIL: fn(u: &'b u32) -> &'a u32; } @@ -27,11 +24,13 @@ impl<'a, 'b> Evil<'a, 'b> { // *check* that it holds at the use site. fn evil<'a, 'b>(b: &'b u32) -> &'a u32 { - <()>::EVIL(b) // FIXME: should be an error + <()>::EVIL(b) + //~^ ERROR lifetime may not live long enough } fn indirect_evil<'a, 'b>(b: &'b u32) -> &'a u32 { - ::EVIL(b) // FIXME: should be an error + ::EVIL(b) + //~^ ERROR lifetime may not live long enough } fn inherent_evil<'a, 'b>(b: &'b u32) -> &'a u32 { diff --git a/tests/ui/wf/wf-associated-const.stderr b/tests/ui/wf/wf-associated-const.stderr index e025d5d468a14..b0e1a118fab6d 100644 --- a/tests/ui/wf/wf-associated-const.stderr +++ b/tests/ui/wf/wf-associated-const.stderr @@ -1,5 +1,29 @@ error: lifetime may not live long enough - --> $DIR/wf-associated-const.rs:38:5 + --> $DIR/wf-associated-const.rs:27:5 + | +LL | fn evil<'a, 'b>(b: &'b u32) -> &'a u32 { + | -- -- lifetime `'b` defined here + | | + | lifetime `'a` defined here +LL | <()>::EVIL(b) + | ^^^^^^^^^^^^^ function was supposed to return data with lifetime `'a` but it is returning data with lifetime `'b` + | + = help: consider adding the following bound: `'b: 'a` + +error: lifetime may not live long enough + --> $DIR/wf-associated-const.rs:32:5 + | +LL | fn indirect_evil<'a, 'b>(b: &'b u32) -> &'a u32 { + | -- -- lifetime `'b` defined here + | | + | lifetime `'a` defined here +LL | ::EVIL(b) + | ^^^^^^^^^^^^^^^^^^^^^^^ function was supposed to return data with lifetime `'a` but it is returning data with lifetime `'b` + | + = help: consider adding the following bound: `'b: 'a` + +error: lifetime may not live long enough + --> $DIR/wf-associated-const.rs:37:5 | LL | fn inherent_evil<'a, 'b>(b: &'b u32) -> &'a u32 { | -- -- lifetime `'b` defined here @@ -10,5 +34,5 @@ LL | ::INHERENT_EVIL(b) | = help: consider adding the following bound: `'b: 'a` -error: aborting due to previous error +error: aborting due to 3 previous errors From 9c4e92f65cbc787495d61d08f143d9df1db81c14 Mon Sep 17 00:00:00 2001 From: Ali MJ Al-Nasrawy Date: Thu, 9 Nov 2023 10:12:56 +0000 Subject: [PATCH 4/4] try fast path for wf type ops --- .../src/traits/query/type_op/prove_predicate.rs | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/compiler/rustc_trait_selection/src/traits/query/type_op/prove_predicate.rs b/compiler/rustc_trait_selection/src/traits/query/type_op/prove_predicate.rs index 789ef647246e9..8856ac891ba82 100644 --- a/compiler/rustc_trait_selection/src/traits/query/type_op/prove_predicate.rs +++ b/compiler/rustc_trait_selection/src/traits/query/type_op/prove_predicate.rs @@ -30,6 +30,23 @@ impl<'tcx> super::QueryTypeOp<'tcx> for ProvePredicate<'tcx> { } } + if let ty::PredicateKind::Clause(ty::ClauseKind::WellFormed(arg)) = + key.value.predicate.kind().skip_binder() + { + match arg.as_type()?.kind() { + ty::Param(_) + | ty::Bool + | ty::Char + | ty::Int(_) + | ty::Float(_) + | ty::Str + | ty::Uint(_) => { + return Some(()); + } + _ => {} + } + } + None }