git.lizzy.rs Git - rust.git/commit

author	Felix S. Klock II <pnkfelix@pnkfx.org>
	Fri, 8 May 2015 13:06:16 +0000 (15:06 +0200)
committer	Felix S. Klock II <pnkfelix@pnkfx.org>
	Fri, 8 May 2015 13:06:16 +0000 (15:06 +0200)
commit	b5b5a177588c0e8dfc6b9e79540bcbd1eeb9ef91
tree	22fc5503ae4af14216db4032f597b47799480749	tree \| snapshot
parent	ee06263f9227c75a3e0df6997bb0bb203c2efa65	commit \| diff

dropck: must assume `Box<Trait + 'a>` has a destructor of interest.

Implements this (previously overlooked) note from [RFC 769]:

> (Note: When encountering a D of the form `Box<Trait+'b>`, we
> conservatively assume that such a type has a Drop implementation
> parametric in 'b.)

Fix #25199.

[breaking-change]

The breakage here falls into both obvious and non-obvious cases.

The obvious case: if you were relying on the unsoundness this exposes
(namely being able to reference dead storage from a destructor, by
doing it via a boxed trait object bounded by the lifetime of the dead
storage), then this change disallows that.

The non-obvious cases: The way dropck works, it causes lifetimes to be
extended to longer extents than they covered before. I.e.  lifetimes
that are attached as trait-bounds may become longer than they were
previously.

* This includes lifetimes that are only *implicitly* attached as
  trait-bounds (due to [RFC 599]). So you may have code that was
  e.g. taking a parameter of type `&'a Box<Trait>` (which expands to
  `&'a Box<Trait+'a>`), that now may need to be assigned type `&'a
  Box<Trait+'static>` to ensure that `'a` is not inadvertantly
  inferred to a region that is actually too long.  (See earlier commit
  in this PR for an example of this.)

[RFC 769]: https://github.com/rust-lang/rfcs/blob/master/text/0769-sound-generic-drop.md#the-drop-check-rule

[RFC 599]: https://github.com/rust-lang/rfcs/blob/master/text/0599-default-object-bound.md