Niko Matsakis [Wed, 20 May 2020 14:31:51 +0000 (14:31 +0000)]
upcasting traits requires only that things become more general
Revert the code that states that upcasting traits requires full
equality and change to require that the source type is a subtype of
the target type, as one would expect. As the comment states, this was
an old bug that we didn't want to fix yet as it interacted poorly with
the old leak-check. This fixes the old-lub-glb-object test, which was
previously reporting too many errors (i.e., in the previous commit).
Niko Matsakis [Wed, 20 May 2020 10:19:36 +0000 (10:19 +0000)]
move leak-check to during coherence, candidate eval
In particular, it no longer occurs during the subtyping check. This is
important for enabling lazy normalization, because the subtyping check
will be producing sub-obligations that could affect its results.
Consider an example like
for<'a> fn(<&'a as Mirror>::Item) =
fn(&'b u8)
where `<T as Mirror>::Item = T` for all `T`. We will wish to produce a
new subobligation like
<'!1 as Mirror>::Item = &'b u8
This will, after being solved, ultimately yield a constraint that `'!1
= 'b` which will fail. But with the leak-check being performed on
subtyping, there is no opportunity to normalize `<'!1 as
Mirror>::Item` (unless we invoke that normalization directly from
within subtyping, and I would prefer that subtyping and unification
are distinct operations rather than part of the trait solving stack).
The reason to keep the leak check during coherence and trait
evaluation is partly for backwards compatibility. The coherence change
permits impls for `fn(T)` and `fn(&T)` to co-exist, and the trait
evaluation change means that we can distinguish those two cases
without ambiguity errors. It also avoids recreating #57639, where we
were incorrectly choosing a where clause that would have failed the
leak check over the impl which succeeds.
The other reason to keep the leak check in those places is that I
think it is actually close to the model we want. To the point, I think
the trait solver ought to have the job of "breaking down"
higher-ranked region obligation like ``!1: '2` into into region
obligations that operate on things in the root universe, at which
point they should be handed off to polonius. The leak check isn't
*really* doing that -- these obligations are still handed to the
region solver to process -- but if/when we do adopt that model, the
decision to pass/fail would be happening in roughly this part of the
code.
This change had somewhat more side-effects than I anticipated. It
seems like there are cases where the leak-check was not being enforced
during method proving and trait selection. I haven't quite tracked
this down but I think it ought to be documented, so that we know what
precisely we are committing to.
One surprising test was `issue-30786.rs`. The behavior there seems a
bit "fishy" to me, but the problem is not related to the leak check
change as far as I can tell, but more to do with the closure signature
inference code and perhaps the associated type projection, which
together seem to be conspiring to produce an unexpected
signature. Nonetheless, it is an example of where changing the
leak-check can have some unexpected consequences: we're now failing to
resolve a method earlier than we were, which suggests we might change
some method resolutions that would have been ambiguous to be
successful.
TODO:
* figure out remainig test failures
* add new coherence tests for the patterns we ARE disallowing
Niko Matsakis [Tue, 19 May 2020 01:09:40 +0000 (01:09 +0000)]
rewrite leak check to be based on universes
In the new leak check, instead of getting a list of placeholders to
track, we look for any placeholder that is part of a universe which
was created during the snapshot.
We are looking for the following error patterns:
* P1: P2, where P1 != P2
* P1: R, where R is in some universe that cannot name P1
This new leak check is more precise than before, in that it accepts
this patterns:
* R: P1, even if R cannot name P1, because R = 'static is a valid
sol'n
* R: P1, R: P2, as above
Note that this leak check, when running during subtyping, is less
efficient than before in some sense because it is going to check and
re-check all the universes created since the snapshot. We're going to
move when the leak check runs to try and correct that.
Niko Matsakis [Mon, 18 May 2020 09:43:36 +0000 (09:43 +0000)]
modify leak-check to track only outgoing edges from placeholders
Also, update the affected tests. This seems strictly better but it is
actually more permissive than I initially intended. In particular it
accepts this
bors [Sun, 21 Jun 2020 21:05:57 +0000 (21:05 +0000)]
Auto merge of #73180 - matthewjasper:predicate-cache, r=nikomatsakis
Cache flags and escaping vars for predicates
With predicates becoming interned (rust-lang/compiler-team#285) this is now possible and could be a perf win. It would become an even larger win once we have recursive predicates.
bors [Sun, 21 Jun 2020 17:10:09 +0000 (17:10 +0000)]
Auto merge of #72936 - jackh726:chalk-more, r=nikomatsakis
Upgrade Chalk
Things done in this PR:
- Upgrade Chalk to `0.11.0`
- Added compare-mode=chalk
- Bump rustc-hash in `librustc_data_structures` to `1.1.0` to match Chalk
- Removed `RustDefId` since the builtin type support is there
- Add a few more `FIXME(chalk)`s for problem spots I hit when running all tests with chalk
- Added some more implementation code for some newer builtin Chalk types (e.g. `FnDef`, `Array`)
- Lower `RegionOutlives` and `ObjectSafe` predicates
- Lower `Dyn` without the region
- Handle `Int`/`Float` `CanonicalVarKind`s
- Uncomment some Chalk tests that actually work now
- Remove the revisions in `src/test/ui/coherence/coherence-subtyping.rs` since they aren't doing anything different
bors [Sun, 21 Jun 2020 13:18:00 +0000 (13:18 +0000)]
Auto merge of #72696 - jethrogb:jb/llvm-zlib, r=Mark-Simulacrum
Enable LLVM zlib
Compilers may generate ELF objects with compressed sections (although rustc currently doesn't do this). Currently, when linking these with `rust-lld`, you'll get this error:
`rust-lld: error: ...: contains a compressed section, but zlib is not available`
bors [Sun, 21 Jun 2020 02:20:07 +0000 (02:20 +0000)]
Auto merge of #70946 - jumbatm:clashing-extern-decl, r=nagisa
Add a lint to catch clashing `extern` fn declarations.
Closes #69390.
Adds lint `clashing_extern_decl` to detect when, within a single crate, an extern function of the same name is declared with different types. Because two symbols of the same name cannot be resolved to two different functions at link time, and one function cannot possibly have two types, a clashing extern declaration is almost certainly a mistake.
This lint does not run between crates because a project may have dependencies which both rely on the same extern function, but declare it in a different (but valid) way. For example, they may both declare an opaque type for one or more of the arguments (which would end up distinct types), or use types that are valid conversions in the language the extern fn is defined in. In these cases, we can't say that the clashing declaration is incorrect.
Rollup merge of #73443 - pietroalbini:gha-auto-fallible, r=Mark-Simulacrum
ci: allow gating GHA on everything but macOS
In our GitHub Actions setup macOS is too unreliable to gate on it, but the other builders work fine. This commit splits the macOS builders into a separate job (called `auto-fallible`), allowing us to gate on the auto job without failing due to macOS spurious failures.
cc https://github.com/rust-lang/rust-central-station/issues/848
r? @Mark-Simulacrum
Rollup merge of #73287 - davidtwco:issue-73251-opaque-types-in-projections, r=estebank
lint: normalize projections using opaque types
Fixes #73251.
This PR normalizes projections which use opaque types (opaque types are otherwise linted against, which is would have previously made the test cases added in this PR fail).
Rollup merge of #72790 - jonhoo:duration-is-zero, r=LukasKalbertodt
core/time: Add Duration methods for zero
This patch adds two methods to `Duration`. The first, `Duration::zero`,
provides a `const` constructor for getting an zero-length duration. This
is also what `Default` provides (this was clarified in the docs), though
`default` is not `const`.
The second, `Duration::is_zero`, returns true if a `Duration` spans no
time (i.e., because its components are all zero). Previously, the way to
do this was either to compare both `as_secs` and `subsec_nanos` to 0, to
compare against `Duration::new(0, 0)`, or to use the `u128` method
`as_nanos`, none of which were particularly elegant.
Rollup merge of #72788 - matthewjasper:projection-bound-validation, r=nikomatsakis
Projection bound validation
During selection we use bounds declared on associated types (e.g. `type X: Copy`) to satisfy trait/projection bounds. This would be fine so long as those bounds are checked on any impls/trait objects. For simple cases they are because the bound `Self::X: Copy` gets normalized when we check the impl.
However, for default values with specialization and higher-ranked bounds from GATs or otherwise, we can't normalize when checking the impl, and so we use the bound from the trait to prove that the bound applies to the impl, which is clearly unsound.
This PR makes 2 fixes for this:
1. Requiring that the bounds on the trait apply to a projection type with the corresponding substs, so a bound `for<'a> <Self as X<'a>>::U: Copy` on the trait cannot be used to prove `<T as X<'_>>::U: Copy`.
2. Actually checking that the bounds that we still allow apply to generic/default associated types.
Rollup merge of #72456 - ldm0:dereftrait, r=estebank
Try to suggest dereferences on trait selection failed
Fixes #39029 Fixes #62530
This PR consists of two parts:
1. Decouple `Autoderef` with `FnCtxt` and move `Autoderef` to `librustc_trait_selection`.
2. Try to suggest dereferences when trait selection failed.
The first is needed because:
1. For suggesting dereferences, the struct `Autoderef` should be used. But before this PR, it is placed in `librustc_typeck`, which depends on `librustc_trait_selection`. But trait selection error emitting happens in `librustc_trait_selection`, if we want to use `Autoderef` in it, dependency loop is inevitable. So I moved the `Autoderef` to `librustc_trait_selection`.
2. Before this PR, `FnCtxt` is coupled to `Autoderef`, and `FnCtxt` only exists in `librustc_typeck`. So decoupling is needed.
After this PR, we can get suggestion like this:
```
error[E0277]: the trait bound `&Baz: Happy` is not satisfied
--> $DIR/trait-suggest-deferences-multiple.rs:34:9
|
LL | fn foo<T>(_: T) where T: Happy {}
| ----- required by this bound in `foo`
...
LL | foo(&baz);
| ^^^^
| |
| the trait `Happy` is not implemented for `&Baz`
| help: consider adding dereference here: `&***baz`
error: aborting due to previous error
For more information about this error, try `rustc --explain E0277`.
```
bors [Sat, 20 Jun 2020 19:14:52 +0000 (19:14 +0000)]
Auto merge of #73550 - RalfJung:rollup-5huj1k1, r=RalfJung
Rollup of 9 pull requests
Successful merges:
- #72600 (Properly encode AnonConst into crate metadata)
- #73055 (remove leftover mentions of `skol` and `int` from the compiler)
- #73058 (Support sanitizers on aarch64-unknown-linux-gnu)
- #73171 (RISC-V Emulated Testing)
- #73404 (Update CFGuard syntax)
- #73444 (ci: disable alt build during try builds)
- #73471 (Prevent attacker from manipulating FPU tag word used in SGX enclave)
- #73539 (Deprecate `Vec::remove_item`)
- #73543 (Clean up E0695 explanation)
Jon Gjengset [Sat, 30 May 2020 18:55:38 +0000 (14:55 -0400)]
core/time: Add Duration methods for zero
This patch adds two methods to `Duration`. The first, `Duration::zero`,
provides a `const` constructor for getting an zero-length duration. This
is also what `Default` provides (this was clarified in the docs), though
`default` is not `const`.
The second, `Duration::is_zero`, returns true if a `Duration` spans no
time (i.e., because its components are all zero). Previously, the way to
do this was either to compare both `as_secs` and `subsec_nanos` to 0, to
compare against `Duration::new(0, 0)`, or to use the `u128` method
`as_nanos`, none of which were particularly elegant.
Ralf Jung [Sat, 20 Jun 2020 14:39:59 +0000 (16:39 +0200)]
Rollup merge of #73539 - LukasKalbertodt:deprecate-vec-remove-item, r=Mark-Simulacrum
Deprecate `Vec::remove_item`
In #40062 we decided to remove that method. In #71834 it was said that we want to deprecate it for a few cycles before removing it. That's what this PR does.
Ralf Jung [Sat, 20 Jun 2020 14:39:57 +0000 (16:39 +0200)]
Rollup merge of #73471 - raoulstrackx:raoul/fpu_tag_word, r=jethrogb
Prevent attacker from manipulating FPU tag word used in SGX enclave
Insufficient sanitization of the x87 FPU tag word in the trusted enclave runtime allowed unprivileged adversaries in the containing host application to induce incoherent or unexpected results for ABI-compliant compiled enclave application code that uses the x87 FPU.
Vulnerability was disclosed to us by Fritz Alder, Jo Van Bulck, David Oswald and Frank Piessens
Matthew Jasper [Thu, 11 Jun 2020 15:50:34 +0000 (16:50 +0100)]
Move bounds on associated types to the type
Given `trait X { type U; }` the bound `<Self as X>::U` now lives
on the type, rather than the trait. This is feature gated on
`feature(generic_associated_types)` for now until more testing can
be done.
The also enabled type-generic associated types since we no longer
need "implies bounds".
Matthew Jasper [Sat, 30 May 2020 16:19:31 +0000 (17:19 +0100)]
Consider fewer predicates for projection candidates
We now require that projection candidates are applicable with the
idenitity substs of the trait, rather than allowing predicates that are
only applicable for certain substs.
David Wood [Fri, 12 Jun 2020 16:42:08 +0000 (17:42 +0100)]
lint: normalize projections using opaque types
This commit normalizes projections which contain opaque types (opaque types
are otherwise linted against, which is would have previously made the
test cases added in this commit fail).
bors [Sat, 20 Jun 2020 02:45:08 +0000 (02:45 +0000)]
Auto merge of #73528 - Manishearth:rollup-7djz8nd, r=Manishearth
Rollup of 16 pull requests
Successful merges:
- #71420 (Specialization is unsound)
- #71899 (Refactor `try_find` a little)
- #72689 (add str to common types)
- #72791 (update coerce docs and unify relevant tests)
- #72934 (forbid mutable references in all constant contexts except for const-fns)
- #73027 (Make `need_type_info_err` more conservative)
- #73347 (Diagnose use of incompatible sanitizers)
- #73359 (shim.rs: avoid creating `Call` terminators calling `Self`)
- #73399 (Clean up E0668 explanation)
- #73436 (Clean up E0670 explanation)
- #73440 (Add src/librustdoc as an alias for src/tools/rustdoc)
- #73442 (pretty/mir: const value enums with no variants)
- #73452 (Unify region variables when projecting associated types)
- #73458 (Use alloc::Layout in DroplessArena API)
- #73484 (Update the doc for std::prelude to the correct behavior)
- #73506 (Bump Rustfmt and RLS)
Rollup merge of #73452 - matthewjasper:auto-rec, r=nikomatsakis
Unify region variables when projecting associated types
This is required to avoid cycles when evaluating auto trait predicates.
Notably, this is required to be able add Chalk types to `CtxtInterners` for `cfg(parallel_compiler)`.