Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Actually use placeholder regions for trait method late bound regions in collect_return_position_impl_trait_in_trait_tys #133428

Merged
merged 2 commits into from
Nov 28, 2024

Conversation

compiler-errors
Copy link
Member

@compiler-errors compiler-errors commented Nov 24, 2024

So in #113182, I introduced a "diagnostics improvement" in the form of 473c88d, which changes which signature we end up instantiating with placeholder regions and which signature we end up instantiating with fresh region vars so that we have placeholders corresponding to the names of the late-bound regions coming from the impl.

However, this is not sound, since now we're essentially no longer proving that all instantiations of the trait method are compatible with an instantiation of the impl method, but vice versa (which is weaker). Let's look at the example tests/ui/impl-trait/in-trait/do-not-imply-from-trait-impl.rs:

trait MkStatic {
    fn mk_static(self) -> &'static str;
}

impl MkStatic for &'static str {
    fn mk_static(self) -> &'static str { self }
}

trait Foo {
    fn foo<'a: 'static, 'late>(&'late self) -> impl MkStatic;
}

impl Foo for str {
    fn foo<'a: 'static>(&'a self) -> impl MkStatic + 'static {
        self
    }
}

fn call_foo<T: Foo + ?Sized>(t: &T) -> &'static str {
    t.foo().mk_static()
}

fn main() {
    let s = call_foo(String::from("hello, world").as_str());
    println!("> {s}");
}

To collect RPITITs, we were previously instantiating the trait signature with infer vars (fn(&'?0 str) -> ?1t where ?1t is the variable we use to infer the RPITIT) and the impl signature with placeholders (there are no late-bound regions in that signature, so we just have fn(&'a str) -> Opaque).

Equating the signatures works, since all we do is unify ?1t with Opaque and '?0 with 'a. However, conceptually it shouldn't hold, since this definition is not valid for all instantiations of the trait method but just the one where '0 (i.e. 'late) is equal to 'a :(

So what

This PR effectively reverts 473c88d to fix the unsoundness.

Fixes #133427
Also fixes #133425, which is actually coincidentally another instance of this bug (but not one that is weaponized into UB, just one that causes an ICE in refinement checking).

…in collect_return_position_impl_trait_in_trait_tys
@rustbot
Copy link
Collaborator

rustbot commented Nov 24, 2024

r? @cjgillot

rustbot has assigned @cjgillot.
They will have a look at your PR within the next two weeks and either review your PR or reassign to another reviewer.

Use r? to explicitly pick a reviewer

@rustbot rustbot added S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. T-compiler Relevant to the compiler team, which will review and decide on the PR/issue. labels Nov 24, 2024
@compiler-errors
Copy link
Member Author

r? types

Or @cjgillot could review this if they want, since they were involved in some of this impl -> trait RPITIT remapping in the history of RPITITs and so may be able to page in some context.

@rustbot rustbot added the T-types Relevant to the types team, which will review and decide on the PR/issue. label Nov 24, 2024
@rustbot rustbot assigned BoxyUwU and unassigned cjgillot Nov 24, 2024
help: change the parameter type to match the trait
|
LL | fn early<'late, T>(_: &T) {}
| ~~
LL | fn early<'late, T>(_: &'early T) {}
Copy link
Member Author

@compiler-errors compiler-errors Nov 24, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You may think, wow this diagnostic sucks, since it's mentioning a lifetime that isn't even in the signature.

Well, it does suck, but it doesn't suck any more than the error you would get from the code if it had no RPITITs. So I don't think it needs fixing here.

@@ -883,22 +883,6 @@ impl<'tcx> ty::FallibleTypeFolder<TyCtxt<'tcx>> for RemapHiddenTyRegions<'tcx> {
self.tcx
}

fn try_fold_ty(&mut self, t: Ty<'tcx>) -> Result<Ty<'tcx>, Self::Error> {
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We don't need this.

In fact, it has the potential to cause ICEs since us not remapping bivariant lifetimes on opaques may lead us to leaking infer vars into query responses. This does not happen in practice though.

@BoxyUwU
Copy link
Member

BoxyUwU commented Nov 25, 2024

trait Foo {
    fn foo<'a: 'static, 'late>(&'late self);
}

impl Foo for str {
    fn foo<'a: 'static>(&'a self) {}
}

Fails to compile on nightly, why does adding a RPITIT make this start compiling. Even if the logic for RPITITs is wrong I wouldn't have expected this to affect impl checks in general

@compiler-errors
Copy link
Member Author

Because the bad RPITIT adds implied bounds due to the bidirectional outlives we install in: https://github.com/rust-lang/rust/blob/master/compiler/rustc_hir_analysis/src/collect/predicates_of.rs#L329

@compiler-errors
Copy link
Member Author

It doesn't pass on stable because #129383 changed the ordering we duplicate lifetimes (soundly, that PR did not do anything's wrong) but that affects what regions we end up mapping the hidden type back to.

We end up remapping an opaque hidden type to Opaque<'a, 'late> which has that bad implied bound.

@BoxyUwU
Copy link
Member

BoxyUwU commented Nov 25, 2024

r? @lcnr

seems reasonable to me but I don't have a very rigorous understanding of opaques

@rustbot rustbot assigned lcnr and unassigned BoxyUwU Nov 25, 2024
@lcnr
Copy link
Contributor

lcnr commented Nov 27, 2024

r=me after nit

@compiler-errors
Copy link
Member Author

@bors r=lcnr rollup

@bors
Copy link
Contributor

bors commented Nov 27, 2024

📌 Commit 871cfc9 has been approved by lcnr

It is now in the queue for this repository.

@bors bors added S-waiting-on-bors Status: Waiting on bors to run and complete tests. Bors will change the label on completion. and removed S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. labels Nov 27, 2024
bors added a commit to rust-lang-ci/rust that referenced this pull request Nov 28, 2024
…llaumeGomez

Rollup of 12 pull requests

Successful merges:

 - rust-lang#129409 (Expand std::os::unix::fs::chown() doc with a warning)
 - rust-lang#133320 (Add release notes for Rust 1.83.0)
 - rust-lang#133368 (Delay a bug when encountering an impl with unconstrained generics in `codegen_select`)
 - rust-lang#133428 (Actually use placeholder regions for trait method late bound regions in `collect_return_position_impl_trait_in_trait_tys`)
 - rust-lang#133512 (Add `as_array` and `as_mut_array` conversion methods to slices.)
 - rust-lang#133519 (Check `xform_ret_ty` for WF in the new solver to improve method winnowing)
 - rust-lang#133520 (Structurally resolve before applying projection in borrowck)
 - rust-lang#133534 (extend group-forbid-always-trumps-cli test)
 - rust-lang#133537 ([rustdoc] Fix new clippy lints)
 - rust-lang#133543 ([AIX] create shim for lgammaf_r)
 - rust-lang#133547 (rustc_span: Replace a `HashMap<_, ()>` with `HashSet`)
 - rust-lang#133550 (print generated doc paths)

r? `@ghost`
`@rustbot` modify labels: rollup
@bors bors merged commit 3e095e8 into rust-lang:master Nov 28, 2024
6 checks passed
@rustbot rustbot added this to the 1.85.0 milestone Nov 28, 2024
rust-timer added a commit to rust-lang-ci/rust that referenced this pull request Nov 28, 2024
Rollup merge of rust-lang#133428 - compiler-errors:rpitit-unsound, r=lcnr

Actually use placeholder regions for trait method late bound regions in `collect_return_position_impl_trait_in_trait_tys`

So in rust-lang#113182, I introduced a "diagnostics improvement" in the form of 473c88d, which changes which signature we end up instantiating with placeholder regions and which signature we end up instantiating with fresh region vars so that we have placeholders corresponding to the names of the late-bound regions coming from the *impl*.

However, this is not sound, since now we're essentially no longer proving that *all* instantiations of the trait method are compatible with an instantiation of the impl method, but vice versa (which is weaker).  Let's look at the example `tests/ui/impl-trait/in-trait/do-not-imply-from-trait-impl.rs`:

```rust
trait MkStatic {
    fn mk_static(self) -> &'static str;
}

impl MkStatic for &'static str {
    fn mk_static(self) -> &'static str { self }
}

trait Foo {
    fn foo<'a: 'static, 'late>(&'late self) -> impl MkStatic;
}

impl Foo for str {
    fn foo<'a: 'static>(&'a self) -> impl MkStatic + 'static {
        self
    }
}

fn call_foo<T: Foo + ?Sized>(t: &T) -> &'static str {
    t.foo().mk_static()
}

fn main() {
    let s = call_foo(String::from("hello, world").as_str());
    println!("> {s}");
}
```

To collect RPITITs, we were previously instantiating the trait signature with infer vars (`fn(&'?0 str) -> ?1t` where `?1t` is the variable we use to infer the RPITIT) and the impl signature with placeholders (there are no late-bound regions in that signature, so we just have `fn(&'a str) -> Opaque`).

Equating the signatures works, since all we do is unify `?1t` with `Opaque` and `'?0` with `'a`. However, conceptually it *shouldn't* hold, since this definition is not valid for *all* instantiations of the trait method but just the one where `'0` (i.e. `'late`) is equal to `'a` :(

## So what

This PR effectively reverts 473c88d to fix the unsoundness.

Fixes rust-lang#133427
Also fixes rust-lang#133425, which is actually coincidentally another instance of this bug (but not one that is weaponized into UB, just one that causes an ICE in refinement checking).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
S-waiting-on-bors Status: Waiting on bors to run and complete tests. Bors will change the label on completion. T-compiler Relevant to the compiler team, which will review and decide on the PR/issue. T-types Relevant to the types team, which will review and decide on the PR/issue.
Projects
None yet
6 participants