-
Notifications
You must be signed in to change notification settings - Fork 12.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
HRTB on subtrait unsoundly provides HTRB on supertrait with weaker implied bounds #84591
Comments
Just wanted to write a couple thoughts:
is kind of the wrong naming. Here Second, I wonder if this might just be solved to make this |
How did I miss this… One moment, let me fix this…… Edit: Done.
Why should it not be WF? The implementation could just |
Assigning |
Discussed in T-compiler triage meeting. Added relevant labels. Believed to be known long-standing issue, and something that the traits WG wants to address alongside improvements to trait infrastructure. But: Not a release blocker, so downgrading to P-high. |
Strongly related to #25860 |
here's an example where the trait hierarchy is a bit more problematic. trait Subtrait<T>: Supertrait {}
trait Supertrait {
fn action(self);
}
fn subs_to_soup<T, U>(x: T)
where
T: Subtrait<U>,
{
soup(x)
}
fn soup<T: Supertrait>(x: T) {
x.action();
}
impl<'a, 'b: 'a> Supertrait for (&'b str, &mut &'a str) {
fn action(self) {
*self.1 = self.0;
}
}
impl<'a, 'b> Subtrait<&'a &'b str> for (&'b str, &mut &'a str) {}
fn main() {
let mut d = "hi";
{
let x = "Hello World".to_string();
subs_to_soup((x.as_str(), &mut d));
}
println!("{}", d);
} we should require trait solving to prove wf for the types it creates while matching impls ✨ |
…unsound-issues, r=jackh726 Add `known-bug` tests for 11 unsound issues r? `@jackh726` Should tests for other issues be in separate PRs? Thanks. Edit: Partially addresses rust-lang#105107. This PR adds `known-bug` tests for 11 unsound issues: - rust-lang#25860 - rust-lang#49206 - rust-lang#57893 - rust-lang#84366 - rust-lang#84533 - rust-lang#84591 - rust-lang#85099 - rust-lang#98117 - rust-lang#100041 - rust-lang#100051 - rust-lang#104005
…unsound-issues, r=jackh726 Add `known-bug` tests for 11 unsound issues r? ``@jackh726`` Should tests for other issues be in separate PRs? Thanks. Edit: Partially addresses rust-lang#105107. This PR adds `known-bug` tests for 11 unsound issues: - rust-lang#25860 - rust-lang#49206 - rust-lang#57893 - rust-lang#84366 - rust-lang#84533 - rust-lang#84591 - rust-lang#85099 - rust-lang#98117 - rust-lang#100041 - rust-lang#100051 - rust-lang#104005
…unsound-issues, r=jackh726 Add `known-bug` tests for 11 unsound issues r? `@jackh726` Should tests for other issues be in separate PRs? Thanks. Edit: Partially addresses rust-lang#105107. This PR adds `known-bug` tests for 11 unsound issues: - rust-lang#25860 - rust-lang#49206 - rust-lang#57893 - rust-lang#84366 - rust-lang#84533 - rust-lang#84591 - rust-lang#85099 - rust-lang#98117 - rust-lang#100041 - rust-lang#100051 - rust-lang#104005
…unsound-issues, r=jackh726 Add `known-bug` tests for 11 unsound issues r? ``@jackh726`` Should tests for other issues be in separate PRs? Thanks. Edit: Partially addresses rust-lang#105107. This PR adds `known-bug` tests for 11 unsound issues: - rust-lang#25860 - rust-lang#49206 - rust-lang#57893 - rust-lang#84366 - rust-lang#84533 - rust-lang#84591 - rust-lang#85099 - rust-lang#98117 - rust-lang#100041 - rust-lang#100051 - rust-lang#104005
…unsound-issues, r=jackh726 Add `known-bug` tests for 11 unsound issues r? `@jackh726` Should tests for other issues be in separate PRs? Thanks. Edit: Partially addresses rust-lang#105107. This PR adds `known-bug` tests for 11 unsound issues: - rust-lang#25860 - rust-lang#49206 - rust-lang#57893 - rust-lang#84366 - rust-lang#84533 - rust-lang#84591 - rust-lang#85099 - rust-lang#98117 - rust-lang#100041 - rust-lang#100051 - rust-lang#104005
…unsound-issues, r=jackh726 Add `known-bug` tests for 11 unsound issues r? ``@jackh726`` Should tests for other issues be in separate PRs? Thanks. Edit: Partially addresses rust-lang#105107. This PR adds `known-bug` tests for 11 unsound issues: - rust-lang#25860 - rust-lang#49206 - rust-lang#57893 - rust-lang#84366 - rust-lang#84533 - rust-lang#84591 - rust-lang#85099 - rust-lang#98117 - rust-lang#100041 - rust-lang#100051 - rust-lang#104005
I’m giving an exploitation below at the end of this description. This is my interpretation of where exactly the unsoundness lies:
If I have a trait hierarchy
then a higher ranked trait bound (HRTB) like this
does/should only apply to such lifetimes
'a
,'b
that fulfill the outlives-relation'a: 'b
.(
'a: 'b
is needed for&'b &'a ()
to be a valid type.)However, the bound
appears to imply the bound
and in this one, the lifetimes
'a
and'b
are universally quantified without any implicit outlives-relation.This implication is demonstrated below:
(playground)
One could of course debate whether
for<'a, 'b> Subtrait<'a, 'b, &'b &'a ()>
should perhaps in-fact include afor<'a, 'b> Supertrait<'a, 'b>
bound, but that seems kind-of weird IMO, and also the following code demonstrates that you only needSupertrait<'a, 'b>
with'a: 'b
for a fully genericSubtrait<'a, 'b, &'b &'a ()>
implementation:(playground)
Finally, here’s how to turn this into actual UB:
(playground)
This demonstration compiles since Rust
1.7
.@rustbot modify labels: T-compiler, A-traits, A-lifetimes, A-typesystem
and someone please add “I-unsound 💥”.
The text was updated successfully, but these errors were encountered: