Skip to content

Fix soundness bug with type alias impl trait #82558

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 6 commits into from
Closed

Fix soundness bug with type alias impl trait #82558

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
af5f158
Use tracing::instrument for better analzyabilty of logs around impl t…
oli-obk Feb 26, 2021
1625296
Stop OpaqueTypeDecl from being Copy
oli-obk Feb 26, 2021
549f545
Require all type variables to satisfy the impl trait bounds
oli-obk Feb 26, 2021
d9d4a52
Emit an error when there are two differently inferred impl traits wit…
oli-obk Feb 26, 2021
0382c00
Defining use errors yield the error type to reduce irrelevant follow-…
oli-obk Mar 18, 2021
93f3d08
Don't emit errors containing `type error` as another (more useful) er…
oli-obk Mar 18, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions compiler/rustc_mir/src/borrow_check/type_check/mod.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1307,7 +1307,7 @@ impl<'a, 'tcx> TypeChecker<'a, 'tcx> {
};
debug!("opaque_defn_ty = {:?}", opaque_defn_ty);
let subst_opaque_defn_ty =
opaque_defn_ty.concrete_type.subst(tcx, opaque_decl.substs);
opaque_defn_ty.concrete_type.subst(tcx, opaque_decl.substs[0]);
let renumbered_opaque_defn_ty =
renumber::renumber_regions(infcx, subst_opaque_defn_ty);

Expand All @@ -1328,7 +1328,7 @@ impl<'a, 'tcx> TypeChecker<'a, 'tcx> {
opaque_def_id,
ty::ResolvedOpaqueTy {
concrete_type: renumbered_opaque_defn_ty,
substs: opaque_decl.substs,
substs: opaque_decl.substs[0],
},
));
} else {
Expand Down
128 changes: 77 additions & 51 deletions compiler/rustc_trait_selection/src/opaque_types.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ use rustc_middle::ty::fold::{BottomUpFolder, TypeFoldable, TypeFolder, TypeVisit
use rustc_middle::ty::subst::{GenericArg, GenericArgKind, InternalSubsts, Subst, SubstsRef};
use rustc_middle::ty::{self, Ty, TyCtxt};
use rustc_span::Span;
use smallvec::{smallvec, SmallVec};

use std::ops::ControlFlow;

Expand All @@ -21,7 +22,7 @@ pub type OpaqueTypeMap<'tcx> = DefIdMap<OpaqueTypeDecl<'tcx>>;
/// Information about the opaque types whose values we
/// are inferring in this function (these are the `impl Trait` that
/// appear in the return type).
#[derive(Copy, Clone, Debug)]
#[derive(Clone, Debug)]
pub struct OpaqueTypeDecl<'tcx> {
/// The opaque type (`ty::Opaque`) for this declaration.
pub opaque_type: Ty<'tcx>,
Expand All @@ -37,7 +38,11 @@ pub struct OpaqueTypeDecl<'tcx> {
/// fn foo<'a, 'b, T>() -> Foo<'a, T>
///
/// then `substs` would be `['a, T]`.
pub substs: SubstsRef<'tcx>,
///
/// In case there are multiple conflicting substs an error has already
/// been reported, but we still store the additional substs here in order
/// to allow for better diagnostics later.
pub substs: SmallVec<[SubstsRef<'tcx>; 1]>,

/// The span of this particular definition of the opaque type. So
/// for example:
Expand Down Expand Up @@ -95,6 +100,7 @@ pub struct OpaqueTypeDecl<'tcx> {
}

/// Whether member constraints should be generated for all opaque types
#[derive(Debug)]
pub enum GenerateMemberConstraints {
/// The default, used by typeck
WhenRequired,
Expand Down Expand Up @@ -183,6 +189,10 @@ impl<'a, 'tcx> InferCtxtExt<'tcx> for InferCtxt<'a, 'tcx> {
/// obligations
/// - `value` -- the value within which we are instantiating opaque types
/// - `value_span` -- the span where the value came from, used in error reporting
#[instrument(level = "debug", skip(self))]
// FIXME(oli-obk): this function is invoked twice: once with the crate root, and then for each body that
// actually could be a defining use. It is unclear to me why we run all of it twice. Figure out what
// happens and document that or fix it.
fn instantiate_opaque_types<T: TypeFoldable<'tcx>>(
&self,
parent_def_id: LocalDefId,
Expand All @@ -191,11 +201,6 @@ impl<'a, 'tcx> InferCtxtExt<'tcx> for InferCtxt<'a, 'tcx> {
value: T,
value_span: Span,
) -> InferOk<'tcx, (T, OpaqueTypeMap<'tcx>)> {
debug!(
"instantiate_opaque_types(value={:?}, parent_def_id={:?}, body_id={:?}, \
param_env={:?}, value_span={:?})",
value, parent_def_id, body_id, param_env, value_span,
);
let mut instantiator = Instantiator {
infcx: self,
parent_def_id,
Expand Down Expand Up @@ -389,22 +394,19 @@ impl<'a, 'tcx> InferCtxtExt<'tcx> for InferCtxt<'a, 'tcx> {
}

/// See `constrain_opaque_types` for documentation.
#[instrument(level = "debug", skip(self, free_region_relations))]
fn constrain_opaque_type<FRR: FreeRegionRelations<'tcx>>(
&self,
def_id: DefId,
opaque_defn: &OpaqueTypeDecl<'tcx>,
mode: GenerateMemberConstraints,
free_region_relations: &FRR,
) {
debug!("constrain_opaque_type()");
debug!("constrain_opaque_type: def_id={:?}", def_id);
debug!("constrain_opaque_type: opaque_defn={:#?}", opaque_defn);

let tcx = self.tcx;

let concrete_ty = self.resolve_vars_if_possible(opaque_defn.concrete_ty);

debug!("constrain_opaque_type: concrete_ty={:?}", concrete_ty);
debug!(?concrete_ty);

let first_own_region = match opaque_defn.origin {
hir::OpaqueTyOrigin::FnReturn | hir::OpaqueTyOrigin::AsyncFn => {
Expand Down Expand Up @@ -432,11 +434,11 @@ impl<'a, 'tcx> InferCtxtExt<'tcx> for InferCtxt<'a, 'tcx> {
// If there are required region bounds, we can use them.
if opaque_defn.has_required_region_bounds {
let bounds = tcx.explicit_item_bounds(def_id);
debug!("constrain_opaque_type: predicates: {:#?}", bounds);
debug!(?bounds, "predicates");
let bounds: Vec<_> =
bounds.iter().map(|(bound, _)| bound.subst(tcx, opaque_defn.substs)).collect();
debug!("constrain_opaque_type: bounds={:#?}", bounds);
let opaque_type = tcx.mk_opaque(def_id, opaque_defn.substs);
bounds.iter().map(|(bound, _)| bound.subst(tcx, opaque_defn.substs[0])).collect();
debug!(?bounds);
let opaque_type = tcx.mk_opaque(def_id, opaque_defn.substs[0]);

let required_region_bounds =
required_region_bounds(tcx, opaque_type, bounds.into_iter());
Expand All @@ -462,15 +464,15 @@ impl<'a, 'tcx> InferCtxtExt<'tcx> for InferCtxt<'a, 'tcx> {
// second.
let mut least_region = None;

for subst_arg in &opaque_defn.substs[first_own_region..] {
for subst_arg in &opaque_defn.substs[0][first_own_region..] {
let subst_region = match subst_arg.unpack() {
GenericArgKind::Lifetime(r) => r,
GenericArgKind::Type(_) | GenericArgKind::Const(_) => continue,
};

// Compute the least upper bound of it with the other regions.
debug!("constrain_opaque_types: least_region={:?}", least_region);
debug!("constrain_opaque_types: subst_region={:?}", subst_region);
debug!(?least_region);
debug!(?subst_region);
match least_region {
None => least_region = Some(subst_region),
Some(lr) => {
Expand Down Expand Up @@ -535,7 +537,7 @@ impl<'a, 'tcx> InferCtxtExt<'tcx> for InferCtxt<'a, 'tcx> {
// type can be equal to any of the region parameters of the
// opaque type definition.
let choice_regions: Lrc<Vec<ty::Region<'tcx>>> = Lrc::new(
opaque_defn.substs[first_own_region..]
opaque_defn.substs[0][first_own_region..]
.iter()
.filter_map(|arg| match arg.unpack() {
GenericArgKind::Lifetime(r) => Some(r),
Expand Down Expand Up @@ -997,8 +999,8 @@ struct Instantiator<'a, 'tcx> {
}

impl<'a, 'tcx> Instantiator<'a, 'tcx> {
#[instrument(level = "debug", skip(self))]
fn instantiate_opaque_types_in_map<T: TypeFoldable<'tcx>>(&mut self, value: T) -> T {
debug!("instantiate_opaque_types_in_map(value={:?})", value);
let tcx = self.infcx.tcx;
value.fold_with(&mut BottomUpFolder {
tcx,
Expand Down Expand Up @@ -1075,12 +1077,7 @@ impl<'a, 'tcx> Instantiator<'a, 'tcx> {
return self.fold_opaque_ty(ty, def_id.to_def_id(), substs, origin);
}

debug!(
"instantiate_opaque_types_in_map: \
encountered opaque outside its definition scope \
def_id={:?}",
def_id,
);
debug!(?def_id, "encountered opaque outside its definition scope");
}
}

Expand All @@ -1091,6 +1088,7 @@ impl<'a, 'tcx> Instantiator<'a, 'tcx> {
})
}

#[instrument(level = "debug", skip(self))]
fn fold_opaque_ty(
&mut self,
ty: Ty<'tcx>,
Expand All @@ -1101,21 +1099,45 @@ impl<'a, 'tcx> Instantiator<'a, 'tcx> {
let infcx = self.infcx;
let tcx = infcx.tcx;

debug!("instantiate_opaque_types: Opaque(def_id={:?}, substs={:?})", def_id, substs);

// Use the same type variable if the exact same opaque type appears more
// than once in the return type (e.g., if it's passed to a type alias).
if let Some(opaque_defn) = self.opaque_types.get(&def_id) {
debug!("instantiate_opaque_types: returning concrete ty {:?}", opaque_defn.concrete_ty);
return opaque_defn.concrete_ty;
// than once in a function (e.g., if it's passed to a type alias).
if let Some(opaque_defn) = self.opaque_types.get_mut(&def_id) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I feel like the right behavior here is to key by def-id+substs. We know that the substs are always universally quantified placeholders, right?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The substs here are concrete types from the function. I don't understand what universally quantified placeholders mean here

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Keying by DefId+substs makes sense though. We'll get two type variables, and then we can figure out whether they are compatible in the same pass that does it cross-function

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"Universally quantified placeholders" is jargon for the "generic parameters on the fn that we are type-checking". i.e., when we treat a parameter T as a kind of placeholder for "some type". "universally quantified' is because there is a "forall" quantifier on the function.

debug!(?opaque_defn, "found already known concrete type");
if opaque_defn.substs.contains(&substs) {
// Already seen this concrete type
return opaque_defn.concrete_ty;
} else {
// Don't emit multiple errors for the same set of substs
opaque_defn.substs.push(substs);
opaque_defn.concrete_ty = tcx.ty_error_with_message(
self.value_span,
"defining use generics differ from previous defining use",
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

(Just a note that I think we could say this in a clearer way; I doubt users know what a defining use is, etc)

);
tcx.sess
.struct_span_err(
self.value_span,
&format!(
"defining use generics `{:?}` differ from previous defining use",
substs
),
)
.span_note(
opaque_defn.definition_span,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we check whether this and self.value_span are the same, and if they are, emit a different note or span_label?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I made a note of this, but it may become obsolete once I tackle all these spans in a more general manner.

&format!(
"previous defining use with different generics `{:?}` found here",
opaque_defn.substs[0]
),
)
.emit();
}
}
let span = tcx.def_span(def_id);
debug!("fold_opaque_ty {:?} {:?}", self.value_span, span);
debug!(?self.value_span, ?span);
let ty_var = infcx
.next_ty_var(TypeVariableOrigin { kind: TypeVariableOriginKind::TypeInference, span });

let item_bounds = tcx.explicit_item_bounds(def_id);
debug!("instantiate_opaque_types: bounds={:#?}", item_bounds);
debug!(?item_bounds);
let bounds: Vec<_> =
item_bounds.iter().map(|(bound, _)| bound.subst(tcx, substs)).collect();

Expand All @@ -1124,16 +1146,16 @@ impl<'a, 'tcx> Instantiator<'a, 'tcx> {
infcx.partially_normalize_associated_types_in(span, self.body_id, param_env, bounds);
self.obligations.extend(obligations);

debug!("instantiate_opaque_types: bounds={:?}", bounds);
debug!(?bounds);

let required_region_bounds = required_region_bounds(tcx, ty, bounds.iter().copied());
debug!("instantiate_opaque_types: required_region_bounds={:?}", required_region_bounds);
debug!(?required_region_bounds);

// Make sure that we are in fact defining the *entire* type
// (e.g., `type Foo<T: Bound> = impl Bar;` needs to be
// defined by a function like `fn foo<T: Bound>() -> Foo<T>`).
debug!("instantiate_opaque_types: param_env={:#?}", self.param_env,);
debug!("instantiate_opaque_types: generics={:#?}", tcx.generics_of(def_id),);
debug!(?self.param_env,);
debug!(generics= ?tcx.generics_of(def_id),);

// Ideally, we'd get the span where *this specific `ty` came
// from*, but right now we just use the span from the overall
Expand All @@ -1142,18 +1164,22 @@ impl<'a, 'tcx> Instantiator<'a, 'tcx> {
// Foo, impl Bar)`.
let definition_span = self.value_span;

self.opaque_types.insert(
def_id,
OpaqueTypeDecl {
opaque_type: ty,
substs,
definition_span,
concrete_ty: ty_var,
has_required_region_bounds: !required_region_bounds.is_empty(),
origin,
},
);
debug!("instantiate_opaque_types: ty_var={:?}", ty_var);
// We only keep the first concrete type var, as we will already error
// out if there are multiple due to the conflicting obligations
if !self.opaque_types.contains_key(&def_id) {
self.opaque_types.insert(
def_id,
OpaqueTypeDecl {
opaque_type: ty,
substs: smallvec![substs],
definition_span,
concrete_ty: ty_var,
has_required_region_bounds: !required_region_bounds.is_empty(),
origin,
},
);
}
debug!(?ty_var);

for predicate in &bounds {
if let ty::PredicateKind::Projection(projection) = predicate.kind().skip_binder() {
Expand Down
2 changes: 1 addition & 1 deletion compiler/rustc_typeck/src/check/check.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -741,7 +741,7 @@ fn check_opaque_meets_bounds<'tcx>(
for (def_id, opaque_defn) in opaque_type_map {
match infcx
.at(&misc_cause, param_env)
.eq(opaque_defn.concrete_ty, tcx.type_of(def_id).subst(tcx, opaque_defn.substs))
.eq(opaque_defn.concrete_ty, tcx.type_of(def_id).subst(tcx, opaque_defn.substs[0]))
{
Ok(infer_ok) => inh.register_infer_ok_obligations(infer_ok),
Err(ty_err) => tcx.sess.delay_span_bug(
Expand Down
2 changes: 1 addition & 1 deletion compiler/rustc_typeck/src/check/fn_ctxt/_impl.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -399,8 +399,8 @@ impl<'a, 'tcx> FnCtxt<'a, 'tcx> {
}
}
}
let _ = opaque_types.insert(ty, decl);
let _ = opaque_types_vars.insert(decl.concrete_ty, decl.opaque_type);
let _ = opaque_types.insert(ty, decl);
}

value
Expand Down
6 changes: 3 additions & 3 deletions compiler/rustc_typeck/src/check/wfcheck.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -915,19 +915,19 @@ fn check_fn_or_method<'fcx, 'tcx>(
/// fn b<T>() -> Foo<T, u32> { .. }
/// ```
///
#[instrument(level = "debug", skip(tcx, fcx))]
fn check_opaque_types<'fcx, 'tcx>(
tcx: TyCtxt<'tcx>,
fcx: &FnCtxt<'fcx, 'tcx>,
fn_def_id: LocalDefId,
span: Span,
ty: Ty<'tcx>,
) {
trace!("check_opaque_types(ty={:?})", ty);
ty.fold_with(&mut ty::fold::BottomUpFolder {
tcx: fcx.tcx,
ty_op: |ty| {
if let ty::Opaque(def_id, substs) = *ty.kind() {
trace!("check_opaque_types: opaque_ty, {:?}, {:?}", def_id, substs);
trace!(?def_id, ?substs, "opaque type");
let generics = tcx.generics_of(def_id);

let opaque_hir_id = if let Some(local_id) = def_id.as_local() {
Expand Down Expand Up @@ -965,7 +965,7 @@ fn check_opaque_types<'fcx, 'tcx>(
if !may_define_opaque_type(tcx, fn_def_id, opaque_hir_id) {
return ty;
}
trace!("check_opaque_types: may define, generics={:#?}", generics);
trace!(?generics, "may define");
let mut seen_params: FxHashMap<_, Vec<_>> = FxHashMap::default();
for (i, arg) in substs.iter().enumerate() {
let arg_is_param = match arg.unpack() {
Expand Down
11 changes: 7 additions & 4 deletions compiler/rustc_typeck/src/check/writeback.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -515,7 +515,7 @@ impl<'cx, 'tcx> WritebackCx<'cx, 'tcx> {
// figures out the concrete type with `U`, but the stored type is with `T`.
let definition_ty = self.fcx.infer_opaque_definition_from_instantiation(
def_id,
opaque_defn.substs,
opaque_defn.substs[0],
instantiated_ty,
span,
);
Expand All @@ -535,7 +535,7 @@ impl<'cx, 'tcx> WritebackCx<'cx, 'tcx> {
}
}

if !opaque_defn.substs.needs_infer() {
if !opaque_defn.substs[0].needs_infer() {
// We only want to add an entry into `concrete_opaque_types`
// if we actually found a defining usage of this opaque type.
// Otherwise, we do nothing - we'll either find a defining usage
Expand All @@ -544,12 +544,15 @@ impl<'cx, 'tcx> WritebackCx<'cx, 'tcx> {
if !skip_add {
let new = ty::ResolvedOpaqueTy {
concrete_type: definition_ty,
substs: opaque_defn.substs,
substs: opaque_defn.substs[0],
};

debug!(?def_id, ?new, "inserting opaque type resolution");
let old = self.typeck_results.concrete_opaque_types.insert(def_id, new);
if let Some(old) = old {
if old.concrete_type != definition_ty || old.substs != opaque_defn.substs {
debug!(?old, "duplicate insertion");
if old.concrete_type != definition_ty || old.substs != opaque_defn.substs[0]
{
span_bug!(
span,
"`visit_opaque_types` tried to write different types for the same \
Expand Down
5 changes: 4 additions & 1 deletion compiler/rustc_typeck/src/collect/type_of.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -540,7 +540,10 @@ fn find_opaque_ty_constraints(tcx: TyCtxt<'_>, def_id: LocalDefId) -> Ty<'_> {
}

if let Some((prev_span, prev_ty)) = self.found {
if *concrete_type != prev_ty {
if *concrete_type != prev_ty
&& !concrete_type.references_error()
&& !prev_ty.references_error()
{
debug!("find_opaque_ty_constraints: span={:?}", span);
// Found different concrete types for the opaque type.
let mut err = self.tcx.sess.struct_span_err(
Expand Down
Loading