Auto merge of #66037 - nikomatsakis:degenerate-object-safe-issue-57893, r=<try>

bors · bors · commit d27c6c6a469a · 2020-01-14T00:36:38.000Z
[wip] degenerate object safety check for crater The purpose of this PR is just to be able to do a crater run to assess the impact of the proposed fix for #57893. With this fix: * traits that are implemented for unsized types are not dyn safe * unless they are marked `#[rustc_dyn]` (this would eventually be `dyn trait`) r? @nikomatsakis -- this doesn't need review, won't land in this form
diff --git a/src/librustc/traits/object_safety.rs b/src/librustc/traits/object_safety.rs
@@ -12,11 +12,11 @@ use super::elaborate_predicates;
 
 use crate::traits::{self, Obligation, ObligationCause};
 use crate::ty::subst::{InternalSubsts, Subst};
-use crate::ty::{self, Predicate, ToPredicate, Ty, TyCtxt, TypeFoldable};
+use crate::ty::{self, ParamTy, Predicate, ToPredicate, Ty, TyCtxt, TypeFoldable};
 use rustc_hir as hir;
 use rustc_hir::def_id::DefId;
 use rustc_session::lint::builtin::WHERE_CLAUSES_OBJECT_SAFETY;
-use rustc_span::symbol::Symbol;
+use rustc_span::symbol::{sym, Symbol};
 use rustc_span::{Span, DUMMY_SP};
 use syntax::ast;
 
@@ -269,6 +269,66 @@ fn predicates_reference_self(tcx: TyCtxt<'_>, trait_def_id: DefId, supertraits_o
         })
 }
 
+fn generics_require_sized_param(tcx: TyCtxt<'_>, def_id: DefId, param_ty: ParamTy) -> bool {
+    debug!("generics_require_sized_param(def_id={:?}, param_ty={:?})", def_id, param_ty);
+
+    let sized_def_id = match tcx.lang_items().sized_trait() {
+        Some(def_id) => def_id,
+        None => {
+            return false; /* No Sized trait, can't require it! */
+        }
+    };
+
+    // Search for a predicate like `Self : Sized` amongst the trait bounds.
+    let predicates = tcx.predicates_of(def_id);
+    let predicates = predicates.instantiate_identity(tcx).predicates;
+    predicates.iter().any(|predicate| match predicate {
+        ty::Predicate::Trait(ref trait_pred) => {
+            debug!("generics_require_sized_param: trait_pred = {:?}", trait_pred);
+
+            trait_pred.def_id() == sized_def_id
+                && trait_pred.skip_binder().self_ty().is_param(param_ty.index)
+        }
+        ty::Predicate::Projection(..)
+        | ty::Predicate::Subtype(..)
+        | ty::Predicate::RegionOutlives(..)
+        | ty::Predicate::WellFormed(..)
+        | ty::Predicate::ObjectSafe(..)
+        | ty::Predicate::ClosureKind(..)
+        | ty::Predicate::TypeOutlives(..)
+        | ty::Predicate::ConstEvaluatable(..) => false,
+    })
+}
+
+/// Searches for an impl that potentially overlaps `dyn Trait`
+/// (where `Trait` is the trait with def-id `trait_def_id`). This
+/// is used to distinguish between a trait being **fully**
+/// object-safe and being **degenerate** object-safe -- the latter
+/// means that we permit `dyn Foo` but we do not supply a `dyn
+/// Foo: Foo` impl.
+fn impl_potentially_overlapping_dyn_trait(tcx: TyCtxt<'_>, trait_def_id: DefId) -> bool {
+    debug!("impl_potentially_overlapping_dyn_trait({:?})", trait_def_id);
+    let mut found_match = false;
+    tcx.for_each_impl(trait_def_id, |impl_def_id| {
+        let impl_self_ty = tcx.type_of(impl_def_id);
+        match impl_self_ty.kind {
+            ty::Param(param_ty) => {
+                if !generics_require_sized_param(tcx, impl_def_id, param_ty) {
+                    found_match = true;
+                    debug!("Match found = {}; for param_ty {}", found_match, param_ty.name);
+                    tcx.sess.span_warn(
+                        tcx.def_span(impl_def_id),
+                        "impl_potentially_overlapping_dyn_trait",
+                    );
+                }
+            }
+            _ => (),
+        }
+    });
+
+    found_match
+}
+
 fn trait_has_sized_self(tcx: TyCtxt<'_>, trait_def_id: DefId) -> bool {
     generics_require_sized_self(tcx, trait_def_id)
 }
@@ -417,7 +477,7 @@ fn virtual_call_violation_for_method<'tcx>(
                         tcx.def_span(method.def_id),
                         &format!(
                             "receiver when `Self = {}` should have a ScalarPair ABI; \
-                                 found {:?}",
+                             found {:?}",
                             trait_object_ty, abi
                         ),
                     );
@@ -716,13 +776,37 @@ fn contains_illegal_self_type_reference<'tcx>(
                 }
             }
 
-            _ => true, // walk contained types, if any
+            _ => true,
         }
     });
 
     error
 }
 
 pub(super) fn is_object_safe_provider(tcx: TyCtxt<'_>, trait_def_id: DefId) -> bool {
-    object_safety_violations(tcx, trait_def_id).is_empty()
+    object_safety_violations(tcx, trait_def_id).is_empty() && {
+        if tcx.has_attr(trait_def_id, sym::rustc_dyn) {
+            true
+        } else {
+            // Issue #57893. A trait cannot be considered dyn-safe if:
+            //
+            // (a) it has associated items that are not functions and
+            // (b) it has a potentially dyn-overlapping impl.
+            //
+            // Why don't functions matter? Because we never resolve
+            // them to their normalizd type until code generation
+            // time, in short.
+            let has_associated_non_fn = traits::supertrait_def_ids(tcx, trait_def_id)
+                .flat_map(|def_id| tcx.associated_items(def_id))
+                .any(|assoc_item| match assoc_item.kind {
+                    ty::AssocKind::Method => false,
+                    ty::AssocKind::Type | ty::AssocKind::OpaqueTy | ty::AssocKind::Const => true,
+                });
+
+            let not_object_safe =
+                has_associated_non_fn && impl_potentially_overlapping_dyn_trait(tcx, trait_def_id);
+
+            !not_object_safe
+        }
+    }
 }
diff --git a/src/librustc_data_structures/lib.rs b/src/librustc_data_structures/lib.rs
@@ -23,6 +23,7 @@
 #![feature(integer_atomics)]
 #![feature(test)]
 #![feature(associated_type_bounds)]
+#![feature(rustc_attrs)]
 #![cfg_attr(unix, feature(libc))]
 #![allow(rustc::default_hash_types)]
 
diff --git a/src/librustc_data_structures/sync.rs b/src/librustc_data_structures/sync.rs
@@ -29,6 +29,7 @@ pub use std::sync::atomic::Ordering::SeqCst;
 cfg_if! {
     if #[cfg(not(parallel_compiler))] {
         pub auto trait Send {}
+
         pub auto trait Sync {}
 
         impl<T: ?Sized> Send for T {}
diff --git a/src/librustc_feature/builtin_attrs.rs b/src/librustc_feature/builtin_attrs.rs
@@ -536,6 +536,7 @@ pub const BUILTIN_ATTRIBUTES: &[BuiltinAttribute] = &[
     // Internal attributes, Testing:
     // ==========================================================================
 
+    rustc_attr!(TEST, rustc_dyn, Whitelisted, template!(Word)),
     rustc_attr!(TEST, rustc_outlives, Normal, template!(Word)),
     rustc_attr!(TEST, rustc_variance, Normal, template!(Word)),
     rustc_attr!(TEST, rustc_layout, Normal, template!(List: "field1, field2, ...")),
diff --git a/src/librustc_span/symbol.rs b/src/librustc_span/symbol.rs
@@ -620,6 +620,7 @@ symbols! {
         rustc_dump_env_program_clauses,
         rustc_dump_program_clauses,
         rustc_dump_user_substs,
+        rustc_dyn,
         rustc_error,
         rustc_expected_cgu_reuse,
         rustc_if_this_changed,
