Skip to content

/rust

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

DST coercions are prevented by phantom data #26905

Closed
Gankro opened this Issue Jul 8, 2015 · 4 comments

Comments

Assignees
No one assigned
Labels
A-dst P-high
Projects
None yet
Milestone
No milestone
4 participants
@Gankro @nrc @eddyb @arielb1
@Gankro
Copy link
Contributor

Gankro commented Jul 8, 2015

This prevents Rc from having a sound definition with respect to dropcheck

#![feature(unsize, coerce_unsized)]

use std::marker::{Unsize, PhantomData};
use std::ops::CoerceUnsized;

struct MyRc<T: ?Sized> {
    ptr: *const T,
    _boo: PhantomData<T>,
}

impl<T: ?Sized + Unsize<U>, U: ?Sized> CoerceUnsized<MyRc<U>> for MyRc<T>{ }

fn main() {}
<anon>:11:1: 11:77 error: the trait `CoerceUnsized` may only be implemented for a coercion between structures with one field being coerced, but 2 fields need coercions: ptr (*const T to *const U), _boo (core::marker::PhantomData<T> to core::marker::PhantomData<U>) [E0375]
<anon>:11 impl<T: ?Sized + Unsize<U>, U: ?Sized> CoerceUnsized<MyRc<U>> for MyRc<T>{ }
          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
error: aborting due to previous error

@Gankro Gankro added the P-high label Jul 8, 2015

@Gankro

This comment has been minimized.

Sign in to view
Copy link
Contributor Author

Gankro commented Jul 8, 2015

CC @nrc @eddyb

@Gankro Gankro added the A-dst label Jul 8, 2015

@nrc

This comment has been minimized.

Sign in to view
Copy link
Member

nrc commented Jul 9, 2015

I think DST coercions should just ignore all zero-sized fields
@eddyb

This comment has been minimized.

Sign in to view
Copy link
Member

eddyb commented Jul 9, 2015

@nrc the only immediate solution would be ignoring PhantomData. Actually, that's still problematic.
I guess would could ignore PhantomData<T> -> PhantomData<U> where T: Unsize<U>.
Otherwise, it's possible to construct a type where coercing can modify its properties in an incompatible way.
Although, could it lead to memory safety, if no unsafe code is used with it?
@arielb1

This comment has been minimized.

Sign in to view
Copy link
Contributor

arielb1 commented Jul 9, 2015

@eddyb

I don't think PhantomData serves as a witness today (and you have to implement Unsize for this to be important).

This was referenced Aug 3, 2015

Merged
Closed

@Gankro Gankro referenced this issue Aug 12, 2015

Closed

Tracking issue for `NonZero`/`Unique`/`Shared` stabilization #27730

@ebfull ebfull referenced this issue Sep 13, 2015

Merged

Implement RFC 1234: Ignore PhantomData when checking CoerceUnsized implementations #28381

bors added a commit that referenced this issue Sep 17, 2015

@bors
Auto merge of #28381 - ebfull:aint-fraid-a-no-ghosts-redux, r=me 
#27483 redux at Gankro's request.

Fixes #26905, Closes #28239

r? @nrc
Loading status checks…
89faafc

@bors bors closed this in #28381 Sep 17, 2015

@Gankro Gankro referenced this issue Oct 16, 2015

Closed

`Arc` and `Rc` are dropck-unsound #29106

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.