Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.
Sign upLifetime bounds on structs do not entirely constrain impl fns #28609
Comments
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
|
Minified: struct S<'a, 'b: 'a>(Option<&'a &'b ()>);
impl<'a, 'b> S<'a, 'b> {
fn xform(&self, a: &'b mut u32) -> &'a mut u32 {
a
}
}
fn return_dangling_pointer<'a>(s: S<'a, 'a>) -> &'a mut u32 {
s.xform(&mut 3)
}
fn main() {
let s = S(None);
let a = return_dangling_pointer(s);
println!("{}", a);
} |
This comment has been minimized.
This comment has been minimized.
|
If you use a trait impl or UFCS instead of an inherent impl, the error is reported correctly. |
arielb1
added
the
I-nominated
label
Sep 25, 2015
This comment has been minimized.
This comment has been minimized.
|
This is a nasty soundness bug. I think its a just-a-bug I can fix. |
This comment has been minimized.
This comment has been minimized.
|
Can also be done via use std::ops::Deref;
struct S<'a, 'b: 'a>(Option<&'a &'b ()>, &'b u32);
impl<'a, 'b> Deref for S<'a, 'b> {
type Target = &'a u32;
fn deref(&self) -> &&'a u32 {
&self.1
}
}
fn return_dangling_pointer<'a>(s: S<'a, 'a>) -> &'a u32 {
let four = 4;
let mut s = s;
s.1 = &four;
&s // or &*s
}
fn main() {
let temp = &42;
let ptr = return_dangling_pointer(S(None,&temp));
println!("{}", ptr);
} |
This comment has been minimized.
This comment has been minimized.
|
Also via overloaded ops: use std::ops::Shl;
struct S<'a, 'b: 'a>(Option<&'a &'b ()>);
impl<'a, 'b> Shl<&'b u32> for S<'a, 'b> {
type Output = &'a u32;
fn shl(self, t: &'b u32) -> &'a u32 { t }
}
fn return_dangling_pointer<'a>(s: S<'a, 'a>) -> &'a u32 {
let s = s;
s << &mut 3 /* avoid promotion */
}
fn main() {
let a = return_dangling_pointer(S(None));
println!("{}", a);
} |
arielb1
added
the
T-compiler
label
Sep 25, 2015
arielb1
pushed a commit
to arielb1/rust
that referenced
this issue
Sep 26, 2015
arielb1
referenced this issue
Sep 26, 2015
Merged
Ensure the types of methods are well-formed #28669
arielb1
added a commit
to arielb1/rust
that referenced
this issue
Sep 26, 2015
arielb1
pushed a commit
to arielb1/rust
that referenced
this issue
Sep 29, 2015
This comment has been minimized.
This comment has been minimized.
|
triage: P-high |
rust-highfive
added
P-high
and removed
I-nominated
labels
Oct 1, 2015
arielb1
added a commit
to arielb1/rust
that referenced
this issue
Oct 2, 2015
bors
added a commit
that referenced
this issue
Oct 3, 2015
bors
closed this
in
#28669
Oct 3, 2015
bluss
added
the
I-unsound 💥
label
Oct 4, 2015
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
talchas commentedSep 23, 2015
compiles. As far as I can tell, the bound on 'b is checked in the definitions of the functions, but isn't checked in the use of them. As a concrete example of this Kimundi/scoped-threadpool-rs#8 ( https://play.rust-lang.org/?gist=870da1405ea15e80f778&version=nightly ) will allow the incorrect use of ScopeRef in the test, while copying the bounds from the struct definition to the impl definition correctly rejects it.