lint implied bounds from trait impl

Author: spastorino

compiler/rustc_hir_analysis/src/check/wfcheck.rs

@@ -110,8 +110,6 @@ where
 
     let assumed_wf_types = wfcx.ocx.assumed_wf_types_and_report_errors(param_env, body_def_id)?;
 
-    let implied_bounds = infcx.implied_bounds_tys_compat(param_env, body_def_id, assumed_wf_types);
-
     let errors = wfcx.select_all_or_error();
     if !errors.is_empty() {
         let err = infcx.err_ctxt().report_fulfillment_errors(errors);
@@ -126,9 +124,46 @@ where
         }
     }
 
+    let infcx_compat = infcx.fork();
+
+    let implied_bounds = infcx.implied_bounds_tys(param_env, &assumed_wf_types);
+    let outlives_env = OutlivesEnvironment::with_bounds(param_env, implied_bounds);
+
+    let errors = infcx.resolve_regions(&outlives_env);
+    if errors.is_empty() {
+        return Ok(());
+    }
+
+    let implied_bounds =
+        infcx_compat.implied_bounds_tys_compat(param_env, body_def_id, assumed_wf_types);
     let outlives_env = OutlivesEnvironment::with_bounds(param_env, implied_bounds);
+    let errors_compat = infcx_compat.resolve_regions(&outlives_env);
+    if !errors_compat.is_empty() {
+        return Err(infcx_compat.err_ctxt().report_region_errors(body_def_id, &errors_compat));
+    }
+
+    let hir_id = tcx.local_def_id_to_hir_id(body_def_id);
+    let (lint_level, _) = tcx
+        .lint_level_at_node(rustc_session::lint::builtin::IMPLIED_BOUNDS_FROM_TRAIT_IMPL, hir_id);
+    tcx.struct_span_lint_hir(
+        rustc_session::lint::builtin::IMPLIED_BOUNDS_FROM_TRAIT_IMPL,
+        hir_id,
+        tcx.def_span(body_def_id),
+        format!("{} is missing necessary lifetime bounds", tcx.def_descr(body_def_id.into())),
+        |lint| {
+            if !lint_level.is_error() {
+                lint.note(
+                    "to get more detailed errors, use `#[deny(implied_bounds_from_trait_impl)]`",
+                )
+            } else {
+                lint.note("more concrete lifetime errors are emitted below")
+            }
+        },
+    );
+    if lint_level.is_error() {
+        infcx.err_ctxt().report_region_errors(body_def_id, &errors);
+    }
 
-    wfcx.ocx.resolve_regions_and_report_errors(body_def_id, &outlives_env)?;
     infcx.tainted_by_errors().error_reported()
 }
 

compiler/rustc_lint_defs/src/builtin.rs

@@ -3388,6 +3388,7 @@ declare_lint_pass! {
         ILL_FORMED_ATTRIBUTE_INPUT,
         ILLEGAL_FLOATING_POINT_LITERAL_PATTERN,
         IMPLIED_BOUNDS_ENTAILMENT,
+        IMPLIED_BOUNDS_FROM_TRAIT_IMPL,
         INCOMPLETE_INCLUDE,
         INDIRECT_STRUCTURAL_MATCH,
         INEFFECTIVE_UNSTABLE_TRAIT_IMPL,
@@ -4620,3 +4621,44 @@ declare_lint! {
         reference: "issue #115010 <https://github.com/rust-lang/rust/issues/115010>",
     };
 }
+
+declare_lint! {
+    /// The `implied_bounds_from_trait_impl` lint detects
+    /// a compiler bug allowed some code to assume invalid implied lifetime bounds.
+    ///
+    /// ### Example
+    ///
+    /// ```rust,compile_fail
+    /// #![deny(implied_bounds_from_trait_impl)]
+    ///
+    /// trait Trait {
+    ///     type Assoc;
+    /// }
+    ///
+    /// impl<X: 'static> Trait for (X,) {
+    ///     type Assoc = ();
+    /// }
+    ///
+    /// struct Foo<T: Trait>(T)
+    /// where
+    ///     T::Assoc: Clone; // any bound using `T::Assoc`
+    ///
+    /// fn func(foo: Foo<(&str,)>) {
+    ///     let _: &'static str = foo.0.0;
+    /// }
+    /// ```
+    ///
+    /// {{produces}}
+    ///
+    /// ### Explanation
+    ///
+    /// FIXME: explanataion
+    ///
+    pub IMPLIED_BOUNDS_FROM_TRAIT_IMPL,
+    Warn,
+    "item uses illegal implied bounds derived from a trait impl",
+    @future_incompatible = FutureIncompatibleInfo {
+        reason: FutureIncompatibilityReason::FutureReleaseErrorDontReportInDeps,
+        reference: "issue #109628 <https://github.com/rust-lang/rust/issues/109628>",
+    };
+}

compiler/rustc_middle/src/query/erase.rs

@@ -74,6 +74,10 @@ impl<T> EraseType for Result<&'_ T, traits::query::NoSolution> {
     type Result = [u8; size_of::<Result<&'static (), traits::query::NoSolution>>()];
 }
 
+impl<T> EraseType for Result<&'_ [T], traits::query::NoSolution> {
+    type Result = [u8; size_of::<Result<&'static [()], traits::query::NoSolution>>()];
+}
+
 impl<T> EraseType for Result<&'_ T, rustc_errors::ErrorGuaranteed> {
     type Result = [u8; size_of::<Result<&'static (), rustc_errors::ErrorGuaranteed>>()];
 }

compiler/rustc_middle/src/query/mod.rs

@@ -1962,6 +1962,15 @@ rustc_queries! {
         desc { "computing implied outlives bounds for `{}`", goal.value.value }
     }
 
+    query implied_outlives_bounds(
+        goal: ty::ParamEnvAnd<'tcx, Ty<'tcx>>
+    ) -> Result<
+        &'tcx [OutlivesBound<'tcx>],
+        NoSolution,
+    > {
+        desc { "computing implied outlives bounds v2 for `{}`", goal.value }
+    }
+
     /// Do not call this query directly:
     /// invoke `DropckOutlives::new(dropped_ty)).fully_perform(typeck.infcx)` instead.
     query dropck_outlives(

compiler/rustc_middle/src/traits/query.rs

@@ -191,7 +191,7 @@ pub struct NormalizationResult<'tcx> {
 /// case they are called implied bounds). They are fed to the
 /// `OutlivesEnv` which in turn is supplied to the region checker and
 /// other parts of the inference system.
-#[derive(Clone, Debug, TypeFoldable, TypeVisitable, HashStable)]
+#[derive(Copy, Clone, Debug, TypeFoldable, TypeVisitable, HashStable)]
 pub enum OutlivesBound<'tcx> {
     RegionSubRegion(ty::Region<'tcx>, ty::Region<'tcx>),
     RegionSubParam(ty::Region<'tcx>, ty::ParamTy),

compiler/rustc_trait_selection/src/traits/outlives_bounds.rs

@@ -9,6 +9,7 @@ use rustc_span::def_id::LocalDefId;
 
 pub use rustc_middle::traits::query::OutlivesBound;
 
+pub type BoundsCompat<'a, 'tcx: 'a> = impl Iterator<Item = OutlivesBound<'tcx>> + 'a;
 pub type Bounds<'a, 'tcx: 'a> = impl Iterator<Item = OutlivesBound<'tcx>> + 'a;
 pub trait InferCtxtExt<'a, 'tcx> {
     fn implied_outlives_bounds_compat(
@@ -23,6 +24,12 @@ pub trait InferCtxtExt<'a, 'tcx> {
         param_env: ty::ParamEnv<'tcx>,
         body_id: LocalDefId,
         tys: FxIndexSet<Ty<'tcx>>,
+    ) -> BoundsCompat<'a, 'tcx>;
+
+    fn implied_bounds_tys(
+        &'a self,
+        param_env: ty::ParamEnv<'tcx>,
+        tys: &'a FxIndexSet<Ty<'tcx>>,
     ) -> Bounds<'a, 'tcx>;
 }
 
@@ -126,8 +133,27 @@ impl<'a, 'tcx: 'a> InferCtxtExt<'a, 'tcx> for InferCtxt<'tcx> {
         param_env: ParamEnv<'tcx>,
         body_id: LocalDefId,
         tys: FxIndexSet<Ty<'tcx>>,
-    ) -> Bounds<'a, 'tcx> {
+    ) -> BoundsCompat<'a, 'tcx> {
         tys.into_iter()
             .flat_map(move |ty| self.implied_outlives_bounds_compat(param_env, body_id, ty))
     }
+
+    fn implied_bounds_tys(
+        &'a self,
+        param_env: ParamEnv<'tcx>,
+        tys: &'a FxIndexSet<Ty<'tcx>>,
+    ) -> Bounds<'a, 'tcx> {
+        tys.iter()
+            .flat_map(move |&ty| {
+                let ty = self.resolve_vars_if_possible(ty);
+                let ty = OpportunisticRegionResolver::new(self).fold_ty(ty);
+
+                if ty.has_infer() {
+                    return &[] as &[OutlivesBound<'_>];
+                }
+
+                self.tcx.implied_outlives_bounds(param_env.and(ty)).unwrap_or(&[])
+            })
+            .copied()
+    }
 }

compiler/rustc_trait_selection/src/traits/query/type_op/implied_outlives_bounds.rs

@@ -5,10 +5,13 @@ use crate::traits::ObligationCtxt;
 
 use rustc_infer::infer::canonical::Canonical;
 use rustc_infer::infer::outlives::components::{push_outlives_components, Component};
+use rustc_infer::infer::resolve::OpportunisticRegionResolver;
 use rustc_infer::traits::query::OutlivesBound;
 use rustc_middle::infer::canonical::CanonicalQueryResponse;
 use rustc_middle::traits::ObligationCause;
-use rustc_middle::ty::{self, ParamEnvAnd, Ty, TyCtxt, TypeVisitableExt};
+use rustc_middle::ty::{self, ParamEnvAnd, Ty, TyCtxt, TypeFolder, TypeVisitableExt};
+use rustc_span::def_id::CRATE_DEF_ID;
+use rustc_span::DUMMY_SP;
 use smallvec::{smallvec, SmallVec};
 
 #[derive(Copy, Clone, Debug, HashStable, TypeFoldable, TypeVisitable)]
@@ -52,7 +55,7 @@ impl<'tcx> super::QueryTypeOp<'tcx> for ImpliedOutlivesBounds<'tcx> {
         ocx: &ObligationCtxt<'_, 'tcx>,
         key: ParamEnvAnd<'tcx, Self>,
     ) -> Result<Self::QueryResponse, NoSolution> {
-        compute_implied_outlives_bounds_inner(ocx, key.param_env, key.value.ty)
+        compute_implied_outlives_bounds_compat_inner(ocx, key.param_env, key.value.ty)
     }
 }
 
@@ -63,20 +66,15 @@ pub fn compute_implied_outlives_bounds_inner<'tcx>(
     ocx: &ObligationCtxt<'_, 'tcx>,
     param_env: ty::ParamEnv<'tcx>,
     ty: Ty<'tcx>,
-) -> Result<Vec<OutlivesBound<'tcx>>, NoSolution> {
-    let normalize_op = |ty: Ty<'tcx>| {
-        let ty = if ocx.infcx.next_trait_solver() {
-            solve::deeply_normalize(ocx.infcx.at(&ObligationCause::dummy(), param_env), ty)
-                // FIXME(-Ztrait-solver=next)
-                .unwrap_or_else(|_errs| ty)
-        } else {
-            ocx.normalize(&ObligationCause::dummy(), param_env, ty)
-        };
+) -> Result<&'tcx [OutlivesBound<'tcx>], NoSolution> {
+    let normalize_op = |ty| {
+        let ty = ocx.normalize(&ObligationCause::dummy(), param_env, ty);
         if !ocx.select_all_or_error().is_empty() {
             return Err(NoSolution);
         }
         let ty = ocx.infcx.resolve_vars_if_possible(ty);
-        assert!(!ty.has_non_region_infer());
+        let ty = OpportunisticRegionResolver::new(&ocx.infcx).fold_ty(ty);
+        assert!(!ty.has_infer());
         Ok(ty)
     };
 
@@ -141,14 +139,148 @@ pub fn compute_implied_outlives_bounds_inner<'tcx>(
         }
     }
 
-    Ok(outlives_bounds)
+    Ok(ocx.infcx.tcx.arena.alloc_slice(&outlives_bounds))
+}
+
+pub fn compute_implied_outlives_bounds_compat_inner<'tcx>(
+    ocx: &ObligationCtxt<'_, 'tcx>,
+    param_env: ty::ParamEnv<'tcx>,
+    ty: Ty<'tcx>,
+) -> Result<Vec<OutlivesBound<'tcx>>, NoSolution> {
+    let tcx = ocx.infcx.tcx;
+
+    // Sometimes when we ask what it takes for T: WF, we get back that
+    // U: WF is required; in that case, we push U onto this stack and
+    // process it next. Because the resulting predicates aren't always
+    // guaranteed to be a subset of the original type, so we need to store the
+    // WF args we've computed in a set.
+    let mut checked_wf_args = rustc_data_structures::fx::FxHashSet::default();
+    let mut wf_args = vec![ty.into()];
+
+    let mut outlives_bounds: Vec<ty::OutlivesPredicate<ty::GenericArg<'tcx>, ty::Region<'tcx>>> =
+        vec![];
+
+    while let Some(arg) = wf_args.pop() {
+        if !checked_wf_args.insert(arg) {
+            continue;
+        }
+
+        // Compute the obligations for `arg` to be well-formed. If `arg` is
+        // an unresolved inference variable, just substituted an empty set
+        // -- because the return type here is going to be things we *add*
+        // to the environment, it's always ok for this set to be smaller
+        // than the ultimate set. (Note: normally there won't be
+        // unresolved inference variables here anyway, but there might be
+        // during typeck under some circumstances.)
+        //
+        // FIXME(@lcnr): It's not really "always fine", having fewer implied
+        // bounds can be backward incompatible, e.g. #101951 was caused by
+        // us not dealing with inference vars in `TypeOutlives` predicates.
+        let obligations = wf::obligations(ocx.infcx, param_env, CRATE_DEF_ID, 0, arg, DUMMY_SP)
+            .unwrap_or_default();
+
+        for obligation in obligations {
+            debug!(?obligation);
+            assert!(!obligation.has_escaping_bound_vars());
+
+            // While these predicates should all be implied by other parts of
+            // the program, they are still relevant as they may constrain
+            // inference variables, which is necessary to add the correct
+            // implied bounds in some cases, mostly when dealing with projections.
+            //
+            // Another important point here: we only register `Projection`
+            // predicates, since otherwise we might register outlives
+            // predicates containing inference variables, and we don't
+            // learn anything new from those.
+            if obligation.predicate.has_non_region_infer() {
+                match obligation.predicate.kind().skip_binder() {
+                    ty::PredicateKind::Clause(ty::ClauseKind::Projection(..))
+                    | ty::PredicateKind::AliasRelate(..) => {
+                        ocx.register_obligation(obligation.clone());
+                    }
+                    _ => {}
+                }
+            }
+
+            let pred = match obligation.predicate.kind().no_bound_vars() {
+                None => continue,
+                Some(pred) => pred,
+            };
+            match pred {
+                ty::PredicateKind::Clause(ty::ClauseKind::Trait(..))
+                // FIXME(const_generics): Make sure that `<'a, 'b, const N: &'a &'b u32>` is sound
+                // if we ever support that
+                | ty::PredicateKind::Clause(ty::ClauseKind::ConstArgHasType(..))
+                | ty::PredicateKind::Subtype(..)
+                | ty::PredicateKind::Coerce(..)
+                | ty::PredicateKind::Clause(ty::ClauseKind::Projection(..))
+                | ty::PredicateKind::ObjectSafe(..)
+                | ty::PredicateKind::Clause(ty::ClauseKind::ConstEvaluatable(..))
+                | ty::PredicateKind::ConstEquate(..)
+                | ty::PredicateKind::Ambiguous
+                | ty::PredicateKind::AliasRelate(..)
+                 => {}
+
+                // We need to search through *all* WellFormed predicates
+                ty::PredicateKind::Clause(ty::ClauseKind::WellFormed(arg)) => {
+                    wf_args.push(arg);
+                }
+
+                // We need to register region relationships
+                ty::PredicateKind::Clause(ty::ClauseKind::RegionOutlives(ty::OutlivesPredicate(
+                    r_a,
+                    r_b,
+                ))) => outlives_bounds.push(ty::OutlivesPredicate(r_a.into(), r_b)),
+
+                ty::PredicateKind::Clause(ty::ClauseKind::TypeOutlives(ty::OutlivesPredicate(
+                    ty_a,
+                    r_b,
+                ))) => outlives_bounds.push(ty::OutlivesPredicate(ty_a.into(), r_b)),
+            }
+        }
+    }
+
+    // This call to `select_all_or_error` is necessary to constrain inference variables, which we
+    // use further down when computing the implied bounds.
+    match ocx.select_all_or_error().as_slice() {
+        [] => (),
+        _ => return Err(NoSolution),
+    }
+
+    // We lazily compute the outlives components as
+    // `select_all_or_error` constrains inference variables.
+    let mut implied_bounds = Vec::new();
+    for ty::OutlivesPredicate(a, r_b) in outlives_bounds {
+        match a.unpack() {
+            ty::GenericArgKind::Lifetime(r_a) => {
+                implied_bounds.push(OutlivesBound::RegionSubRegion(r_b, r_a))
+            }
+            ty::GenericArgKind::Type(ty_a) => {
+                let mut ty_a = ocx.infcx.resolve_vars_if_possible(ty_a);
+                // Need to manually normalize in the new solver as `wf::obligations` does not.
+                if ocx.infcx.next_trait_solver() {
+                    ty_a = solve::deeply_normalize(
+                        ocx.infcx.at(&ObligationCause::dummy(), param_env),
+                        ty_a,
+                    )
+                    .map_err(|_errs| NoSolution)?;
+                }
+                let mut components = smallvec![];
+                push_outlives_components(tcx, ty_a, &mut components);
+                implied_bounds.extend(implied_bounds_from_components(r_b, components))
+            }
+            ty::GenericArgKind::Const(_) => unreachable!(),
+        }
+    }
+
+    Ok(implied_bounds)
 }
 
 /// When we have an implied bound that `T: 'a`, we can further break
 /// this down to determine what relationships would have to hold for
 /// `T: 'a` to hold. We get to assume that the caller has validated
 /// those relationships.
-fn implied_bounds_from_components<'tcx>(
+pub fn implied_bounds_from_components<'tcx>(
     sub_region: ty::Region<'tcx>,
     sup_components: SmallVec<[Component<'tcx>; 4]>,
 ) -> Vec<OutlivesBound<'tcx>> {