Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Soundness hole: We don't catch non-const assoc fns in const contexts if the trait isn't #[const_trait] #12

Closed
fmease opened this issue Oct 25, 2024 · 3 comments · Fixed by rust-lang/rust#132169
Closed

Soundness hole: We don't catch non-const assoc fns in const contexts if the trait isn't #[const_trait] #12

fmease opened this issue Oct 25, 2024 · 3 comments · Fixed by rust-lang/rust#132169
Assignees
@compiler-errors

Comments

@fmease
Copy link
Member

fmease commented Oct 25, 2024
edited
Loading

Uplifted from rust-lang/rust#125831 cuz I consider this pretty important.

MCVE:

//@ compile-flags: -Znext-solver
#![feature(effects, const_trait_impl)]
#![crate_type = "lib"]

// #[const_trait] // <-- intentionally absent
trait NonConstTrait {
    fn something();
}

impl NonConstTrait for () {
    fn something() {}
}

const fn f() { <()>::something() } // wrongfully accepted!
                                   // should've raised Unimplemented( (): ~const NonConstTrait )
                                   // or at least rejected this call some other way
@fmease
Copy link
Member Author

fmease commented Oct 25, 2024

So I haven't dug into details yet as to why it slips up but from a high-level perspective "things" may "generate" Ty: ~const NonConstTrait obligations/goals even if ~const NonConstTrait is ill-formed in the surface language (~const can only be applied to #[const_trait] traits).

@compiler-errors
Copy link
Member

This should be fixed when we rework how we validate const traits in MIR, i.e. this code is currently busted:

https://github.com/rust-lang/rust/blob/45089ec19ebebec88bace6ec237244ff0eaa7ad3/compiler/rustc_const_eval/src/check_consts/check.rs#L607-L627

And/or when we start unconditionally enforcing constness in HIR:

https://github.com/rust-lang/rust/blob/45089ec19ebebec88bace6ec237244ff0eaa7ad3/compiler/rustc_hir_typeck/src/callee.rs#L876-L877

@compiler-errors
Copy link
Member

I'm currently working on improving const validation in MIR, though, so I'll claim this as a placeholder. Thanks for raising this issue, tho.

@compiler-errors compiler-errors self-assigned this Oct 25, 2024
@fee1-dead fee1-dead mentioned this issue Oct 26, 2024
Merged
Zalathar added a commit to Zalathar/rust that referenced this issue Oct 26, 2024
@Zalathar
Rollup merge of rust-lang#132169 - fee1-dead-contrib:consttraitsck, r…
18aa883 
…=compiler-errors

Deny calls to non-`#[const_trait]` methods in MIR constck

This is a (potentially temporary) fix that closes off the mismatch in assumptions between MIR constck and typeck which does the const traits checking. Before this PR, MIR constck assumed that typeck correctly handled all calls to trait methods in const contexts if effects is enabled. That is not true because typeck only correctly handles callees that are const. For non-const callees (such as methods in a non-const_trait), typeck had never created an error.

https://github.com/rust-lang/rust/blob/45089ec19ebebec88bace6ec237244ff0eaa7ad3/compiler/rustc_hir_typeck/src/callee.rs#L876-L877

I called this potentially temporary because the const checks could be moved to HIR entirely. Alongside the recent refactor in const stability checks where that component could be placed would need more discussion. (cc `@compiler-errors` `@RalfJung)`

Tests are updated, mainly due to traits not being const in core, so tests that call them correctly error.

This fixes rust-lang/project-const-traits#12.
jieyouxu added a commit to jieyouxu/rust that referenced this issue Oct 26, 2024
@jieyouxu
Rollup merge of rust-lang#132169 - fee1-dead-contrib:consttraitsck, r…
569f187 
…=compiler-errors

Deny calls to non-`#[const_trait]` methods in MIR constck

This is a (potentially temporary) fix that closes off the mismatch in assumptions between MIR constck and typeck which does the const traits checking. Before this PR, MIR constck assumed that typeck correctly handled all calls to trait methods in const contexts if effects is enabled. That is not true because typeck only correctly handles callees that are const. For non-const callees (such as methods in a non-const_trait), typeck had never created an error.

https://github.com/rust-lang/rust/blob/45089ec19ebebec88bace6ec237244ff0eaa7ad3/compiler/rustc_hir_typeck/src/callee.rs#L876-L877

I called this potentially temporary because the const checks could be moved to HIR entirely. Alongside the recent refactor in const stability checks where that component could be placed would need more discussion. (cc ``@compiler-errors`` ``@RalfJung)``

Tests are updated, mainly due to traits not being const in core, so tests that call them correctly error.

This fixes rust-lang/project-const-traits#12.
jieyouxu added a commit to jieyouxu/rust that referenced this issue Oct 26, 2024
@jieyouxu
Rollup merge of rust-lang#132169 - fee1-dead-contrib:consttraitsck, r…
bafe790 
…=compiler-errors

Deny calls to non-`#[const_trait]` methods in MIR constck

This is a (potentially temporary) fix that closes off the mismatch in assumptions between MIR constck and typeck which does the const traits checking. Before this PR, MIR constck assumed that typeck correctly handled all calls to trait methods in const contexts if effects is enabled. That is not true because typeck only correctly handles callees that are const. For non-const callees (such as methods in a non-const_trait), typeck had never created an error.

https://github.com/rust-lang/rust/blob/45089ec19ebebec88bace6ec237244ff0eaa7ad3/compiler/rustc_hir_typeck/src/callee.rs#L876-L877

I called this potentially temporary because the const checks could be moved to HIR entirely. Alongside the recent refactor in const stability checks where that component could be placed would need more discussion. (cc ```@compiler-errors``` ```@RalfJung)```

Tests are updated, mainly due to traits not being const in core, so tests that call them correctly error.

This fixes rust-lang/project-const-traits#12.
rust-timer added a commit to rust-lang-ci/rust that referenced this issue Oct 26, 2024
@rust-timer
Unrolled build for rust-lang#132169
e59dbf3 
Rollup merge of rust-lang#132169 - fee1-dead-contrib:consttraitsck, r=compiler-errors

Deny calls to non-`#[const_trait]` methods in MIR constck

This is a (potentially temporary) fix that closes off the mismatch in assumptions between MIR constck and typeck which does the const traits checking. Before this PR, MIR constck assumed that typeck correctly handled all calls to trait methods in const contexts if effects is enabled. That is not true because typeck only correctly handles callees that are const. For non-const callees (such as methods in a non-const_trait), typeck had never created an error.

https://github.com/rust-lang/rust/blob/45089ec19ebebec88bace6ec237244ff0eaa7ad3/compiler/rustc_hir_typeck/src/callee.rs#L876-L877

I called this potentially temporary because the const checks could be moved to HIR entirely. Alongside the recent refactor in const stability checks where that component could be placed would need more discussion. (cc ```@compiler-errors``` ```@RalfJung)```

Tests are updated, mainly due to traits not being const in core, so tests that call them correctly error.

This fixes rust-lang/project-const-traits#12.
@fmease fmease closed this as completed Oct 26, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@compiler-errors compiler-errors

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Deny calls to non-#[const_trait] methods in MIR constck fee1-dead-contrib/rust
2 participants
@compiler-errors @fmease