Implement EII for statics

[JonathanBrouwer]

View all comments

This PR implements EII for statics. I've tried to mirror the implementation for functions in a few places, this causes some duplicate code but I'm also not really sure whether there's a clean way to merge the implementations.

This does not implement defaults for static EIIs yet, I will do that in a followup PR

[JonathanBrouwer]

I pass an empty array for the assumed_wf_tys here, I can't really find what this argument is for, is this correct?

[JonathanBrouwer]

Passing an empty array in the resolve_regions call inside compare_eii_function_types causes no tests to fail, so would also like to add a test for that once I understand what it does

[jdonszelmann]

seems to be related to the "implied bounds hack" which seems to be part of how we resolve GATs in traits. Since this code is mostly adapted from method comparison in traits that makes sense to me, but I don't think we need it for EIIs. @lcnr could you confirm that?

[jdonszelmann]

see https://rustc-dev-guide.rust-lang.org/return-position-impl-trait-in-trait.html#implied-bounds-in-rpitit-hidden-type-inference

[lcnr]

relevant for static FOO<'a, 'b>: &'a &'b () = &&(); to add an assumption that 'b: 'a holds.

Given that statics don't have any where-bounds/generics anyways, this shouldn't matter

[JonathanBrouwer]

r? @jdonszelmann

This code touches quite a few areas of the compiler I'm not super familiar yet with, so please review carefully whether I'm doing any stupid things :3

View changes since this review

[rustbot]

jdonszelmann is currently at their maximum review capacity.
They may take a while to respond.

[rustbot]

Some changes occurred in compiler/rustc_passes/src/check_attr.rs

cc @jdonszelmann

Some changes occurred in compiler/rustc_attr_parsing

cc @jdonszelmann

The parser was modified, potentially altering the grammar of (stable) Rust
which would be a breaking change.

cc @fmease

Some changes occurred in src/tools/clippy

cc @rust-lang/clippy

[jdonszelmann]

I'm not sure I understand when this can fail

[jdonszelmann]

or why this sanity check is necessary. I believe it may be, but the comment doesn't explain what scenario this matters in or what bug we previously had with this.

[JonathanBrouwer]

I've added explanation to the comment, the assert is indeed simply a sanity check

[bjorn3]

The fact that eii_impls is a list seems to imply that a single item can define multiple EIIs at the same time. Wouldn't that result in multiple statics aliasing each other with this PR? Especially with static mut that would be rather dangerous. But even without, I'm not sure that is not UB.

[JonathanBrouwer]

The fact that eii_impls is a list seems to imply that a single static can define multiple EIIs at the same time. Wouldn't that result in multiple statics aliasing each other with this PR? Especially with static mut that would be rather dangerous. But even without, I'm not sure that is not UB.

It is the other way around, a single item can implement multiple EIIs.

The definition of the EII is an extern static that "aliases" the static that implements the EII, I am far from an expert of rusts memory model so please correct me if I'm wrong, but I believe that should be fine?
Also if both the definition and implementation are static mut this should also be fine? Again far from an expert, please correct me

TLDR: It is exactly as sound as external statics are, since it's basically just an external static

[rustbot]

This PR was rebased onto a different main commit. Here's a range-diff highlighting what actually changed.

Rebasing is a normal part of keeping PRs up to date, so no action is needed—this note is just to help reviewers.

[JonathanBrouwer]

@rustbot ready

[jdonszelmann]

it's correct that with EIIs you can get multiple statics aliasing eachother. We might want to disallow static mut EIIs completely?

[jdonszelmann]

even with a single EII,

#[eii(a)]
static FOO: usize;

#[a]
static BAR: usize = 3;

fn main() {
    assert_eq!(
        &BAR as *const _ as usize, 
        &FOO as *const _ as usize
    );
}

[JonathanBrouwer]

The thing is that FOO is not a static, it's desugared to an extern static, is it still a problem then?

unsafe extern "Rust" {
    safe static FOO: usize;
}

mod imp {
    #[unsafe(no_mangle)]
    pub static FOO: usize = 3;
}

fn main() {
    assert_eq!(
        &FOO as *const _ as usize,
        &imp::FOO as *const _ as usize
    );
}

i.e. Is this code unsound?

[JonathanBrouwer]

Disallowing static mut EIIs makes sense to me, but more because they're hard to use correctly than that they're inherently unsound

[bjorn3]

Currently if you have two extern statics with different symbol names, they would never alias. I can very much imagine that there will be crates which break if two EIIs defined by said crate alias. Breaking both as in causing UB and as in misbehaving without UB. Also it requires having support for aliasing at the object file level, while if each static can define only a single EII, then we can get away without any aliasing support at the object file level. The definition can just have the same symbol name as the EII. And if the EII has a default, this default can either be put in a separate object file only linked when the default is used or be defined as weak symbol.

[JonathanBrouwer]

Right, I agree this is also undesirable
So what I will do is:

• Disallow multiple eii impls on 1 static
• Disallow eii on mut statics

[JonathanBrouwer]

@rustbot author

[rustbot]

Reminder, once the PR becomes ready for a review, use @rustbot ready.

[jdonszelmann]

That doesn't help though, EIIs inherently generate two symbol names for one static. Even if one is extern. And the definition can't get the same name. It should be available under the name given to the implementation as well imo. The same is true for functions atm.

[jdonszelmann]

multiple impls does make that worse, but it's already a problem to begin with

[jdonszelmann]

also, could you add a test that both have the same address?

[bjorn3]

That doesn't help though, EIIs inherently generate two symbol names for one static. Even if one is extern.

There is no inherent reason why the EII declaration and the impl have to use different symbol names afaik. If you only defining a single EII per static, then tcx.symbol_name() on the impl can return the symbol name of the declaration.