-
Notifications
You must be signed in to change notification settings - Fork 12.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Pin
is unsound due to transitive effects of CoerceUnsized
#68015
Comments
permit negative impls for non-auto traits This is a prototype impl that extends `impl !Trait` beyond auto traits. It is not integrated with coherence or anything else, and hence only serves to prevent downstream impls (but not to allow downstream crates to rely on the absence of such impls for coherence purposes). Fixes rust-lang#66544 TODO: - [x] need a test that you can't rely on negative impls for coherence purposes - [x] test that negative impls cannot specialize positive ones - [x] test that positive impls cannot specialize negative ones - [x] extend negative impl to `Clone` in order to fully fix rust-lang#66544 - [x] and maybe make `CoerceUnsized` unsafe? -- that problem is now split out into rust-lang#68015 - [x] introduce feature flag and prepare a write-up - [x] improve diagnostics?
permit negative impls for non-auto traits This is a prototype impl that extends `impl !Trait` beyond auto traits. It is not integrated with coherence or anything else, and hence only serves to prevent downstream impls (but not to allow downstream crates to rely on the absence of such impls for coherence purposes). Fixes rust-lang#66544 TODO: - [x] need a test that you can't rely on negative impls for coherence purposes - [x] test that negative impls cannot specialize positive ones - [x] test that positive impls cannot specialize negative ones - [x] extend negative impl to `Clone` in order to fully fix rust-lang#66544 - [x] and maybe make `CoerceUnsized` unsafe? -- that problem is now split out into rust-lang#68015 - [x] introduce feature flag and prepare a write-up - [x] improve diagnostics?
Lowering the priority of this to medium, adding as a blocker to #27732 (coerce unsized stabilization). |
This comment has been minimized.
This comment has been minimized.
Update: It is possible to abuse existing The type More concretely: Since Methods on |
Split out from #66544. It is possible to exploit
Pin
on nightly Rust (but not stable) by creating smart pointers that implementCoerceUnsized
but have strange behavior. See the dedicated internals thread for more details -- also, please keep conversation on the thread, and not on the Github issue. ❤️The text was updated successfully, but these errors were encountered: