Auto merge of #27641 - nikomatsakis:soundness-rfc-1214, r=nrc

This PR implements the majority of RFC 1214. In particular, it implements:

- the new outlives relation
- comprehensive WF checking

For the most part, new code receives warnings, not errors, though 3 regressions were found via a crater run. 

There are some deviations from RFC 1214. Most notably:

- we still consider implied bounds from fn ret; this intersects other soundness issues that I intend to address in detail in a follow-up RFC. Fixing this without breaking a lot of code probably requires rewriting compare-method somewhat (which is probably a good thing).
- object types do not check trait bounds for fear of encountering `Self`; this was left as an unresolved question in RFC 1214, but ultimately feels inconsistent.

Both of those two issues are highlighted in the tracking issue, #27579. #27579 also includes a testing matrix with new tests that I wrote -- these probably duplicate some existing tests, I tried to check but wasn't quite sure what to look for. I tried to be thorough in testing the WF relation, at least, but would welcome suggestions for missing tests.

r? @nrc (or perhaps someone else?)

Author: bors

src/libcore/iter.rs

@@ -2135,7 +2135,7 @@ impl<I: DoubleEndedIterator, F> DoubleEndedIterator for Inspect<I, F>
 /// two `Step` objects.
 #[unstable(feature = "step_trait",
            reason = "likely to be replaced by finer-grained traits")]
-pub trait Step: PartialOrd {
+pub trait Step: PartialOrd+Sized {
     /// Steps `self` if possible.
     fn step(&self, by: &Self) -> Option<Self>;
 

src/libcore/marker.rs

@@ -56,7 +56,7 @@ pub trait Sized {
 /// Types that can be "unsized" to a dynamically sized type.
 #[unstable(feature = "unsize")]
 #[lang="unsize"]
-pub trait Unsize<T> {
+pub trait Unsize<T: ?Sized> {
     // Empty.
 }
 

src/libcore/num/mod.rs

@@ -19,7 +19,7 @@ use char::CharExt;
 use cmp::{Eq, PartialOrd};
 use fmt;
 use intrinsics;
-use marker::Copy;
+use marker::{Copy, Sized};
 use mem::size_of;
 use option::Option::{self, Some, None};
 use result::Result::{self, Ok, Err};
@@ -1263,7 +1263,7 @@ pub enum FpCategory {
 #[doc(hidden)]
 #[unstable(feature = "core_float",
            reason = "stable interface is via `impl f{32,64}` in later crates")]
-pub trait Float {
+pub trait Float: Sized {
     /// Returns the NaN value.
     fn nan() -> Self;
     /// Returns the infinite value.

src/libcore/str/mod.rs

@@ -25,6 +25,7 @@ use default::Default;
 use fmt;
 use iter::ExactSizeIterator;
 use iter::{Map, Iterator, DoubleEndedIterator};
+use marker::Sized;
 use mem;
 use ops::{Fn, FnMut, FnOnce};
 use option::Option::{self, None, Some};
@@ -37,7 +38,7 @@ pub mod pattern;
 /// A trait to abstract the idea of creating a new instance of a type from a
 /// string.
 #[stable(feature = "rust1", since = "1.0.0")]
-pub trait FromStr {
+pub trait FromStr: Sized {
     /// The associated error which can be returned from parsing.
     #[stable(feature = "rust1", since = "1.0.0")]
     type Err;

src/libgraphviz/lib.rs

@@ -561,7 +561,7 @@ pub type Edges<'a,E> = Cow<'a,[E]>;
 /// `Cow<[T]>` to leave implementers the freedom to create
 /// entirely new vectors or to pass back slices into internally owned
 /// vectors.
-pub trait GraphWalk<'a, N, E> {
+pub trait GraphWalk<'a, N: Clone, E: Clone> {
     /// Returns all the nodes in this graph.
     fn nodes(&'a self) -> Nodes<'a, N>;
     /// Returns all of the edges in this graph.

src/librand/distributions/range.rs

@@ -12,6 +12,7 @@
 
 // this is surprisingly complicated to be both generic & correct
 
+use core::marker::Sized;
 use Rng;
 use distributions::{Sample, IndependentSample};
 
@@ -57,7 +58,7 @@ impl<Sup: SampleRange> IndependentSample<Sup> for Range<Sup> {
 /// uniformly between two values. This should not be used directly,
 /// and is only to facilitate `Range`.
 #[doc(hidden)]
-pub trait SampleRange {
+pub trait SampleRange: Sized {
     /// Construct the `Range` object that `sample_range`
     /// requires. This should not ever be called directly, only via
     /// `Range::new`, which will check that `low < high`, so this

src/librustc/lib.rs

@@ -129,6 +129,7 @@ pub mod middle {
     pub mod lang_items;
     pub mod liveness;
     pub mod mem_categorization;
+    pub mod outlives;
     pub mod pat_util;
     pub mod privacy;
     pub mod reachable;
@@ -143,6 +144,7 @@ pub mod middle {
     pub mod ty_match;
     pub mod ty_relate;
     pub mod ty_walk;
+    pub mod wf;
     pub mod weak_lang_items;
 }
 

src/librustc/metadata/tydecode.rs

@@ -790,6 +790,12 @@ fn parse_predicate_<'a,'tcx, F>(st: &mut PState<'a, 'tcx>,
         'o' => ty::Binder(ty::OutlivesPredicate(parse_ty_(st, conv),
                                                 parse_region_(st, conv))).to_predicate(),
         'p' => ty::Binder(parse_projection_predicate_(st, conv)).to_predicate(),
+        'w' => ty::Predicate::WellFormed(parse_ty_(st, conv)),
+        'O' => {
+            let def_id = parse_def_(st, NominalType, conv);
+            assert_eq!(next(st), '|');
+            ty::Predicate::ObjectSafe(def_id)
+        }
         c => panic!("Encountered invalid character in metadata: {}", c)
     }
 }

src/librustc/metadata/tyencode.rs

@@ -457,6 +457,13 @@ pub fn enc_predicate<'a, 'tcx>(w: &mut Encoder,
             mywrite!(w, "p");
             enc_projection_predicate(w, cx, data)
         }
+        ty::Predicate::WellFormed(data) => {
+            mywrite!(w, "w");
+            enc_ty(w, cx, data);
+        }
+        ty::Predicate::ObjectSafe(trait_def_id) => {
+            mywrite!(w, "O{}|", (cx.ds)(trait_def_id));
+        }
     }
 }
 

src/librustc/middle/astencode.rs

@@ -1061,7 +1061,7 @@ fn encode_side_tables_for_id(ecx: &e::EncodeContext,
     }
 }
 
-trait doc_decoder_helpers {
+trait doc_decoder_helpers: Sized {
     fn as_int(&self) -> isize;
     fn opt_child(&self, tag: c::astencode_tag) -> Option<Self>;
 }