Move unsafety out of the subtyping relation and into coercion.

nikomatsakis · nikomatsakis · commit 0947f4076ddb · 2015-03-17T17:29:07.000-04:00
diff --git a/src/librustc/middle/astencode.rs b/src/librustc/middle/astencode.rs
@@ -993,8 +993,14 @@ impl<'a, 'tcx> rbml_writer_helpers<'tcx> for Encoder<'a> {
                     })
                 }
 
+                ty::AdjustUnsafeFnPointer => {
+                    this.emit_enum_variant("AdjustUnsafeFnPointer", 2, 0, |_| {
+                        Ok(())
+                    })
+                }
+
                 ty::AdjustDerefRef(ref auto_deref_ref) => {
-                    this.emit_enum_variant("AdjustDerefRef", 2, 2, |this| {
+                    this.emit_enum_variant("AdjustDerefRef", 3, 2, |this| {
                         this.emit_enum_variant_arg(0,
                             |this| Ok(this.emit_auto_deref_ref(ecx, auto_deref_ref)))
                     })
@@ -1619,6 +1625,9 @@ impl<'a, 'tcx> rbml_decoder_decoder_helpers<'tcx> for reader::Decoder<'a> {
                         ty::AdjustReifyFnPointer(def_id)
                     }
                     2 => {
+                        ty::AdjustUnsafeFnPointer
+                    }
+                    3 => {
                         let auto_deref_ref: ty::AutoDerefRef =
                             this.read_enum_variant_arg(0,
                                 |this| Ok(this.read_auto_deref_ref(dcx))).unwrap();
diff --git a/src/librustc/middle/expr_use_visitor.rs b/src/librustc/middle/expr_use_visitor.rs
@@ -790,7 +790,8 @@ impl<'d,'t,'tcx,TYPER:mc::Typer<'tcx>> ExprUseVisitor<'d,'t,'tcx,TYPER> {
             None => { }
             Some(adjustment) => {
                 match *adjustment {
-                    ty::AdjustReifyFnPointer(..) => {
+                    ty::AdjustReifyFnPointer(..) |
+                    ty::AdjustUnsafeFnPointer(..) => {
                         // Creating a closure/fn-pointer consumes the
                         // input and stores it into the resulting
                         // rvalue.
diff --git a/src/librustc/middle/infer/bivariate.rs b/src/librustc/middle/infer/bivariate.rs
@@ -33,8 +33,6 @@ use middle::infer::{cres};
 use middle::infer::type_variable::{BiTo};
 use util::ppaux::{Repr};
 
-use syntax::ast::{Unsafety};
-
 pub struct Bivariate<'f, 'tcx: 'f> {
     fields: CombineFields<'f, 'tcx>
 }
@@ -74,14 +72,6 @@ impl<'f, 'tcx> Combine<'tcx> for Bivariate<'f, 'tcx> {
         Ok(a)
     }
 
-    fn unsafeties(&self, a: Unsafety, b: Unsafety) -> cres<'tcx, Unsafety> {
-        if a != b {
-            Err(ty::terr_unsafety_mismatch(expected_found(self, a, b)))
-        } else {
-            Ok(a)
-        }
-    }
-
     fn builtin_bounds(&self,
                       a: BuiltinBounds,
                       b: BuiltinBounds)
diff --git a/src/librustc/middle/infer/combine.rs b/src/librustc/middle/infer/combine.rs
@@ -263,7 +263,13 @@ pub trait Combine<'tcx> : Sized {
         self.tys_with_variance(ty::Contravariant, a, b).and_then(|t| Ok(t))
     }
 
-    fn unsafeties(&self, a: Unsafety, b: Unsafety) -> cres<'tcx, Unsafety>;
+    fn unsafeties(&self, a: Unsafety, b: Unsafety) -> cres<'tcx, Unsafety> {
+        if a != b {
+            Err(ty::terr_unsafety_mismatch(expected_found(self, a, b)))
+        } else {
+            Ok(a)
+        }
+    }
 
     fn abi(&self, a: abi::Abi, b: abi::Abi) -> cres<'tcx, abi::Abi> {
         if a == b {
diff --git a/src/librustc/middle/infer/equate.rs b/src/librustc/middle/infer/equate.rs
@@ -16,8 +16,6 @@ use middle::infer::{Subtype};
 use middle::infer::type_variable::{EqTo};
 use util::ppaux::{Repr};
 
-use syntax::ast::Unsafety;
-
 pub struct Equate<'f, 'tcx: 'f> {
     fields: CombineFields<'f, 'tcx>
 }
@@ -54,15 +52,6 @@ impl<'f, 'tcx> Combine<'tcx> for Equate<'f, 'tcx> {
         Ok(a)
     }
 
-
-    fn unsafeties(&self, a: Unsafety, b: Unsafety) -> cres<'tcx, Unsafety> {
-        if a != b {
-            Err(ty::terr_unsafety_mismatch(expected_found(self, a, b)))
-        } else {
-            Ok(a)
-        }
-    }
-
     fn tys(&self, a: Ty<'tcx>, b: Ty<'tcx>) -> cres<'tcx, Ty<'tcx>> {
         debug!("{}.tys({}, {})", self.tag(),
                a.repr(self.fields.infcx.tcx), b.repr(self.fields.infcx.tcx));
diff --git a/src/librustc/middle/infer/glb.rs b/src/librustc/middle/infer/glb.rs
@@ -15,8 +15,6 @@ use super::{cres};
 use super::Subtype;
 
 use middle::ty::{self, Ty};
-use syntax::ast::{MutImmutable, MutMutable, Unsafety};
-use util::ppaux::mt_to_string;
 use util::ppaux::Repr;
 
 /// "Greatest lower bound" (common subtype)
@@ -55,14 +53,6 @@ impl<'f, 'tcx> Combine<'tcx> for Glb<'f, 'tcx> {
         }
     }
 
-
-    fn unsafeties(&self, a: Unsafety, b: Unsafety) -> cres<'tcx, Unsafety> {
-        match (a, b) {
-          (Unsafety::Normal, _) | (_, Unsafety::Normal) => Ok(Unsafety::Normal),
-          (Unsafety::Unsafe, Unsafety::Unsafe) => Ok(Unsafety::Unsafe)
-        }
-    }
-
     fn regions(&self, a: ty::Region, b: ty::Region) -> cres<'tcx, ty::Region> {
         debug!("{}.regions({}, {})",
                self.tag(),
diff --git a/src/librustc/middle/infer/lub.rs b/src/librustc/middle/infer/lub.rs
@@ -15,8 +15,6 @@ use super::{cres};
 use super::{Subtype};
 
 use middle::ty::{self, Ty};
-use syntax::ast::{MutMutable, MutImmutable, Unsafety};
-use util::ppaux::mt_to_string;
 use util::ppaux::Repr;
 
 /// "Least upper bound" (common supertype)
@@ -55,13 +53,6 @@ impl<'f, 'tcx> Combine<'tcx> for Lub<'f, 'tcx> {
         }
     }
 
-    fn unsafeties(&self, a: Unsafety, b: Unsafety) -> cres<'tcx, Unsafety> {
-        match (a, b) {
-          (Unsafety::Unsafe, _) | (_, Unsafety::Unsafe) => Ok(Unsafety::Unsafe),
-          (Unsafety::Normal, Unsafety::Normal) => Ok(Unsafety::Normal),
-        }
-    }
-
     fn regions(&self, a: ty::Region, b: ty::Region) -> cres<'tcx, ty::Region> {
         debug!("{}.regions({}, {})",
                self.tag(),
diff --git a/src/librustc/middle/infer/sub.rs b/src/librustc/middle/infer/sub.rs
@@ -9,7 +9,7 @@
 // except according to those terms.
 
 use super::combine::*;
-use super::{cres, CresCompare};
+use super::{cres};
 use super::higher_ranked::HigherRankedRelations;
 use super::{Subtype};
 use super::type_variable::{SubtypeOf, SupertypeOf};
@@ -18,9 +18,6 @@ use middle::ty::{self, Ty};
 use middle::ty::TyVar;
 use util::ppaux::{Repr};
 
-use syntax::ast::{MutImmutable, MutMutable, Unsafety};
-
-
 /// "Greatest lower bound" (common subtype)
 pub struct Sub<'f, 'tcx: 'f> {
     fields: CombineFields<'f, 'tcx>
@@ -66,12 +63,6 @@ impl<'f, 'tcx> Combine<'tcx> for Sub<'f, 'tcx> {
         Ok(a)
     }
 
-    fn unsafeties(&self, a: Unsafety, b: Unsafety) -> cres<'tcx, Unsafety> {
-        self.lub().unsafeties(a, b).compare(b, || {
-            ty::terr_unsafety_mismatch(expected_found(self, a, b))
-        })
-    }
-
     fn tys(&self, a: Ty<'tcx>, b: Ty<'tcx>) -> cres<'tcx, Ty<'tcx>> {
         debug!("{}.tys({}, {})", self.tag(),
                a.repr(self.tcx()), b.repr(self.tcx()));
diff --git a/src/librustc/middle/mem_categorization.rs b/src/librustc/middle/mem_categorization.rs
@@ -428,7 +428,8 @@ impl<'t,'tcx,TYPER:Typer<'tcx>> MemCategorizationContext<'t,TYPER> {
 
             Some(adjustment) => {
                 match *adjustment {
-                    ty::AdjustReifyFnPointer(..) => {
+                    ty::AdjustReifyFnPointer(..) |
+                    ty::AdjustUnsafeFnPointer(..) => {
                         debug!("cat_expr(AdjustReifyFnPointer): {}",
                                expr.repr(self.tcx()));
                         // Convert a bare fn to a closure by adding NULL env.
diff --git a/src/librustc/middle/ty.rs b/src/librustc/middle/ty.rs
@@ -282,6 +282,7 @@ pub enum Variance {
 #[derive(Clone, Debug)]
 pub enum AutoAdjustment<'tcx> {
     AdjustReifyFnPointer(ast::DefId), // go from a fn-item type to a fn-pointer type
+    AdjustUnsafeFnPointer, // go from a safe fn pointer to an unsafe fn pointer
     AdjustDerefRef(AutoDerefRef<'tcx>)
 }
 
@@ -2637,6 +2638,17 @@ impl<'tcx> ctxt<'tcx> {
         substs
     }
 
+    /// Create an unsafe fn ty based on a safe fn ty.
+    pub fn safe_to_unsafe_fn_ty(&self, bare_fn: &BareFnTy<'tcx>) -> Ty<'tcx> {
+        assert_eq!(bare_fn.unsafety, ast::Unsafety::Normal);
+        let unsafe_fn_ty_a = self.mk_bare_fn(ty::BareFnTy {
+            unsafety: ast::Unsafety::Unsafe,
+            abi: bare_fn.abi,
+            sig: bare_fn.sig.clone()
+        });
+        ty::mk_bare_fn(self, None, unsafe_fn_ty_a)
+    }
+
     pub fn mk_bare_fn(&self, bare_fn: BareFnTy<'tcx>) -> &'tcx BareFnTy<'tcx> {
         if let Some(bare_fn) = self.bare_fn_interner.borrow().get(&bare_fn) {
             return *bare_fn;
@@ -4526,6 +4538,18 @@ pub fn adjust_ty<'tcx, F>(cx: &ctxt<'tcx>,
                     }
                 }
 
+               AdjustUnsafeFnPointer => {
+                    match unadjusted_ty.sty {
+                        ty::ty_bare_fn(None, b) => cx.safe_to_unsafe_fn_ty(b),
+                        ref b => {
+                            cx.sess.bug(
+                                &format!("AdjustReifyFnPointer adjustment on non-fn-item: \
+                                         {:?}",
+                                        b));
+                        }
+                    }
+               }
+
                 AdjustDerefRef(ref adj) => {
                     let mut adjusted_ty = unadjusted_ty;
 
@@ -6695,6 +6719,7 @@ impl<'tcx> AutoAdjustment<'tcx> {
     pub fn is_identity(&self) -> bool {
         match *self {
             AdjustReifyFnPointer(..) => false,
+            AdjustUnsafeFnPointer(..) => false,
             AdjustDerefRef(ref r) => r.is_identity(),
         }
     }
@@ -6844,6 +6869,9 @@ impl<'tcx> Repr<'tcx> for AutoAdjustment<'tcx> {
             AdjustReifyFnPointer(def_id) => {
                 format!("AdjustReifyFnPointer({})", def_id.repr(tcx))
             }
+            AdjustUnsafeFnPointer => {
+                format!("AdjustUnsafeFnPointer")
+            }
             AdjustDerefRef(ref data) => {
                 data.repr(tcx)
             }
diff --git a/src/librustc_trans/trans/consts.rs b/src/librustc_trans/trans/consts.rs
@@ -253,6 +253,9 @@ pub fn const_expr<'a, 'tcx>(cx: &CrateContext<'a, 'tcx>,
             // FIXME(#19925) once fn item types are
             // zero-sized, we'll need to do something here
         }
+        Some(ty::AdjustUnsafeFnPointer) => {
+            // purely a type-level thing
+        }
         Some(ty::AdjustDerefRef(adj)) => {
             let mut ty = ety;
             // Save the last autoderef in case we can avoid it.
diff --git a/src/librustc_trans/trans/expr.rs b/src/librustc_trans/trans/expr.rs
@@ -72,7 +72,7 @@ use trans::monomorphize;
 use trans::tvec;
 use trans::type_of;
 use middle::ty::{struct_fields, tup_fields};
-use middle::ty::{AdjustDerefRef, AdjustReifyFnPointer, AutoUnsafe};
+use middle::ty::{AdjustDerefRef, AdjustReifyFnPointer, AdjustUnsafeFnPointer, AutoUnsafe};
 use middle::ty::{AutoPtr};
 use middle::ty::{self, Ty};
 use middle::ty::MethodCall;
@@ -396,6 +396,9 @@ fn apply_adjustments<'blk, 'tcx>(bcx: Block<'blk, 'tcx>,
             // FIXME(#19925) once fn item types are
             // zero-sized, we'll need to do something here
         }
+        AdjustUnsafeFnPointer => {
+            // purely a type-level thing
+        }
         AdjustDerefRef(ref adj) => {
             let (autoderefs, use_autoref) = match adj.autoref {
                 // Extracting a value from a box counts as a deref, but if we are
diff --git a/src/librustc_typeck/check/coercion.rs b/src/librustc_typeck/check/coercion.rs
@@ -143,6 +143,11 @@ impl<'f, 'tcx> Coerce<'f, 'tcx> {
                     // require double indirection).
                     self.coerce_from_fn_item(a, a_def_id, a_f, b)
                 }
+                ty::ty_bare_fn(None, a_f) => {
+                    // We permit coercion of fn pointers to drop the
+                    // unsafe qualifier.
+                    self.coerce_from_fn_pointer(a, a_f, b)
+                }
                 _ => {
                     // Otherwise, just use subtyping rules.
                     self.subtype(a, b)
@@ -411,6 +416,41 @@ impl<'f, 'tcx> Coerce<'f, 'tcx> {
         )
     }
 
+    fn coerce_from_fn_pointer(&self,
+                           a: Ty<'tcx>,
+                           fn_ty_a: &'tcx ty::BareFnTy<'tcx>,
+                           b: Ty<'tcx>)
+                           -> CoerceResult<'tcx>
+    {
+        /*!
+         * Attempts to coerce from the type of a Rust function item
+         * into a closure or a `proc`.
+         */
+
+        self.unpack_actual_value(b, |b| {
+            debug!("coerce_from_fn_pointer(a={}, b={})",
+                   a.repr(self.tcx()), b.repr(self.tcx()));
+
+            match b.sty {
+                ty::ty_bare_fn(None, fn_ty_b) => {
+                    match (fn_ty_a.unsafety, fn_ty_b.unsafety) {
+                        (ast::Unsafety::Normal, ast::Unsafety::Unsafe) => {
+                            let unsafe_a = self.tcx().safe_to_unsafe_fn_ty(fn_ty_a);
+                            try!(self.subtype(unsafe_a, b));
+                            Ok(Some(ty::AdjustUnsafeFnPointer))
+                        }
+                        _ => {
+                            self.subtype(a, b)
+                        }
+                    }
+                }
+                _ => {
+                    return self.subtype(a, b)
+                }
+            }
+        })
+    }
+
     fn coerce_from_fn_item(&self,
                            a: Ty<'tcx>,
                            fn_def_id_a: ast::DefId,
diff --git a/src/librustc_typeck/check/mod.rs b/src/librustc_typeck/check/mod.rs
@@ -1532,8 +1532,8 @@ impl<'a, 'tcx> FnCtxt<'a, 'tcx> {
                                        span: Span,
                                        adj: &ty::AutoAdjustment<'tcx>) {
         match *adj {
-            ty::AdjustReifyFnPointer(..) => {
-            }
+            ty::AdjustReifyFnPointer(..) => { }
+            ty::AdjustUnsafeFnPointer => { }
             ty::AdjustDerefRef(ref d_r) => {
                 match d_r.autoref {
                     Some(ref a_r) => {
diff --git a/src/librustc_typeck/check/writeback.rs b/src/librustc_typeck/check/writeback.rs
@@ -265,6 +265,10 @@ impl<'cx, 'tcx> WritebackCx<'cx, 'tcx> {
                         ty::AdjustReifyFnPointer(def_id)
                     }
 
+                    ty::AdjustUnsafeFnPointer => {
+                        ty::AdjustUnsafeFnPointer
+                    }
+
                     ty::AdjustDerefRef(adj) => {
                         for autoderef in 0..adj.autoderefs {
                             let method_call = MethodCall::autoderef(id, autoderef);
diff --git a/src/test/compile-fail/unsafe-subtyping.rs b/src/test/compile-fail/unsafe-subtyping.rs
@@ -0,0 +1,21 @@
+// Copyright 2013-2014 The Rust Project Developers. See the COPYRIGHT
+// file at the top-level directory of this distribution and at
+// http://rust-lang.org/COPYRIGHT.
+//
+// Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
+// http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
+// <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your
+// option. This file may not be copied, modified, or distributed
+// except according to those terms.
+
+// Check that safe fns are not a subtype of unsafe fns.
+
+fn foo(x: Option<fn(i32)>) -> Option<unsafe fn(i32)> {
+    x //~ ERROR mismatched types
+}
+
+fn bar(x: fn(i32)) -> unsafe fn(i32) {
+    x // OK, coercion!
+}
+
+fn main() { }
diff --git a/src/test/compile-fail/unsafe-trait-impl.rs b/src/test/compile-fail/unsafe-trait-impl.rs
diff --git a/src/test/compile-fail/variadic-ffi.rs b/src/test/compile-fail/variadic-ffi.rs
diff --git a/src/test/run-pass/unsafe-coercion.rs b/src/test/run-pass/unsafe-coercion.rs
