Add warn-by-default lint against unclear fat pointer comparisons

Author: Urgau

compiler/rustc_lint/messages.ftl

@@ -315,6 +315,10 @@ lint_invalid_nan_comparisons_eq_ne = incorrect NaN comparison, NaN cannot be dir
 
 lint_invalid_nan_comparisons_lt_le_gt_ge = incorrect NaN comparison, NaN is not orderable
 
+lint_unclear_fat_pointer_comparisons = unclear fat pointer comparison, the comparison includes metadata which may not be expected
+    .addr_metadata_suggestion = use explicit `std::ptr::eq` method to compare metadata and addresses
+    .addr_suggestion = use untyped pointers to only compare their addresses
+
 lint_invalid_reference_casting_assign_to_ref = assigning to `&T` is undefined behavior, consider using an `UnsafeCell`
     .label = casting happend here
 

compiler/rustc_lint/src/lints.rs

@@ -1585,6 +1585,45 @@ pub enum InvalidNanComparisonsSuggestion {
     Spanless,
 }
 
+#[derive(LintDiagnostic)]
+#[diag(lint_unclear_fat_pointer_comparisons)]
+pub struct UnclearFatPointerComparisons {
+    #[subdiagnostic]
+    pub addr_metadata_suggestion: Option<UnclearFatPointerComparisonsAddrMetadataSuggestion>,
+    #[subdiagnostic]
+    pub addr_suggestion: UnclearFatPointerComparisonsAddrSuggestion,
+}
+
+#[derive(Subdiagnostic)]
+#[multipart_suggestion(
+    lint_addr_metadata_suggestion,
+    style = "verbose",
+    applicability = "machine-applicable"
+)]
+pub struct UnclearFatPointerComparisonsAddrMetadataSuggestion {
+    #[suggestion_part(code = "!std::ptr::eq(")]
+    pub left_ne: Option<Span>,
+    #[suggestion_part(code = "std::ptr::eq(")]
+    pub left_eq: Option<Span>,
+    #[suggestion_part(code = ", ")]
+    pub middle: Span,
+    #[suggestion_part(code = ")")]
+    pub right: Span,
+}
+
+#[derive(Subdiagnostic)]
+#[multipart_suggestion(
+    lint_addr_suggestion,
+    style = "verbose",
+    applicability = "machine-applicable"
+)]
+pub struct UnclearFatPointerComparisonsAddrSuggestion {
+    #[suggestion_part(code = " as *const ()")]
+    pub left: Span,
+    #[suggestion_part(code = " as *const ()")]
+    pub right: Span,
+}
+
 pub struct ImproperCTypes<'a> {
     pub ty: Ty<'a>,
     pub desc: &'a str,

compiler/rustc_lint/src/types.rs

@@ -5,7 +5,9 @@ use crate::{
         InvalidAtomicOrderingDiag, InvalidNanComparisons, InvalidNanComparisonsSuggestion,
         OnlyCastu8ToChar, OverflowingBinHex, OverflowingBinHexSign, OverflowingBinHexSignBitSub,
         OverflowingBinHexSub, OverflowingInt, OverflowingIntHelp, OverflowingLiteral,
-        OverflowingUInt, RangeEndpointOutOfRange, UnusedComparisons, UseInclusiveRange,
+        OverflowingUInt, RangeEndpointOutOfRange, UnclearFatPointerComparisons,
+        UnclearFatPointerComparisonsAddrMetadataSuggestion,
+        UnclearFatPointerComparisonsAddrSuggestion, UnusedComparisons, UseInclusiveRange,
         VariantSizeDifferencesDiag,
     },
 };
@@ -17,10 +19,10 @@ use rustc_errors::DiagnosticMessage;
 use rustc_hir as hir;
 use rustc_hir::{is_range_literal, Expr, ExprKind, Node};
 use rustc_middle::ty::layout::{IntegerExt, LayoutOf, SizeSkeleton};
-use rustc_middle::ty::GenericArgsRef;
 use rustc_middle::ty::{
     self, AdtKind, Ty, TyCtxt, TypeSuperVisitable, TypeVisitable, TypeVisitableExt,
 };
+use rustc_middle::ty::{GenericArgsRef, TypeAndMut};
 use rustc_span::def_id::LocalDefId;
 use rustc_span::source_map;
 use rustc_span::symbol::sym;
@@ -136,6 +138,37 @@ declare_lint! {
     "detects invalid floating point NaN comparisons"
 }
 
+declare_lint! {
+    /// The `unclear_fat_pointer_comparisons` lint checks comparison
+    /// of `*const/*mut ?Sized` as the operands.
+    ///
+    /// ### Example
+    ///
+    /// ```rust
+    /// # struct A;
+    /// # struct B;
+    ///
+    /// # trait T {}
+    /// # impl T for A {}
+    /// # impl T for B {}
+    ///
+    /// let ab = (A, B);
+    /// let a = &ab.0 as *const dyn T;
+    /// let b = &ab.1 as *const dyn T;
+    ///
+    /// let _ = a == b;
+    /// ```
+    ///
+    /// {{produces}}
+    ///
+    /// ### Explanation
+    ///
+    /// The comparison include metadata which is not guaranteed to be equivalent.
+    UNCLEAR_FAT_POINTER_COMPARISONS,
+    Warn,
+    "detects unclear fat pointer comparisons"
+}
+
 #[derive(Copy, Clone)]
 pub struct TypeLimits {
     /// Id of the last visited negated expression
@@ -144,7 +177,12 @@ pub struct TypeLimits {
     negated_expr_span: Option<Span>,
 }
 
-impl_lint_pass!(TypeLimits => [UNUSED_COMPARISONS, OVERFLOWING_LITERALS, INVALID_NAN_COMPARISONS]);
+impl_lint_pass!(TypeLimits => [
+    UNUSED_COMPARISONS,
+    OVERFLOWING_LITERALS,
+    INVALID_NAN_COMPARISONS,
+    UNCLEAR_FAT_POINTER_COMPARISONS
+]);
 
 impl TypeLimits {
     pub fn new() -> TypeLimits {
@@ -620,6 +658,50 @@ fn lint_nan<'tcx>(
     cx.emit_spanned_lint(INVALID_NAN_COMPARISONS, e.span, lint);
 }
 
+fn lint_fat_pointer<'tcx>(
+    cx: &LateContext<'tcx>,
+    e: &'tcx hir::Expr<'tcx>,
+    binop: hir::BinOp,
+    l: &'tcx hir::Expr<'tcx>,
+    r: &'tcx hir::Expr<'tcx>,
+) {
+    let Some(l_ty) = cx.typeck_results().expr_ty_adjusted_opt(l) else {
+        return;
+    };
+    let Some(r_ty) = cx.typeck_results().expr_ty_adjusted_opt(r) else {
+        return;
+    };
+
+    let is_ptr_unsized = |ty: Ty<'tcx>| -> bool {
+        match ty.kind() {
+            ty::RawPtr(TypeAndMut { mutbl: _, ty }) => !ty.is_sized(cx.tcx, cx.param_env),
+            _ => false,
+        }
+    };
+
+    if !is_ptr_unsized(l_ty) || !is_ptr_unsized(r_ty) {
+        return;
+    }
+
+    cx.emit_spanned_lint(
+        UNCLEAR_FAT_POINTER_COMPARISONS,
+        e.span,
+        UnclearFatPointerComparisons {
+            addr_metadata_suggestion: matches!(binop.node, hir::BinOpKind::Eq | hir::BinOpKind::Ne)
+                .then(|| UnclearFatPointerComparisonsAddrMetadataSuggestion {
+                    left_ne: (binop.node == hir::BinOpKind::Ne).then(|| l.span.shrink_to_lo()),
+                    left_eq: (binop.node != hir::BinOpKind::Ne).then(|| l.span.shrink_to_lo()),
+                    middle: l.span.shrink_to_hi().until(r.span.shrink_to_lo()),
+                    right: r.span.shrink_to_hi(),
+                }),
+            addr_suggestion: UnclearFatPointerComparisonsAddrSuggestion {
+                left: l.span.shrink_to_hi(),
+                right: r.span.shrink_to_hi(),
+            },
+        },
+    );
+}
+
 impl<'tcx> LateLintPass<'tcx> for TypeLimits {
     fn check_expr(&mut self, cx: &LateContext<'tcx>, e: &'tcx hir::Expr<'tcx>) {
         match e.kind {
@@ -636,6 +718,7 @@ impl<'tcx> LateLintPass<'tcx> for TypeLimits {
                         cx.emit_spanned_lint(UNUSED_COMPARISONS, e.span, UnusedComparisons);
                     } else {
                         lint_nan(cx, e, binop, l, r);
+                        lint_fat_pointer(cx, e, binop, l, r);
                     }
                 }
             }

tests/ui/lint/fat_pointer_comparisons.rs

@@ -0,0 +1,52 @@
+// check-pass
+
+use std::rc::Rc;
+use std::sync::Arc;
+
+struct A;
+struct B;
+
+trait T {}
+impl T for A {}
+impl T for B {}
+
+fn main() {
+    let ab = (A, B);
+    let a = &ab.0 as *const dyn T;
+    let b = &ab.1 as *const dyn T;
+
+    let _ = a == b;
+    //~^ WARN unclear fat pointer comparison
+    let _ = a != b;
+    //~^ WARN unclear fat pointer comparison
+    let _ = a < b;
+    //~^ WARN unclear fat pointer comparison
+    let _ = a <= b;
+    //~^ WARN unclear fat pointer comparison
+    let _ = a > b;
+    //~^ WARN unclear fat pointer comparison
+    let _ = a >= b;
+    //~^ WARN unclear fat pointer comparison
+
+    let s = "" as *const str;
+    let _ = s == s;
+    //~^ WARN unclear fat pointer comparison
+
+    let s = &[8, 7][..] as *const [i32];
+    let _ = s == s;
+    //~^ WARN unclear fat pointer comparison
+
+    fn cmp<T: ?Sized>(a: *mut T, b: *mut T) -> bool {
+        a == b
+        //~^ WARN unclear fat pointer comparison
+    }
+
+    let _ = std::ptr::eq(a, b);
+    let _ = a as *const () == b as *const ();
+
+    let a: Rc<dyn std::fmt::Debug> = Rc::new(1);
+    Rc::ptr_eq(&a, &a);
+
+    let a: Arc<dyn std::fmt::Debug> = Arc::new(1);
+    Arc::ptr_eq(&a, &a);
+}

tests/ui/lint/fat_pointer_comparisons.stderr

@@ -0,0 +1,122 @@
+warning: unclear fat pointer comparison, the comparison includes metadata which may not be expected
+  --> $DIR/fat_pointer_comparisons.rs:18:13
+   |
+LL |     let _ = a == b;
+   |             ^^^^^^
+   |
+   = note: `#[warn(unclear_fat_pointer_comparisons)]` on by default
+help: use explicit `std::ptr::eq` method to compare metadata and addresses
+   |
+LL |     let _ = std::ptr::eq(a, b);
+   |             +++++++++++++ ~  +
+help: use untyped pointers to only compare their addresses
+   |
+LL |     let _ = a as *const () == b as *const ();
+   |               ++++++++++++      ++++++++++++
+
+warning: unclear fat pointer comparison, the comparison includes metadata which may not be expected
+  --> $DIR/fat_pointer_comparisons.rs:20:13
+   |
+LL |     let _ = a != b;
+   |             ^^^^^^
+   |
+help: use explicit `std::ptr::eq` method to compare metadata and addresses
+   |
+LL |     let _ = !std::ptr::eq(a, b);
+   |             ++++++++++++++ ~  +
+help: use untyped pointers to only compare their addresses
+   |
+LL |     let _ = a as *const () != b as *const ();
+   |               ++++++++++++      ++++++++++++
+
+warning: unclear fat pointer comparison, the comparison includes metadata which may not be expected
+  --> $DIR/fat_pointer_comparisons.rs:22:13
+   |
+LL |     let _ = a < b;
+   |             ^^^^^
+   |
+help: use untyped pointers to only compare their addresses
+   |
+LL |     let _ = a as *const () < b as *const ();
+   |               ++++++++++++     ++++++++++++
+
+warning: unclear fat pointer comparison, the comparison includes metadata which may not be expected
+  --> $DIR/fat_pointer_comparisons.rs:24:13
+   |
+LL |     let _ = a <= b;
+   |             ^^^^^^
+   |
+help: use untyped pointers to only compare their addresses
+   |
+LL |     let _ = a as *const () <= b as *const ();
+   |               ++++++++++++      ++++++++++++
+
+warning: unclear fat pointer comparison, the comparison includes metadata which may not be expected
+  --> $DIR/fat_pointer_comparisons.rs:26:13
+   |
+LL |     let _ = a > b;
+   |             ^^^^^
+   |
+help: use untyped pointers to only compare their addresses
+   |
+LL |     let _ = a as *const () > b as *const ();
+   |               ++++++++++++     ++++++++++++
+
+warning: unclear fat pointer comparison, the comparison includes metadata which may not be expected
+  --> $DIR/fat_pointer_comparisons.rs:28:13
+   |
+LL |     let _ = a >= b;
+   |             ^^^^^^
+   |
+help: use untyped pointers to only compare their addresses
+   |
+LL |     let _ = a as *const () >= b as *const ();
+   |               ++++++++++++      ++++++++++++
+
+warning: unclear fat pointer comparison, the comparison includes metadata which may not be expected
+  --> $DIR/fat_pointer_comparisons.rs:32:13
+   |
+LL |     let _ = s == s;
+   |             ^^^^^^
+   |
+help: use explicit `std::ptr::eq` method to compare metadata and addresses
+   |
+LL |     let _ = std::ptr::eq(s, s);
+   |             +++++++++++++ ~  +
+help: use untyped pointers to only compare their addresses
+   |
+LL |     let _ = s as *const () == s as *const ();
+   |               ++++++++++++      ++++++++++++
+
+warning: unclear fat pointer comparison, the comparison includes metadata which may not be expected
+  --> $DIR/fat_pointer_comparisons.rs:36:13
+   |
+LL |     let _ = s == s;
+   |             ^^^^^^
+   |
+help: use explicit `std::ptr::eq` method to compare metadata and addresses
+   |
+LL |     let _ = std::ptr::eq(s, s);
+   |             +++++++++++++ ~  +
+help: use untyped pointers to only compare their addresses
+   |
+LL |     let _ = s as *const () == s as *const ();
+   |               ++++++++++++      ++++++++++++
+
+warning: unclear fat pointer comparison, the comparison includes metadata which may not be expected
+  --> $DIR/fat_pointer_comparisons.rs:40:9
+   |
+LL |         a == b
+   |         ^^^^^^
+   |
+help: use explicit `std::ptr::eq` method to compare metadata and addresses
+   |
+LL |         std::ptr::eq(a, b)
+   |         +++++++++++++ ~  +
+help: use untyped pointers to only compare their addresses
+   |
+LL |         a as *const () == b as *const ()
+   |           ++++++++++++      ++++++++++++
+
+warning: 9 warnings emitted
+