Add warn-by-default lint against unpredictable fn pointer comparisons

Author: Urgau

compiler/rustc_lint/messages.ftl

@@ -538,6 +538,10 @@ lint_unknown_lint =
 lint_unknown_tool_in_scoped_lint = unknown tool name `{$tool_name}` found in scoped lint: `{$tool_name}::{$lint_name}`
     .help = add `#![register_tool({$tool_name})]` to the crate root
 
+lint_unpredictable_fn_pointer_comparisons = function pointer comparisons do not produce meaningful results since their addresses are not guaranteed to be unique
+    .note_foreign_fn = even foreign function pointers are not guaranteed to be unique and could vary between different code generation units
+    .note_deduplicated_fn = furthermore different functions could have the same address after being merged together
+
 lint_unsupported_group = `{$lint_group}` lint group is not supported with ´--force-warn´
 
 lint_untranslatable_diag = diagnostics should be created using translatable messages

compiler/rustc_lint/src/lints.rs

@@ -1644,6 +1644,12 @@ pub enum AmbiguousWidePointerComparisonsAddrSuggestion<'a> {
     },
 }
 
+#[derive(LintDiagnostic)]
+#[diag(lint_unpredictable_fn_pointer_comparisons)]
+#[note(lint_note_foreign_fn)]
+#[note(lint_note_deduplicated_fn)]
+pub struct UnpredictableFunctionPointerComparisons;
+
 pub struct ImproperCTypes<'a> {
     pub ty: Ty<'a>,
     pub desc: &'a str,

compiler/rustc_lint/src/types.rs

@@ -7,7 +7,8 @@ use crate::{
         InvalidNanComparisonsSuggestion, OnlyCastu8ToChar, OverflowingBinHex,
         OverflowingBinHexSign, OverflowingBinHexSignBitSub, OverflowingBinHexSub, OverflowingInt,
         OverflowingIntHelp, OverflowingLiteral, OverflowingUInt, RangeEndpointOutOfRange,
-        UnusedComparisons, UseInclusiveRange, VariantSizeDifferencesDiag,
+        UnpredictableFunctionPointerComparisons, UnusedComparisons, UseInclusiveRange,
+        VariantSizeDifferencesDiag,
     },
 };
 use crate::{LateContext, LateLintPass, LintContext};
@@ -169,6 +170,32 @@ declare_lint! {
     "detects ambiguous wide pointer comparisons"
 }
 
+declare_lint! {
+    /// The `unpredictable_function_pointer_comparisons` lint checks comparison
+    /// of function pointer as the operands.
+    ///
+    /// ### Example
+    ///
+    /// ```rust
+    /// fn foo() {}
+    /// # let a = foo as fn();
+    ///
+    /// let _ = a == foo;
+    /// ```
+    ///
+    /// {{produces}}
+    ///
+    /// ### Explanation
+    ///
+    /// Function pointers comparisons do not produce meaningful result since
+    /// they are never guaranteed to be unique and could vary between different
+    /// code generation units. Furthermore different functions could have the
+    /// same address after being merged together.
+    UNPREDICTABLE_FUNCTION_POINTER_COMPARISONS,
+    Warn,
+    "detects unpredictable function pointer comparisons"
+}
+
 #[derive(Copy, Clone)]
 pub struct TypeLimits {
     /// Id of the last visited negated expression
@@ -181,7 +208,8 @@ impl_lint_pass!(TypeLimits => [
     UNUSED_COMPARISONS,
     OVERFLOWING_LITERALS,
     INVALID_NAN_COMPARISONS,
-    AMBIGUOUS_WIDE_POINTER_COMPARISONS
+    AMBIGUOUS_WIDE_POINTER_COMPARISONS,
+    UNPREDICTABLE_FUNCTION_POINTER_COMPARISONS
 ]);
 
 impl TypeLimits {
@@ -758,6 +786,30 @@ fn lint_wide_pointer<'tcx>(
     );
 }
 
+fn lint_fn_pointer<'tcx>(
+    cx: &LateContext<'tcx>,
+    e: &'tcx hir::Expr<'tcx>,
+    _binop: hir::BinOpKind,
+    l: &'tcx hir::Expr<'tcx>,
+    r: &'tcx hir::Expr<'tcx>,
+) {
+    let Some(l_ty) = cx.typeck_results().expr_ty_opt(l) else { return };
+    let Some(r_ty) = cx.typeck_results().expr_ty_opt(r) else { return };
+
+    let l_ty = l_ty.peel_refs();
+    let r_ty = r_ty.peel_refs();
+
+    if !l_ty.is_fn() || !r_ty.is_fn() {
+        return;
+    }
+
+    cx.emit_spanned_lint(
+        UNPREDICTABLE_FUNCTION_POINTER_COMPARISONS,
+        e.span,
+        UnpredictableFunctionPointerComparisons,
+    );
+}
+
 impl<'tcx> LateLintPass<'tcx> for TypeLimits {
     fn check_expr(&mut self, cx: &LateContext<'tcx>, e: &'tcx hir::Expr<'tcx>) {
         match e.kind {
@@ -775,6 +827,7 @@ impl<'tcx> LateLintPass<'tcx> for TypeLimits {
                     } else {
                         lint_nan(cx, e, binop, l, r);
                         lint_wide_pointer(cx, e, binop.node, l, r);
+                        lint_fn_pointer(cx, e, binop.node, l, r);
                     }
                 }
             }
@@ -786,13 +839,15 @@ impl<'tcx> LateLintPass<'tcx> for TypeLimits {
                     && let Some(binop) = partialeq_binop(diag_item) =>
             {
                 lint_wide_pointer(cx, e, binop, l, r);
+                lint_fn_pointer(cx, e, binop, l, r);
             }
             hir::ExprKind::MethodCall(_, l, [r], _)
                 if let Some(def_id) = cx.typeck_results().type_dependent_def_id(e.hir_id)
                     && let Some(diag_item) = cx.tcx.get_diagnostic_name(def_id)
                     && let Some(binop) = partialeq_binop(diag_item) =>
             {
                 lint_wide_pointer(cx, e, binop, l, r);
+                lint_fn_pointer(cx, e, binop, l, r);
             }
             _ => {}
         };

tests/ui/lint/fn-ptr-comparisons.rs

@@ -0,0 +1,34 @@
+// check-pass
+
+extern "C" {
+    fn test();
+}
+
+fn a() {}
+
+extern "C" fn c() {}
+
+fn main() {
+    type F = fn();
+    let f: F = a;
+    let g: F = f;
+
+    let _ = f == a;
+    //~^ WARN function pointer comparisons
+    let _ = f != a;
+    //~^ WARN function pointer comparisons
+    let _ = f == g;
+    //~^ WARN function pointer comparisons
+    let _ = f == f;
+    //~^ WARN function pointer comparisons
+    let _ = g == g;
+    //~^ WARN function pointer comparisons
+
+    let cfn: extern "C" fn() = c;
+    let _ = cfn == c;
+    //~^ WARN function pointer comparisons
+
+    let t: unsafe extern "C" fn() = test;
+    let _ = t == test;
+    //~^ WARN function pointer comparisons
+}

tests/ui/lint/fn-ptr-comparisons.stderr

@@ -0,0 +1,66 @@
+warning: function pointer comparisons do not produce meaningful results since their addresses are not guaranteed to be unique
+  --> $DIR/fn-ptr-comparisons.rs:16:13
+   |
+LL |     let _ = f == a;
+   |             ^^^^^^
+   |
+   = note: even foreign function pointers are not guaranteed to be unique and could vary between different code generation units
+   = note: furthermore different functions could have the same address after being merged together
+   = note: `#[warn(unpredictable_function_pointer_comparisons)]` on by default
+
+warning: function pointer comparisons do not produce meaningful results since their addresses are not guaranteed to be unique
+  --> $DIR/fn-ptr-comparisons.rs:18:13
+   |
+LL |     let _ = f != a;
+   |             ^^^^^^
+   |
+   = note: even foreign function pointers are not guaranteed to be unique and could vary between different code generation units
+   = note: furthermore different functions could have the same address after being merged together
+
+warning: function pointer comparisons do not produce meaningful results since their addresses are not guaranteed to be unique
+  --> $DIR/fn-ptr-comparisons.rs:20:13
+   |
+LL |     let _ = f == g;
+   |             ^^^^^^
+   |
+   = note: even foreign function pointers are not guaranteed to be unique and could vary between different code generation units
+   = note: furthermore different functions could have the same address after being merged together
+
+warning: function pointer comparisons do not produce meaningful results since their addresses are not guaranteed to be unique
+  --> $DIR/fn-ptr-comparisons.rs:22:13
+   |
+LL |     let _ = f == f;
+   |             ^^^^^^
+   |
+   = note: even foreign function pointers are not guaranteed to be unique and could vary between different code generation units
+   = note: furthermore different functions could have the same address after being merged together
+
+warning: function pointer comparisons do not produce meaningful results since their addresses are not guaranteed to be unique
+  --> $DIR/fn-ptr-comparisons.rs:24:13
+   |
+LL |     let _ = g == g;
+   |             ^^^^^^
+   |
+   = note: even foreign function pointers are not guaranteed to be unique and could vary between different code generation units
+   = note: furthermore different functions could have the same address after being merged together
+
+warning: function pointer comparisons do not produce meaningful results since their addresses are not guaranteed to be unique
+  --> $DIR/fn-ptr-comparisons.rs:28:13
+   |
+LL |     let _ = cfn == c;
+   |             ^^^^^^^^
+   |
+   = note: even foreign function pointers are not guaranteed to be unique and could vary between different code generation units
+   = note: furthermore different functions could have the same address after being merged together
+
+warning: function pointer comparisons do not produce meaningful results since their addresses are not guaranteed to be unique
+  --> $DIR/fn-ptr-comparisons.rs:32:13
+   |
+LL |     let _ = t == test;
+   |             ^^^^^^^^^
+   |
+   = note: even foreign function pointers are not guaranteed to be unique and could vary between different code generation units
+   = note: furthermore different functions could have the same address after being merged together
+
+warning: 7 warnings emitted
+