ImproperCTypes: change handling of slices

correctly handle !Sized arrays at the tail-end of structs
and a cosmetic change to the array/slice-related lints,

Author: niacdoial

compiler/rustc_lint/messages.ftl

@@ -393,8 +393,7 @@ lint_improper_ctypes_only_phantomdata = composed only of `PhantomData`
 
 lint_improper_ctypes_opaque = opaque types have no C equivalent
 
-lint_improper_ctypes_slice_help = consider using a raw pointer instead
-
+lint_improper_ctypes_slice_help = consider using a raw pointer to the slice's first element (and a length) instead
 lint_improper_ctypes_slice_reason = slices have no C equivalent
 
 lint_improper_ctypes_str_help = consider using `*const u8` and a length instead

compiler/rustc_lint/src/types/improper_ctypes.rs

@@ -454,6 +454,15 @@ impl VisitorState {
         }
     }
 
+    /// Whether the type is used in a static variable.
+    fn is_in_static(self) -> bool {
+        let ret = (self & Self::STATIC) != Self::None;
+        if ret {
+            assert!((self & Self::FUNC) == Self::None);
+        }
+        ret
+    }
+
     /// Whether the type is used in a function.
     fn is_in_function(self) -> bool {
         let ret = (self & Self::FUNC) != Self::None;
@@ -1030,11 +1039,30 @@ impl<'a, 'tcx> ImproperCTypesVisitor<'a, 'tcx> {
             // Primitive types with a stable representation.
             ty::Bool => FfiSafe,
 
-            ty::Slice(_) => FfiResult::new_with_reason(
-                ty,
-                fluent::lint_improper_ctypes_slice_reason,
-                Some(fluent::lint_improper_ctypes_slice_help),
-            ),
+            ty::Slice(inner_ty) => {
+                // ty::Slice is used for !Sized arrays, since they are the pointee for actual slices
+                let slice_is_actually_array = match outer_ty.map(|ty| ty.kind()) {
+                    None => state.is_in_static(),
+                    // this should have been caught a layer up, in visit_indirection
+                    Some(ty::Ref(..) | ty::RawPtr(..)) => false,
+                    Some(ty::Adt(..)) => ty.boxed_ty().is_none(),
+                    Some(ty::Tuple(..)) => true,
+                    Some(ty::FnPtr(..)) => false,
+                    // this is supposed to cause a compile error that prevents this lint
+                    // from being reached, but oh well
+                    Some(ty::Array(..) | ty::Slice(_)) => true,
+                    Some(ty @ _) => bug!("unexpected ty_kind around a slice: {:?}", ty),
+                };
+                if slice_is_actually_array {
+                    self.visit_type(state, Some(ty), inner_ty)
+                } else {
+                    FfiResult::new_with_reason(
+                        ty,
+                        fluent::lint_improper_ctypes_slice_reason,
+                        Some(fluent::lint_improper_ctypes_slice_help),
+                    )
+                }
+            }
 
             ty::Dynamic(..) => {
                 FfiResult::new_with_reason(ty, fluent::lint_improper_ctypes_dyn, None)
@@ -1090,7 +1118,9 @@ impl<'a, 'tcx> ImproperCTypesVisitor<'a, 'tcx> {
             }
 
             ty::Array(inner_ty, _) => {
-                if state.is_in_function() && matches!(outer_ty.map(|ty| ty.kind()), None) {
+                if state.is_in_function()
+                    && matches!(outer_ty.map(|ty| ty.kind()), None | Some(ty::FnPtr(..)))
+                {
                     // C doesn't really support passing arrays by value - the only way to pass an array by value
                     // is through a struct.
                     FfiResult::new_with_reason(

tests/ui/lint/extern-C-fnptr-lints-slices.stderr

@@ -5,7 +5,7 @@ LL | pub type F = extern "C" fn(&[u8]);
    |              ^^^^^^^^^^^^^^^^^^^^ not FFI-safe
    |
    = note: the function pointer to `for<'a> extern "C" fn(&'a [u8])` is FFI-unsafe due to `&[u8]`
-   = help: consider using a raw pointer instead
+   = help: consider using a raw pointer to the slice's first element (and a length) instead
    = note: this reference to an unsized type contains metadata, which makes it incompatible with a C pointer
 note: the lint level is defined here
   --> $DIR/extern-C-fnptr-lints-slices.rs:1:8

tests/ui/lint/improper_ctypes/lint-94223.stderr

@@ -5,7 +5,7 @@ LL | pub fn bad(f: extern "C" fn([u8])) {}
    |               ^^^^^^^^^^^^^^^^^^^ not FFI-safe
    |
    = note: the function pointer to `extern "C" fn([u8])` is FFI-unsafe due to `[u8]`
-   = help: consider using a raw pointer instead
+   = help: consider using a raw pointer to the slice's first element (and a length) instead
    = note: slices have no C equivalent
 note: the lint level is defined here
   --> $DIR/lint-94223.rs:2:36
@@ -20,7 +20,7 @@ LL | pub fn bad_twice(f: Result<extern "C" fn([u8]), extern "C" fn([u8])>) {}
    |                            ^^^^^^^^^^^^^^^^^^^ not FFI-safe
    |
    = note: the function pointer to `extern "C" fn([u8])` is FFI-unsafe due to `[u8]`
-   = help: consider using a raw pointer instead
+   = help: consider using a raw pointer to the slice's first element (and a length) instead
    = note: slices have no C equivalent
 
 error: `extern` callback uses type `[u8]`, which is not FFI-safe
@@ -30,7 +30,7 @@ LL | pub fn bad_twice(f: Result<extern "C" fn([u8]), extern "C" fn([u8])>) {}
    |                                                 ^^^^^^^^^^^^^^^^^^^ not FFI-safe
    |
    = note: the function pointer to `extern "C" fn([u8])` is FFI-unsafe due to `[u8]`
-   = help: consider using a raw pointer instead
+   = help: consider using a raw pointer to the slice's first element (and a length) instead
    = note: slices have no C equivalent
 
 error: `extern` callback uses type `[u8]`, which is not FFI-safe
@@ -40,7 +40,7 @@ LL | struct BadStruct(extern "C" fn([u8]));
    |                  ^^^^^^^^^^^^^^^^^^^ not FFI-safe
    |
    = note: the function pointer to `extern "C" fn([u8])` is FFI-unsafe due to `[u8]`
-   = help: consider using a raw pointer instead
+   = help: consider using a raw pointer to the slice's first element (and a length) instead
    = note: slices have no C equivalent
 
 error: `extern` callback uses type `[u8]`, which is not FFI-safe
@@ -50,7 +50,7 @@ LL |     A(extern "C" fn([u8])),
    |       ^^^^^^^^^^^^^^^^^^^ not FFI-safe
    |
    = note: the function pointer to `extern "C" fn([u8])` is FFI-unsafe due to `[u8]`
-   = help: consider using a raw pointer instead
+   = help: consider using a raw pointer to the slice's first element (and a length) instead
    = note: slices have no C equivalent
 
 error: `extern` callback uses type `[u8]`, which is not FFI-safe
@@ -60,7 +60,7 @@ LL |     A(extern "C" fn([u8])),
    |       ^^^^^^^^^^^^^^^^^^^ not FFI-safe
    |
    = note: the function pointer to `extern "C" fn([u8])` is FFI-unsafe due to `[u8]`
-   = help: consider using a raw pointer instead
+   = help: consider using a raw pointer to the slice's first element (and a length) instead
    = note: slices have no C equivalent
 
 error: `extern` callback uses type `[u8]`, which is not FFI-safe
@@ -70,7 +70,7 @@ LL | type Foo = extern "C" fn([u8]);
    |            ^^^^^^^^^^^^^^^^^^^ not FFI-safe
    |
    = note: the function pointer to `extern "C" fn([u8])` is FFI-unsafe due to `[u8]`
-   = help: consider using a raw pointer instead
+   = help: consider using a raw pointer to the slice's first element (and a length) instead
    = note: slices have no C equivalent
 
 error: `extern` callback uses type `Option<&<T as FooTrait>::FooType>`, which is not FFI-safe

tests/ui/lint/improper_ctypes/lint-ctypes.stderr

@@ -4,7 +4,7 @@ error: `extern` block uses type `&[u32]`, which is not FFI-safe
 LL |     pub fn slice_type(p: &[u32]);
    |                          ^^^^^^ not FFI-safe
    |
-   = help: consider using a raw pointer instead
+   = help: consider using a raw pointer to the slice's first element (and a length) instead
    = note: this reference to an unsized type contains metadata, which makes it incompatible with a C pointer
 note: the lint level is defined here
   --> $DIR/lint-ctypes.rs:5:9
@@ -170,7 +170,7 @@ note: the type is defined here
    |
 LL | pub struct TwoBadTypes<'a> {
    | ^^^^^^^^^^^^^^^^^^^^^^^^^^
-   = help: consider using a raw pointer instead
+   = help: consider using a raw pointer to the slice's first element (and a length) instead
    = note: this reference to an unsized type contains metadata, which makes it incompatible with a C pointer
 
 error: `extern` block uses type `&UnsizedStructBecauseDyn`, which is not FFI-safe

tests/ui/lint/improper_ctypes/lint-fn.stderr

@@ -19,7 +19,7 @@ error: `extern` fn uses type `&[u32]`, which is not FFI-safe
 LL | pub extern "C" fn slice_type(p: &[u32]) { }
    |                                 ^^^^^^ not FFI-safe
    |
-   = help: consider using a raw pointer instead
+   = help: consider using a raw pointer to the slice's first element (and a length) instead
    = note: this reference to an unsized type contains metadata, which makes it incompatible with a C pointer
 note: the lint level is defined here
   --> $DIR/lint-fn.rs:2:31
@@ -42,7 +42,7 @@ error: `extern` fn uses type `Box<[u8]>`, which is not FFI-safe
 LL | pub extern "C" fn boxed_slice(p: Box<[u8]>) { }
    |                                  ^^^^^^^^^ not FFI-safe
    |
-   = help: consider using a raw pointer instead
+   = help: consider using a raw pointer to the slice's first element (and a length) instead
    = note: this box for an unsized type contains metadata, which makes it incompatible with a C pointer
 
 error: `extern` fn uses type `Box<str>`, which is not FFI-safe