Dubious improper_ctypes
firing on recursive non-local containment?
#116831
Labels
A-ffi
Area: Foreign Function Interface (FFI)
A-lint
Area: Lints (warnings about flaws in source code) such as unused_mut.
C-bug
Category: This is a bug.
L-improper_ctypes
Lint: improper_ctypes
T-compiler
Relevant to the compiler team, which will review and decide on the PR/issue.
T-lang
Relevant to the language team, which will review and decide on the PR/issue.
Bindgen allows you to create a "rustified non-exhaustive enum" from a C enum. This is used by pgrx-pg-sys for a specific C enum,
NodeTag
, becauserepr(Rust)
enum, it regularly changes the assigned values to its variants each version, requiring an extension to be built against a specific Postgres version.repr
to make sure it is the correct size, with#[non_exhaustive]
, so that people can write the same code and have it be robust against future Postgres versions (though I seriously doubt anyone is going to write a 400 variant match, but hey, we've seen weirder, sooo...).Unfortunately, it seems this can trigger the
improper_ctypes
lint if people add their own bindings against Postgres which mentionpgrx_pg_sys
's bound types, which they did not define the original bindings to, and which only recursively contains the improper ctype... i.e. they mentioned a pgrx-pg-sys-bound type, which is itself a pointer to a pgrx-pg-sys-bound type, that contains a pointer to another pgrx-pg-sys-bound type that itself contains the pgrx-pg-sys-bound enum.Naturally, they have no idea what the hell is going on, since the error doesn't even mention which field is the offender, or how recursively deep it is.
This disappears if I make it a "rustified enum" instead, which lacks
#[non_exhaustive]
. It seems some reasoning is being applied along the lines of, "Non-exhaustive means that it can become FFI-incompatible in the future due tofeature(arbitrary_enum_discriminant)
andfeature(really_tagged_unions)
, without breaking compat", when that has nothing to do with reality, and in fact I'm more trying to use it to encourage people to handle the C code correctly! And even if that was the case, the lint appears to be violating locality.I tried this code:
I got this:
I expected to not see a warning on types that weren't defined in the local crate, are de facto safe as argument types, and in any case are behind at least two pointers.
Meta
This repros on both stable and this nightly:
rustc --version --verbose
:The text was updated successfully, but these errors were encountered: