Ensure careful consideration is given by impls

eggyal · eggyal · commit 0e73e7095ae7 · 2024-06-22T07:17:02.000+01:00
Added an associated `const THIS_IMPLEMENTATION_HAS_BEEN_TRIPLE_CHECKED`
to the `StableOrd` trait to ensure that implementors carefully consider
whether the trait's contract is upheld, as incorrect implementations can
cause miscompilations.
diff --git a/compiler/rustc_abi/src/lib.rs b/compiler/rustc_abi/src/lib.rs
@@ -425,11 +425,13 @@ pub struct Size {
     raw: u64,
 }
 
-// Ord is implement as just comparing numerical values and numerical values
-// are not changed by (de-)serialization.
 #[cfg(feature = "nightly")]
 impl StableOrd for Size {
     const CAN_USE_UNSTABLE_SORT: bool = true;
+
+    // `Ord` is implemented as just comparing numerical values and numerical values
+    // are not changed by (de-)serialization.
+    const THIS_IMPLEMENTATION_HAS_BEEN_TRIPLE_CHECKED: () = ();
 }
 
 // This is debug-printed a lot in larger structs, don't waste too much space there
diff --git a/compiler/rustc_data_structures/src/stable_hasher.rs b/compiler/rustc_data_structures/src/stable_hasher.rs
@@ -238,15 +238,21 @@ pub trait ToStableHashKey<HCX> {
 /// The associated constant `CAN_USE_UNSTABLE_SORT` denotes whether
 /// unstable sorting can be used for this type. Set to true if and
 /// only if `a == b` implies `a` and `b` are fully indistinguishable.
-///
-/// **Be careful when implementing this trait, as an incorrect
-/// implementation can cause miscompilation!**
 pub trait StableOrd: Ord {
     const CAN_USE_UNSTABLE_SORT: bool;
+
+    /// Marker to ensure that implementors have carefully considered
+    /// whether their `Ord` implementation obeys this trait's contract.
+    const THIS_IMPLEMENTATION_HAS_BEEN_TRIPLE_CHECKED: ();
 }
 
 impl<T: StableOrd> StableOrd for &T {
     const CAN_USE_UNSTABLE_SORT: bool = T::CAN_USE_UNSTABLE_SORT;
+
+    // Ordering of a reference is exactly that of the referent, and since
+    // the ordering of the referet is stable so must be the ordering of the
+    // reference.
+    const THIS_IMPLEMENTATION_HAS_BEEN_TRIPLE_CHECKED: () = ();
 }
 
 /// This is a companion trait to `StableOrd`. Some types like `Symbol` can be
@@ -295,6 +301,10 @@ macro_rules! impl_stable_traits_for_trivial_type {
 
         impl $crate::stable_hasher::StableOrd for $t {
             const CAN_USE_UNSTABLE_SORT: bool = true;
+
+            // Encoding and decoding doesn't change the bytes of trivial types
+            // and `Ord::cmp` depends only on those bytes.
+            const THIS_IMPLEMENTATION_HAS_BEEN_TRIPLE_CHECKED: () = ();
         }
     };
 }
@@ -332,6 +342,10 @@ impl<CTX> HashStable<CTX> for Hash128 {
 
 impl StableOrd for Hash128 {
     const CAN_USE_UNSTABLE_SORT: bool = true;
+
+    // Encoding and decoding doesn't change the bytes of `Hash128`
+    // and `Ord::cmp` depends only on those bytes.
+    const THIS_IMPLEMENTATION_HAS_BEEN_TRIPLE_CHECKED: () = ();
 }
 
 impl<CTX> HashStable<CTX> for ! {
@@ -397,6 +411,10 @@ impl<T1: HashStable<CTX>, T2: HashStable<CTX>, CTX> HashStable<CTX> for (T1, T2)
 
 impl<T1: StableOrd, T2: StableOrd> StableOrd for (T1, T2) {
     const CAN_USE_UNSTABLE_SORT: bool = T1::CAN_USE_UNSTABLE_SORT && T2::CAN_USE_UNSTABLE_SORT;
+
+    // Ordering of tuples is a pure function of their elements' ordering, and since
+    // the ordering of each element is stable so must be the ordering of the tuple.
+    const THIS_IMPLEMENTATION_HAS_BEEN_TRIPLE_CHECKED: () = ();
 }
 
 impl<T1, T2, T3, CTX> HashStable<CTX> for (T1, T2, T3)
@@ -416,6 +434,10 @@ where
 impl<T1: StableOrd, T2: StableOrd, T3: StableOrd> StableOrd for (T1, T2, T3) {
     const CAN_USE_UNSTABLE_SORT: bool =
         T1::CAN_USE_UNSTABLE_SORT && T2::CAN_USE_UNSTABLE_SORT && T3::CAN_USE_UNSTABLE_SORT;
+
+    // Ordering of tuples is a pure function of their elements' ordering, and since
+    // the ordering of each element is stable so must be the ordering of the tuple.
+    const THIS_IMPLEMENTATION_HAS_BEEN_TRIPLE_CHECKED: () = ();
 }
 
 impl<T1, T2, T3, T4, CTX> HashStable<CTX> for (T1, T2, T3, T4)
@@ -439,6 +461,10 @@ impl<T1: StableOrd, T2: StableOrd, T3: StableOrd, T4: StableOrd> StableOrd for (
         && T2::CAN_USE_UNSTABLE_SORT
         && T3::CAN_USE_UNSTABLE_SORT
         && T4::CAN_USE_UNSTABLE_SORT;
+
+    // Ordering of tuples is a pure function of their elements' ordering, and since
+    // the ordering of each element is stable so must be the ordering of the tuple.
+    const THIS_IMPLEMENTATION_HAS_BEEN_TRIPLE_CHECKED: () = ();
 }
 
 impl<T: HashStable<CTX>, CTX> HashStable<CTX> for [T] {
@@ -533,6 +559,10 @@ impl<CTX> HashStable<CTX> for str {
 
 impl StableOrd for &str {
     const CAN_USE_UNSTABLE_SORT: bool = true;
+
+    // Encoding and decoding doesn't change the bytes of string slices
+    // and `Ord::cmp` depends only on those bytes.
+    const THIS_IMPLEMENTATION_HAS_BEEN_TRIPLE_CHECKED: () = ();
 }
 
 impl<CTX> HashStable<CTX> for String {
@@ -542,10 +572,12 @@ impl<CTX> HashStable<CTX> for String {
     }
 }
 
-// String comparison only depends on their contents and the
-// contents are not changed by (de-)serialization.
 impl StableOrd for String {
     const CAN_USE_UNSTABLE_SORT: bool = true;
+
+    // String comparison only depends on their contents and the
+    // contents are not changed by (de-)serialization.
+    const THIS_IMPLEMENTATION_HAS_BEEN_TRIPLE_CHECKED: () = ();
 }
 
 impl<HCX> ToStableHashKey<HCX> for String {
@@ -571,9 +603,11 @@ impl<CTX> HashStable<CTX> for bool {
     }
 }
 
-// sort order of bools is not changed by (de-)serialization.
 impl StableOrd for bool {
     const CAN_USE_UNSTABLE_SORT: bool = true;
+
+    // sort order of bools is not changed by (de-)serialization.
+    const THIS_IMPLEMENTATION_HAS_BEEN_TRIPLE_CHECKED: () = ();
 }
 
 impl<T, CTX> HashStable<CTX> for Option<T>
@@ -591,9 +625,11 @@ where
     }
 }
 
-// the Option wrapper does not add instability to comparison.
 impl<T: StableOrd> StableOrd for Option<T> {
     const CAN_USE_UNSTABLE_SORT: bool = T::CAN_USE_UNSTABLE_SORT;
+
+    // the Option wrapper does not add instability to comparison.
+    const THIS_IMPLEMENTATION_HAS_BEEN_TRIPLE_CHECKED: () = ();
 }
 
 impl<T1, T2, CTX> HashStable<CTX> for Result<T1, T2>
diff --git a/compiler/rustc_hir/src/hir_id.rs b/compiler/rustc_hir/src/hir_id.rs
@@ -165,10 +165,12 @@ impl ItemLocalId {
     pub const INVALID: ItemLocalId = ItemLocalId::MAX;
 }
 
-// Ord is implement as just comparing the ItemLocalId's numerical
-// values and these are not changed by (de-)serialization.
 impl StableOrd for ItemLocalId {
     const CAN_USE_UNSTABLE_SORT: bool = true;
+
+    // `Ord` is implemented as just comparing the ItemLocalId's numerical
+    // values and these are not changed by (de-)serialization.
+    const THIS_IMPLEMENTATION_HAS_BEEN_TRIPLE_CHECKED: () = ();
 }
 
 /// The `HirId` corresponding to `CRATE_NODE_ID` and `CRATE_DEF_ID`.
diff --git a/compiler/rustc_query_system/src/dep_graph/dep_node.rs b/compiler/rustc_query_system/src/dep_graph/dep_node.rs
@@ -304,6 +304,9 @@ impl<HCX> ToStableHashKey<HCX> for WorkProductId {
 impl StableOrd for WorkProductId {
     // Fingerprint can use unstable (just a tuple of `u64`s), so WorkProductId can as well
     const CAN_USE_UNSTABLE_SORT: bool = true;
+
+    // `WorkProductId` sort order is not affected by (de)serialization.
+    const THIS_IMPLEMENTATION_HAS_BEEN_TRIPLE_CHECKED: () = ();
 }
 
 // Some types are used a lot. Make sure they don't unintentionally get bigger.
diff --git a/compiler/rustc_session/src/config.rs b/compiler/rustc_session/src/config.rs
@@ -491,9 +491,11 @@ pub enum OutputType {
     DepInfo,
 }
 
-// Trivial C-Style enums have a stable sort order across compilation sessions.
 impl StableOrd for OutputType {
     const CAN_USE_UNSTABLE_SORT: bool = true;
+
+    // Trivial C-Style enums have a stable sort order across compilation sessions.
+    const THIS_IMPLEMENTATION_HAS_BEEN_TRIPLE_CHECKED: () = ();
 }
 
 impl<HCX: HashStableContext> ToStableHashKey<HCX> for OutputType {
diff --git a/compiler/rustc_span/src/def_id.rs b/compiler/rustc_span/src/def_id.rs
@@ -120,9 +120,11 @@ impl Default for DefPathHash {
     }
 }
 
-// `DefPathHash` sort order is not affected (de)serialization.
 impl StableOrd for DefPathHash {
     const CAN_USE_UNSTABLE_SORT: bool = true;
+
+    // `DefPathHash` sort order is not affected by (de)serialization.
+    const THIS_IMPLEMENTATION_HAS_BEEN_TRIPLE_CHECKED: () = ();
 }
 
 /// A [`StableCrateId`] is a 64-bit hash of a crate name, together with all

Original file line number	Diff line number	Diff line change
`@@ -425,11 +425,13 @@ pub struct Size {`
`425`	`425`	`raw: u64,`
`426`	`426`	`}`
`427`	`427`
`428`		`-// Ord is implement as just comparing numerical values and numerical values`
`429`		`-// are not changed by (de-)serialization.`
`430`	`428`	`#[cfg(feature = "nightly")]`
`431`	`429`	`impl StableOrd for Size {`
`432`	`430`	`const CAN_USE_UNSTABLE_SORT: bool = true;`
	`431`	`+`
	`432`	+ // `Ord` is implemented as just comparing numerical values and numerical values
	`433`	`+ // are not changed by (de-)serialization.`
	`434`	`+ const THIS_IMPLEMENTATION_HAS_BEEN_TRIPLE_CHECKED: () = ();`
`433`	`435`	`}`
`434`	`436`
`435`	`437`	`// This is debug-printed a lot in larger structs, don't waste too much space there`
Original file line number	Diff line number	Diff line change
`@@ -165,10 +165,12 @@ impl ItemLocalId {`
`165`	`165`	`pub const INVALID: ItemLocalId = ItemLocalId::MAX;`
`166`	`166`	`}`
`167`	`167`
`168`		`-// Ord is implement as just comparing the ItemLocalId's numerical`
`169`		`-// values and these are not changed by (de-)serialization.`
`170`	`168`	`impl StableOrd for ItemLocalId {`
`171`	`169`	`const CAN_USE_UNSTABLE_SORT: bool = true;`
	`170`	`+`
	`171`	+ // `Ord` is implemented as just comparing the ItemLocalId's numerical
	`172`	`+ // values and these are not changed by (de-)serialization.`
	`173`	`+ const THIS_IMPLEMENTATION_HAS_BEEN_TRIPLE_CHECKED: () = ();`
`172`	`174`	`}`
`173`	`175`
`174`	`176`	/// The `HirId` corresponding to `CRATE_NODE_ID` and `CRATE_DEF_ID`.
Original file line number	Diff line number	Diff line change
`@@ -304,6 +304,9 @@ impl<HCX> ToStableHashKey<HCX> for WorkProductId {`
`304`	`304`	`impl StableOrd for WorkProductId {`
`305`	`305`	// Fingerprint can use unstable (just a tuple of `u64`s), so WorkProductId can as well
`306`	`306`	`const CAN_USE_UNSTABLE_SORT: bool = true;`
	`307`	`+`
	`308`	+ // `WorkProductId` sort order is not affected by (de)serialization.
	`309`	`+ const THIS_IMPLEMENTATION_HAS_BEEN_TRIPLE_CHECKED: () = ();`
`307`	`310`	`}`
`308`	`311`
`309`	`312`	`// Some types are used a lot. Make sure they don't unintentionally get bigger.`
Original file line number	Diff line number	Diff line change
`@@ -491,9 +491,11 @@ pub enum OutputType {`
`491`	`491`	`DepInfo,`
`492`	`492`	`}`
`493`	`493`
`494`		`-// Trivial C-Style enums have a stable sort order across compilation sessions.`
`495`	`494`	`impl StableOrd for OutputType {`
`496`	`495`	`const CAN_USE_UNSTABLE_SORT: bool = true;`
	`496`	`+`
	`497`	`+ // Trivial C-Style enums have a stable sort order across compilation sessions.`
	`498`	`+ const THIS_IMPLEMENTATION_HAS_BEEN_TRIPLE_CHECKED: () = ();`
`497`	`499`	`}`
`498`	`500`
`499`	`501`	`impl<HCX: HashStableContext> ToStableHashKey<HCX> for OutputType {`
Original file line number	Diff line number	Diff line change
`@@ -120,9 +120,11 @@ impl Default for DefPathHash {`
`120`	`120`	`}`
`121`	`121`	`}`
`122`	`122`
`123`		-// `DefPathHash` sort order is not affected (de)serialization.
`124`	`123`	`impl StableOrd for DefPathHash {`
`125`	`124`	`const CAN_USE_UNSTABLE_SORT: bool = true;`
	`125`	`+`
	`126`	+ // `DefPathHash` sort order is not affected by (de)serialization.
	`127`	`+ const THIS_IMPLEMENTATION_HAS_BEEN_TRIPLE_CHECKED: () = ();`
`126`	`128`	`}`
`127`	`129`
`128`	`130`	/// A [`StableCrateId`] is a 64-bit hash of a crate name, together with all