Add new lint dangling_ptr

Author: aaron-ang

CHANGELOG.md

@@ -5501,6 +5501,7 @@ Released 2018-09-13
 [`create_dir`]: https://rust-lang.github.io/rust-clippy/master/index.html#create_dir
 [`crosspointer_transmute`]: https://rust-lang.github.io/rust-clippy/master/index.html#crosspointer_transmute
 [`cyclomatic_complexity`]: https://rust-lang.github.io/rust-clippy/master/index.html#cyclomatic_complexity
+[`dangling_ptr`]: https://rust-lang.github.io/rust-clippy/master/index.html#dangling_ptr
 [`dbg_macro`]: https://rust-lang.github.io/rust-clippy/master/index.html#dbg_macro
 [`debug_assert_with_mut_call`]: https://rust-lang.github.io/rust-clippy/master/index.html#debug_assert_with_mut_call
 [`decimal_literal_representation`]: https://rust-lang.github.io/rust-clippy/master/index.html#decimal_literal_representation

clippy_lints/src/casts/dangling_ptr.rs

@@ -0,0 +1,40 @@
+use clippy_utils::diagnostics::span_lint_and_sugg;
+use clippy_utils::source::SpanRangeExt;
+use clippy_utils::{expr_or_init, is_expr_const_aligned, std_or_core};
+use rustc_errors::Applicability;
+use rustc_hir::{Expr, Mutability, Ty, TyKind};
+use rustc_lint::LateContext;
+
+use super::DANGLING_PTR;
+
+pub(super) fn check(cx: &LateContext<'_>, expr: &Expr<'_>, from: &Expr<'_>, to: &Ty<'_>) {
+    if let TyKind::Ptr(ref mut_ty) = to.kind {
+        let init_expr = expr_or_init(cx, from);
+        if is_expr_const_aligned(cx, init_expr)
+            && let Some(std_or_core) = std_or_core(cx)
+        {
+            let sugg_fn = match mut_ty.mutbl {
+                Mutability::Not => "ptr::dangling",
+                Mutability::Mut => "ptr::dangling_mut",
+            };
+
+            let sugg = if let TyKind::Infer(()) = mut_ty.ty.kind {
+                format!("{std_or_core}::{sugg_fn}()")
+            } else if let Some(mut_ty_snip) = mut_ty.ty.span.get_source_text(cx) {
+                format!("{std_or_core}::{sugg_fn}::<{mut_ty_snip}>()")
+            } else {
+                return;
+            };
+
+            span_lint_and_sugg(
+                cx,
+                DANGLING_PTR,
+                expr.span,
+                "manual creation of a dangling pointer",
+                "try",
+                sugg,
+                Applicability::MachineApplicable,
+            );
+        }
+    }
+}

clippy_lints/src/casts/mod.rs

@@ -14,6 +14,7 @@ mod cast_sign_loss;
 mod cast_slice_different_sizes;
 mod cast_slice_from_raw_parts;
 mod char_lit_as_u8;
+mod dangling_ptr;
 mod fn_to_numeric_cast;
 mod fn_to_numeric_cast_any;
 mod fn_to_numeric_cast_with_truncation;
@@ -754,6 +755,30 @@ declare_clippy_lint! {
     "detects `as *mut _` and `as *const _` conversion"
 }
 
+declare_clippy_lint! {
+    /// ### What it does
+    /// Checks for casts from a positive integer literal to some pointer type
+    ///
+    /// ### Why is this bad?
+    /// This creates a pointer with no provenance which might cause incorrect compiler optimizations.
+    /// It is better expressed as {`std`, `core`}`::ptr::`{`dangling`, `dangling_mut`}.
+    ///
+    /// ### Example
+    /// ```no_run
+    /// let a = 4 as *const u32;
+    /// let b = std::mem::align_of::<u32>() as *const u32;
+    /// ```
+    /// Use instead:
+    /// ```no_run
+    /// let a = std::ptr::dangling::<u32>();
+    /// let b = std::ptr::dangling::<u32>();
+    /// ```
+    #[clippy::version = "1.86.0"]
+    pub DANGLING_PTR,
+    style,
+    "casting a positive integer literal to a pointer with no provenance"
+}
+
 pub struct Casts {
     msrv: Msrv,
 }
@@ -792,6 +817,7 @@ impl_lint_pass!(Casts => [
     ZERO_PTR,
     REF_AS_PTR,
     AS_POINTER_UNDERSCORE,
+    DANGLING_PTR,
 ]);
 
 impl<'tcx> LateLintPass<'tcx> for Casts {
@@ -820,6 +846,10 @@ impl<'tcx> LateLintPass<'tcx> for Casts {
             fn_to_numeric_cast_with_truncation::check(cx, expr, cast_from_expr, cast_from, cast_to);
             zero_ptr::check(cx, expr, cast_from_expr, cast_to_hir);
 
+            if self.msrv.meets(msrvs::DANGLING_PTR) {
+                dangling_ptr::check(cx, expr, cast_from_expr, cast_to_hir);
+            }
+
             if cast_to.is_numeric() {
                 cast_possible_truncation::check(cx, expr, cast_from_expr, cast_from, cast_to, cast_to_hir.span);
                 if cast_from.is_numeric() {

clippy_lints/src/declared_lints.rs

@@ -93,6 +93,7 @@ pub static LINTS: &[&crate::LintInfo] = &[
     crate::casts::CAST_SLICE_DIFFERENT_SIZES_INFO,
     crate::casts::CAST_SLICE_FROM_RAW_PARTS_INFO,
     crate::casts::CHAR_LIT_AS_U8_INFO,
+    crate::casts::DANGLING_PTR_INFO,
     crate::casts::FN_TO_NUMERIC_CAST_INFO,
     crate::casts::FN_TO_NUMERIC_CAST_ANY_INFO,
     crate::casts::FN_TO_NUMERIC_CAST_WITH_TRUNCATION_INFO,

clippy_utils/src/lib.rs

@@ -120,15 +120,17 @@ use rustc_middle::ty::{
     TyCtxt, TypeVisitableExt, UintTy, UpvarCapture,
 };
 use rustc_span::hygiene::{ExpnKind, MacroKind};
-use rustc_span::source_map::SourceMap;
+use rustc_span::source_map::{SourceMap, Spanned};
 use rustc_span::symbol::{Ident, Symbol, kw};
 use rustc_span::{InnerSpan, Span, sym};
 use rustc_target::abi::Integer;
 use visitors::{Visitable, for_each_unconsumed_temporary};
 
 use crate::consts::{ConstEvalCtxt, Constant, mir_to_const};
 use crate::higher::Range;
-use crate::ty::{adt_and_variant_of_res, can_partially_move_ty, expr_sig, is_copy, is_recursively_primitive_type};
+use crate::ty::{
+    adt_and_variant_of_res, can_partially_move_ty, expr_sig, is_copy, is_normalizable, is_recursively_primitive_type,
+};
 use crate::visitors::for_each_expr_without_closures;
 use rustc_middle::hir::nested_filter;
 
@@ -2226,6 +2228,44 @@ pub fn is_expr_used_or_unified(tcx: TyCtxt<'_>, expr: &Expr<'_>) -> bool {
     )
 }
 
+// Checks if the given expression is a call to `align_of`
+// or casting to a type with the same alignment
+pub fn is_expr_const_aligned(cx: &LateContext<'_>, expr: &Expr<'_>) -> bool {
+    match expr.kind {
+        ExprKind::Call(fun, _) => is_align_of_call(cx, fun, expr),
+        ExprKind::Lit(lit) => is_align_lit(cx, lit, expr),
+        _ => false,
+    }
+}
+
+fn is_align_of_call(cx: &LateContext<'_>, fun: &Expr<'_>, expr: &Expr<'_>) -> bool {
+    let ExprKind::Path(QPath::Resolved(None, path)) = fun.kind else {
+        return false;
+    };
+    let Some(args) = path.segments.last().and_then(|seg| seg.args) else {
+        return false;
+    };
+    let [hir::GenericArg::Type(ty)] = args.args else {
+        return false;
+    };
+    path_def_id(cx, fun).is_some_and(|id| {
+        let typeck = cx.typeck_results();
+        match_any_def_paths(cx, id, &[&paths::CORE_ALIGN_OF, &paths::STD_ALIGN_OF]).is_some()
+            && typeck.node_type(ty.hir_id) == typeck.expr_ty(expr)
+    })
+}
+
+fn is_align_lit(cx: &LateContext<'_>, lit: &Spanned<LitKind>, expr: &Expr<'_>) -> bool {
+    let LitKind::Int(val, _) = lit.node else { return false };
+    let ty = cx.typeck_results().expr_ty(expr);
+    if !is_normalizable(cx, cx.param_env, ty) {
+        return false;
+    }
+    cx.tcx
+        .layout_of(cx.typing_env().as_query_input(ty))
+        .is_ok_and(|layout| val == u128::from(layout.align.abi.bytes()))
+}
+
 /// Checks if the expression is the final expression returned from a block.
 pub fn is_expr_final_block_expr(tcx: TyCtxt<'_>, expr: &Expr<'_>) -> bool {
     matches!(tcx.parent_hir_node(expr.hir_id), Node::Block(..))

clippy_utils/src/msrvs.rs

@@ -19,7 +19,7 @@ macro_rules! msrv_aliases {
 
 // names may refer to stabilized feature flags or library items
 msrv_aliases! {
-    1,84,0 { CONST_OPTION_AS_SLICE }
+    1,84,0 { CONST_OPTION_AS_SLICE, DANGLING_PTR }
     1,83,0 { CONST_EXTERN_FN, CONST_FLOAT_BITS_CONV, CONST_FLOAT_CLASSIFY, CONST_MUT_REFS, CONST_UNWRAP }
     1,82,0 { IS_NONE_OR, REPEAT_N, RAW_REF_OP }
     1,81,0 { LINT_REASONS_STABILIZATION, ERROR_IN_CORE, EXPLICIT_SELF_TYPE_ELISION }

clippy_utils/src/paths.rs

@@ -35,6 +35,8 @@ pub const CHILD_KILL: [&str; 4] = ["std", "process", "Child", "kill"];
 pub const PANIC_ANY: [&str; 3] = ["std", "panic", "panic_any"];
 pub const CHAR_IS_ASCII: [&str; 5] = ["core", "char", "methods", "<impl char>", "is_ascii"];
 pub const STDIN: [&str; 4] = ["std", "io", "stdio", "Stdin"];
+pub const STD_ALIGN_OF: [&str; 3] = ["std", "mem", "align_of"];
+pub const CORE_ALIGN_OF: [&str; 3] = ["core", "mem", "align_of"];
 
 // Paths in clippy itself
 pub const MSRV: [&str; 3] = ["clippy_utils", "msrvs", "Msrv"];

tests/ui/dangling_ptr.fixed

@@ -0,0 +1,32 @@
+#![warn(clippy::dangling_ptr)]
+use std::mem;
+
+pub fn foo(_const: *const f32, _mut: *mut i64) {}
+
+fn main() {
+    let _ = std::ptr::dangling::<u32>();
+    let _ = std::ptr::dangling_mut::<f64>();
+    let _: *const u8 = std::ptr::dangling();
+
+    let _ = mem::align_of::<u32>() as u32;
+    let _ = mem::align_of::<u64>() as u64;
+
+    foo(std::ptr::dangling(), std::ptr::dangling_mut());
+
+    // should not lint
+    let _ = 1 as *const u32;
+    let _ = mem::align_of::<u32>() as u32;
+
+    foo(0 as _, 0 as _);
+}
+
+#[clippy::msrv = "1.83"]
+fn _msrv_1_83() {
+    // `{core, std}::ptr::dangling` was stabilized in 1.84. Do not lint this
+    foo(8 as *const _, 8 as *mut _);
+}
+
+#[clippy::msrv = "1.84"]
+fn _msrv_1_84() {
+    foo(std::ptr::dangling(), std::ptr::dangling_mut());
+}

tests/ui/dangling_ptr.rs

@@ -0,0 +1,32 @@
+#![warn(clippy::dangling_ptr)]
+use std::mem;
+
+pub fn foo(_const: *const f32, _mut: *mut i64) {}
+
+fn main() {
+    let _ = 8 as *const u32;
+    let _ = 8 as *mut f64;
+    let _: *const u8 = 8 as *const _;
+
+    let _ = mem::align_of::<u32>() as u32;
+    let _ = mem::align_of::<u64>() as u64;
+
+    foo(8 as *const _, 8 as *mut _);
+
+    // should not lint
+    let _ = 1 as *const u32;
+    let _ = mem::align_of::<u32>() as u32;
+
+    foo(0 as _, 0 as _);
+}
+
+#[clippy::msrv = "1.83"]
+fn _msrv_1_83() {
+    // `{core, std}::ptr::dangling` was stabilized in 1.84. Do not lint this
+    foo(8 as *const _, 8 as *mut _);
+}
+
+#[clippy::msrv = "1.84"]
+fn _msrv_1_84() {
+    foo(8 as *const _, 8 as *mut _);
+}

tests/ui/dangling_ptr.stderr

@@ -0,0 +1,47 @@
+error: manual creation of a dangling pointer
+  --> tests/ui/dangling_ptr.rs:7:13
+   |
+LL |     let _ = 8 as *const u32;
+   |             ^^^^^^^^^^^^^^^ help: try: `std::ptr::dangling::<u32>()`
+   |
+   = note: `-D clippy::dangling-ptr` implied by `-D warnings`
+   = help: to override `-D warnings` add `#[allow(clippy::dangling_ptr)]`
+
+error: manual creation of a dangling pointer
+  --> tests/ui/dangling_ptr.rs:8:13
+   |
+LL |     let _ = 8 as *mut f64;
+   |             ^^^^^^^^^^^^^ help: try: `std::ptr::dangling_mut::<f64>()`
+
+error: manual creation of a dangling pointer
+  --> tests/ui/dangling_ptr.rs:9:24
+   |
+LL |     let _: *const u8 = 8 as *const _;
+   |                        ^^^^^^^^^^^^^ help: try: `std::ptr::dangling()`
+
+error: manual creation of a dangling pointer
+  --> tests/ui/dangling_ptr.rs:14:9
+   |
+LL |     foo(8 as *const _, 8 as *mut _);
+   |         ^^^^^^^^^^^^^ help: try: `std::ptr::dangling()`
+
+error: manual creation of a dangling pointer
+  --> tests/ui/dangling_ptr.rs:14:24
+   |
+LL |     foo(8 as *const _, 8 as *mut _);
+   |                        ^^^^^^^^^^^ help: try: `std::ptr::dangling_mut()`
+
+error: manual creation of a dangling pointer
+  --> tests/ui/dangling_ptr.rs:31:9
+   |
+LL |     foo(8 as *const _, 8 as *mut _);
+   |         ^^^^^^^^^^^^^ help: try: `std::ptr::dangling()`
+
+error: manual creation of a dangling pointer
+  --> tests/ui/dangling_ptr.rs:31:24
+   |
+LL |     foo(8 as *const _, 8 as *mut _);
+   |                        ^^^^^^^^^^^ help: try: `std::ptr::dangling_mut()`
+
+error: aborting due to 7 previous errors
+

tests/ui/ptr_cast_constness.stderr

@@ -49,12 +49,16 @@ error: `as` casting to make a const null pointer into a mutable null pointer
 LL |     let _ = ptr::null::<String>() as *mut String;
    |             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ help: use `null_mut()` directly instead: `std::ptr::null_mut::<String>()`
 
+[clippy_utils/src/lib.rs:2251:5] typeck.node_type(generic_ty.hir_id) = std::string::String
+[clippy_utils/src/lib.rs:2252:5] typeck.expr_ty(expr) = *const std::string::String
 error: `as` casting to make a mutable null pointer into a const null pointer
   --> tests/ui/ptr_cast_constness.rs:76:13
    |
 LL |     let _ = ptr::null_mut::<u32>() as *const u32;
    |             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ help: use `null()` directly instead: `std::ptr::null::<u32>()`
 
+[clippy_utils/src/lib.rs:2251:5] typeck.node_type(generic_ty.hir_id) = u32
+[clippy_utils/src/lib.rs:2252:5] typeck.expr_ty(expr) = *mut u32
 error: changing constness of a null pointer
   --> tests/ui/ptr_cast_constness.rs:77:13
    |
@@ -75,6 +79,8 @@ LL |     let _ = inline!(ptr::null::<u32>() as *mut u32);
    |
    = note: this error originates in the macro `__inline_mac_fn_null_pointers` (in Nightly builds, run with -Z macro-backtrace for more info)
 
+[clippy_utils/src/lib.rs:2251:5] typeck.node_type(generic_ty.hir_id) = u32
+[clippy_utils/src/lib.rs:2252:5] typeck.expr_ty(expr) = *const u32
 error: changing constness of a null pointer
   --> tests/ui/ptr_cast_constness.rs:82:21
    |

tests/ui/transmute_null_to_fn.stderr

@@ -40,6 +40,8 @@ LL |         let _: fn() = std::mem::transmute(std::ptr::null::<()>() as *const
    |
    = help: try wrapping your function pointer type in `Option<T>` instead, and using `None` as a null pointer value
 
+[clippy_utils/src/lib.rs:2251:5] typeck.node_type(generic_ty.hir_id) = ()
+[clippy_utils/src/lib.rs:2252:5] typeck.expr_ty(expr) = *const ()
 error: transmuting a known null pointer into a function pointer
   --> tests/ui/transmute_null_to_fn.rs:34:23
    |

tests/ui/unnecessary_cast.stderr

@@ -79,6 +79,8 @@ error: casting raw pointers to the same type and constness is unnecessary (`*con
 LL |     owo::<u32>([1u32].as_ptr()) as *const u32;
    |     ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ help: try: `owo::<u32>([1u32].as_ptr())`
 
+[clippy_utils/src/lib.rs:2251:5] typeck.node_type(generic_ty.hir_id) = u32
+[clippy_utils/src/lib.rs:2252:5] typeck.expr_ty(expr) = *const u32
 error: casting raw pointers to the same type and constness is unnecessary (`*const u8` -> `*const u8`)
   --> tests/ui/unnecessary_cast.rs:81:5
    |