[WIP] Add lint for int to ptr cast#43339
Conversation
|
r? @arielb1 (rust_highfive has picked a reviewer for you, use r? to override) |
src/librustc_lint/builtin.rs
Outdated
| fn check_expr(&mut self, ctx: &LateContext, expr: &hir::Expr) { | ||
| if let hir::ExprCast(ref source, _) = expr.node { | ||
| match ctx.tables.cast_kinds.get(&source.id) { | ||
| Some(&CastKind::AddrPtrCast) => { |
There was a problem hiding this comment.
if let Some(&CastKind::AddrPtrCast) = ctx.tables.cast_kinds.get(&source.id) {
?
aidanhs
added
the
S-waiting-on-review
|
friendly ping @arielb1! |
|
This LGTM. Let's wait for the lang team meeting to see what we want for the message to be. |
| ctx.span_lint( | ||
| INT_TO_PTR_CAST, | ||
| expr.span, | ||
| "casting from a different-size integer to a pointer"); |
There was a problem hiding this comment.
The message is a placeholder, but I think "casting from a potentially non-pointer-sized integer to a pointer" would be better English.
|
While you're at it, how about linting the other direction as well (rust-lang/rfcs#1782)? |
|
@ollie27 I hadn't seen that RFC before, thanks for the link. It seems like these lints could interact with the portability lint (rust-lang/rfcs#1868) to have a different warning when the integer size matches the pointer. e.g: #[cfg(target_pointer_width = "32")]
fn bar(foo: *const u8) {
let x = foo as u32; // No warning
}
fn baz(foo: *const u8) {
let x = foo as u32; // warning: pointer cast is not portable ...
}This is becoming more complicated than I expected... |
|
I'd personally rather have a more broad lint now that doesn't take into account cfg portability stuff, and later it can be amended to take that stuff into account. |
alexcrichton
added
S-waiting-on-team
T-lang
|
According to #43339 (comment) I've tagged as T-lang and waiting on team |
|
Note to self: rebase on #43522 |
|
Lang team decided (#43291 (comment)) to lint first, maybe fix later. Will update after #43522. |
shepmaster
added
S-waiting-on-author
aidanhs
added
S-waiting-on-author
|
This looks like it's doing something very similar to #43641? (as noted in #43641 (review)) |
|
#43641 is specifically for casts from signed integer types smaller than |
|
There's some overlap between this and #43641. I think I'm just going to let that PR take over. If we change our minds about what cases we want to cover, we can edit that lint later on. |
11 participants
Fixes #42915
First commit adds the lint, the second commit fixes the lint warnings in the compiler on Windows. More sure to follow for other platforms.
[WIP] because we should wait for the decision about #43291 to determine what message we use. Specifically, if it's decided that those strange casts can't/won't be fixed, the message should warn that these casts don't sign-extend as expected unless you go through {u,i}size.
Edit: Also we should consider the interaction this lint can/should have with the portability lint RFC (unimplemented right now), and if it requires an RFC of its own like rust-lang/rfcs#1782. I hadn't considered that adding a lint would require an RFC.
If #43291 does get fixed, we may want this lint to only apply to {i,u}8 as those cases are much more likely to be bugs than false positives compared to the other integer types.
I should also probably add a
NOTE: try {expr} as usize as *const