Auto merge of #119220 - Urgau:uplift-invalid_null_ptr_usage, r=fee1-dead
Uplift `clippy::invalid_null_ptr_usage` lint as `invalid_null_arguments` This PR aims at uplifting the `clippy::invalid_null_ptr_usage` lint into rustc, this is similar to the [`clippy::invalid_utf8_in_unchecked` uplift](https://github.com/rust-lang/rust/pull/111543) a few months ago, in the sense that those two lints lint on invalid parameter(s), here a null pointer where it is unexpected and UB to pass one. *For context: GitHub Search reveals that just for `slice::from_raw_parts{_mut}` [~20 invalid usages](hhttps://github.com/search?q=lang%3Arust+%2Fslice%3A%3Afrom_raw_parts%28_mut%29%3F%5C%28ptr%3A%3Anull%2F+NOT+path%3A%2F%5Eclippy_lints%5C%2Fsrc%5C%2F%2F+NOT+path%3A%2F%5Erust%5C%2Fsrc%5C%2Ftools%5C%2Fclippy%5C%2Fclippy_lints%5C%2Fsrc%5C%2F%2F+NOT+path%3A%2F%5Esrc%5C%2Ftools%5C%2Fclippy%5C%2Fclippy_lints%5C%2Fsrc%5C%2F%2F&type=code) with `ptr::null` and an additional [4 invalid usages](https://github.com/search?q=lang%3Arust+%2Fslice%3A%3Afrom_raw_parts%5C%280%28%5C%29%7C+as%29%2F+NOT+path%3A%2F%5Eclippy_lints%5C%2Fsrc%5C%2F%2F+NOT+path%3A%2F%5Erust%5C%2Fsrc%5C%2Ftools%5C%2Fclippy%5C%2Fclippy_lints%5C%2Fsrc%5C%2F%2F+NOT+path%3A%2F%5Esrc%5C%2Ftools%5C%2Fclippy%5C%2Fclippy_lints%5C%2Fsrc%5C%2F%2F+NOT+path%3A%2F%5Eutils%5C%2Ftinystr%5C%2Fsrc%5C%2F%2F+NOT+path%3A%2F%5Eutils%5C%2Fzerovec%5C%2Fsrc%5C%2F%2F+NOT+path%3A%2F%5Eprovider%5C%2Fcore%5C%2Fsrc%5C%2F%2F&type=code) with `0 as *const ...`-ish casts.* ----- ## `invalid_null_arguments` (deny-by-default) The `invalid_null_arguments` lint checks for invalid usage of null pointers. ### Example ```rust // Undefined behavior unsafe { std::slice::from_raw_parts(ptr::null(), 1); } ``` Produces: ``` error: calling this function with a null pointer is Undefined Behavior, even if the result of the function is unused --> $DIR/invalid_null_args.rs:21:23 | LL | let _: &[usize] = std::slice::from_raw_parts(ptr::null_mut(), 0); | ^^^^^^^^^^^^^^^^^^^^^^^^^^^---------------^^^^ | | | null pointer originates from here | = help: for more information, visit <https://doc.rust-lang.org/std/ptr/index.html> and <https://doc.rust-lang.org/reference/behavior-considered-undefined.html> ``` ### Explanation Calling methods whose safety invariants requires non-null pointer with a null pointer is undefined behavior. ----- The lint use a list of functions to know which functions and arguments to checks, this could be improved in the future with a rustc attribute, or maybe even with a `#[diagnostic]` attribute. This PR also includes some small refactoring to avoid some ambiguities in naming, those can be done in another PR is desired. `@rustbot` label: +I-lang-nominated r? compiler
This commit is contained in:
bors
commit
7bfd9529be
30 changed files with 713 additions and 719 deletions
|
|
@ -456,6 +456,10 @@ lint_invalid_nan_comparisons_eq_ne = incorrect NaN comparison, NaN cannot be dir
|
|||
|
||||
lint_invalid_nan_comparisons_lt_le_gt_ge = incorrect NaN comparison, NaN is not orderable
|
||||
|
||||
lint_invalid_null_arguments = calling this function with a null pointer is undefined behavior, even if the result of the function is unused
|
||||
.origin = null pointer originates from here
|
||||
.doc = for more information, visit <https://doc.rust-lang.org/std/ptr/index.html> and <https://doc.rust-lang.org/reference/behavior-considered-undefined.html>
|
||||
|
||||
lint_invalid_reference_casting_assign_to_ref = assigning to `&T` is undefined behavior, consider using an `UnsafeCell`
|
||||
.label = casting happened here
|
||||
|
||||
|
|
@ -680,15 +684,6 @@ lint_private_extern_crate_reexport = extern crate `{$ident}` is private and cann
|
|||
lint_proc_macro_derive_resolution_fallback = cannot find {$ns} `{$ident}` in this scope
|
||||
.label = names from parent modules are not accessible without an explicit import
|
||||
|
||||
lint_ptr_null_checks_fn_ptr = function pointers are not nullable, so checking them for null will always return false
|
||||
.help = wrap the function pointer inside an `Option` and use `Option::is_none` to check for null pointer value
|
||||
.label = expression has type `{$orig_ty}`
|
||||
|
||||
lint_ptr_null_checks_fn_ret = returned pointer of `{$fn_name}` call is never null, so checking it for null will always return false
|
||||
|
||||
lint_ptr_null_checks_ref = references are not nullable, so checking them for null will always return false
|
||||
.label = expression has type `{$orig_ty}`
|
||||
|
||||
lint_query_instability = using `{$query}` can result in unstable query results
|
||||
.note = if you believe this case to be fine, allow this lint and add a comment explaining your rationale
|
||||
|
||||
|
|
@ -981,6 +976,15 @@ lint_unused_result = unused result of type `{$ty}`
|
|||
|
||||
lint_use_let_underscore_ignore_suggestion = use `let _ = ...` to ignore the expression or result
|
||||
|
||||
lint_useless_ptr_null_checks_fn_ptr = function pointers are not nullable, so checking them for null will always return false
|
||||
.help = wrap the function pointer inside an `Option` and use `Option::is_none` to check for null pointer value
|
||||
.label = expression has type `{$orig_ty}`
|
||||
|
||||
lint_useless_ptr_null_checks_fn_ret = returned pointer of `{$fn_name}` call is never null, so checking it for null will always return false
|
||||
|
||||
lint_useless_ptr_null_checks_ref = references are not nullable, so checking them for null will always return false
|
||||
.label = expression has type `{$orig_ty}`
|
||||
|
||||
lint_uses_power_alignment = repr(C) does not follow the power alignment rule. This may affect platform C ABI compatibility for this type
|
||||
|
||||
lint_variant_size_differences =
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue