diff options
| author | bors <bors@rust-lang.org> | 2025-04-28 08:25:23 +0000 |
|---|---|---|
| committer | bors <bors@rust-lang.org> | 2025-04-28 08:25:23 +0000 |
| commit | a932eb36f8adf6c8cdfc450f063943da3112d621 (patch) | |
| tree | 60b69f50586fbe6754d5bff8f657353b6973353d /compiler/rustc_feature | |
| parent | 0134651fb81314870903e21b1bcbdd993d75b61a (diff) | |
| parent | 05f2b2265dd96655e9984c1b2b8ef207f09a88f9 (diff) | |
| download | rust-a932eb36f8adf6c8cdfc450f063943da3112d621.tar.gz rust-a932eb36f8adf6c8cdfc450f063943da3112d621.zip | |
Auto merge of #123239 - Urgau:dangerous_implicit_autorefs, r=jdonszelmann,traviscross
Implement a lint for implicit autoref of raw pointer dereference - take 2
*[t-lang nomination comment](https://github.com/rust-lang/rust/pull/123239#issuecomment-2727551097)*
This PR aims at implementing a lint for implicit autoref of raw pointer dereference, it is based on #103735 with suggestion and improvements from https://github.com/rust-lang/rust/pull/103735#issuecomment-1370420305.
The goal is to catch cases like this, where the user probably doesn't realise it just created a reference.
```rust
pub struct Test {
data: [u8],
}
pub fn test_len(t: *const Test) -> usize {
unsafe { (*t).data.len() } // this calls <[T]>::len(&self)
}
```
Since #103735 already went 2 times through T-lang, where they T-lang ended-up asking for a more restricted version (which is what this PR does), I would prefer this PR to be reviewed first before re-nominating it for T-lang.
----
Compared to the PR it is as based on, this PR adds 3 restrictions on the outer most expression, which must either be:
1. A deref followed by any non-deref place projection (that intermediate deref will typically be auto-inserted)
2. A method call annotated with `#[rustc_no_implicit_refs]`.
3. A deref followed by a `addr_of!` or `addr_of_mut!`. See bottom of post for details.
There are several points that are not 100% clear to me when implementing the modifications:
- ~~"4. Any number of automatically inserted deref/derefmut calls." I as never able to trigger this. Am I missing something?~~ Fixed
- Are "index" and "field" enough?
----
cc `@JakobDegen` `@WaffleLapkin`
r? `@RalfJung`
try-job: dist-various-1
try-job: dist-various-2
Diffstat (limited to 'compiler/rustc_feature')
| -rw-r--r-- | compiler/rustc_feature/src/builtin_attrs.rs | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/compiler/rustc_feature/src/builtin_attrs.rs b/compiler/rustc_feature/src/builtin_attrs.rs index 76270cad48f..43ba67e7dc6 100644 --- a/compiler/rustc_feature/src/builtin_attrs.rs +++ b/compiler/rustc_feature/src/builtin_attrs.rs @@ -919,6 +919,10 @@ pub static BUILTIN_ATTRIBUTES: &[BuiltinAttribute] = &[ "#[rustc_never_returns_null_ptr] is used to mark functions returning non-null pointers." ), rustc_attr!( + rustc_no_implicit_autorefs, AttributeType::Normal, template!(Word), ErrorFollowing, EncodeCrossCrate::Yes, + "`#[rustc_no_implicit_autorefs]` is used to mark functions for which an autoref to the dereference of a raw pointer should not be used as an argument." + ), + rustc_attr!( rustc_coherence_is_core, AttributeType::CrateLevel, template!(Word), ErrorFollowing, EncodeCrossCrate::No, "#![rustc_coherence_is_core] allows inherent methods on builtin types, only intended to be used in `core`." ), |