Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Uplift clippy::invalid_null_ptr_usage lint #119220

Open
wants to merge 5 commits into
base: master
Choose a base branch
from
Open

Uplift clippy::invalid_null_ptr_usage lint #119220

wants to merge 5 commits into from
+613 −408

Conversation

Urgau
Copy link
Contributor

@Urgau Urgau commented Dec 22, 2023
edited

This PR aims at uplifting the clippy::invalid_null_ptr_usage lint into rustc, this is similar to the clippy::invalid_utf8_in_unchecked uplift a few months ago, in the sense that those two lints lint on invalid parameter(s), here a null pointer where it is unexpected and UB to pass one.

For context: GitHub Search reveals that just for slice::from_raw_parts{_mut} ~20 invalid usages with ptr::null and an additional 4 invalid usages with 0 as *const ...-ish casts.

invalid_null_ptr_usages

(deny-by-default)

The invalid_null_ptr_usages lint checks for invalid usage of null pointers.

Example

// Undefined behavior
unsafe { std::slice::from_raw_parts(ptr::null(), 0); }
// Not Undefined behavior
unsafe { std::slice::from_raw_parts(NonNull::dangling().as_ptr(), 0); }

Produces:

error: calling this function with a null pointer is undefined behavior, even if the result of the function is unused, consider using a dangling pointer instead
  --> $DIR/invalid_null_ptr_usages.rs:14:23
   |
LL |     let _: &[usize] = std::slice::from_raw_parts(ptr::null(), 0);
   |                       ^^^^^^^^^^^^^^^^^^^^^^^^^^^-----------^^^^
   |                                                  |
   |                                                  help: use a dangling pointer instead: `core::ptr::NonNull::dangling().as_ptr()`

Explanation

Calling methods who's safety invariants requires non-null pointer with a null pointer is undefined behavior.

The lint use a list of functions to know which functions and arguments to checks, this could be improved in the future with a rustc attribute, or maybe even with a #[diagnostic] attribute.

This PR also includes some small refactoring to avoid some ambiguities in naming, those can be done in another PR is desired.

@rustbot label: +I-lang-nominated
r? compiler

@rustbot rustbot added S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. T-compiler Relevant to the compiler team, which will review and decide on the PR/issue. labels Dec 22, 2023
@rustbot
Copy link
Collaborator

rustbot commented Dec 22, 2023

Some changes occurred in src/tools/clippy

cc @rust-lang/clippy

@rustbot rustbot added the I-lang-nominated The issue / PR has been nominated for discussion during a lang team meeting. label Dec 22, 2023
@rust-log-analyzer

This comment has been minimized.

Sign in to view
@Urgau Urgau force-pushed the uplift-invalid_null_ptr_usage branch 2 times, most recently from b25c44c to 7308419 Compare December 22, 2023 16:07
@rust-log-analyzer

This comment has been minimized.

Sign in to view
@Urgau Urgau force-pushed the uplift-invalid_null_ptr_usage branch from 7308419 to 05aabc1 Compare December 22, 2023 16:44
@Nilstrieb
Copy link
Member

I think @saethlin has also found plenty of code that hits this in the wild, so this seems like a good lint.

@saethlin
Copy link
Member

You're probably referring to PyO3/pyo3#2687 and servo/font-kit#197

I don't think either of these would be detected by the lint, but I agree that this is a reasonable lint target.

@apiraino apiraino added S-waiting-on-team Status: Awaiting decision from the relevant subteam (see the T-<team> label). and removed S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. labels Feb 1, 2024
@apiraino
Copy link
Contributor

apiraino commented Feb 1, 2024

I'll flag this as S-waiting-on-team to signal that T-lang nomination

@bors
Copy link
Contributor

bors commented Feb 13, 2024

☔ The latest upstream changes (presumably #120991) made this pull request unmergeable. Please resolve the merge conflicts.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@b-naber b-naber

Labels
I-lang-nominated The issue / PR has been nominated for discussion during a lang team meeting. S-waiting-on-team Status: Awaiting decision from the relevant subteam (see the T-<team> label). T-compiler Relevant to the compiler team, which will review and decide on the PR/issue.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
8 participants
@Urgau @rustbot @rust-log-analyzer @Nilstrieb @saethlin @apiraino @bors @b-naber