2023-05-14 14:20:32 +00:00
|
|
|
use rustc_ast::Mutability;
|
2023-09-17 14:24:22 +00:00
|
|
|
use rustc_hir::{Expr, ExprKind, UnOp};
|
2023-07-14 20:10:14 +00:00
|
|
|
use rustc_middle::ty::{self, TypeAndMut};
|
2023-09-17 14:24:22 +00:00
|
|
|
use rustc_span::sym;
|
2023-05-14 14:20:32 +00:00
|
|
|
|
2023-07-06 19:45:24 +00:00
|
|
|
use crate::{lints::InvalidReferenceCastingDiag, LateContext, LateLintPass, LintContext};
|
2023-05-14 14:20:32 +00:00
|
|
|
|
|
|
|
|
declare_lint! {
|
2023-07-06 19:45:24 +00:00
|
|
|
/// The `invalid_reference_casting` lint checks for casts of `&T` to `&mut T`
|
2023-05-14 14:20:32 +00:00
|
|
|
/// without using interior mutability.
|
|
|
|
|
///
|
|
|
|
|
/// ### Example
|
|
|
|
|
///
|
|
|
|
|
/// ```rust,compile_fail
|
|
|
|
|
/// fn x(r: &i32) {
|
|
|
|
|
/// unsafe {
|
|
|
|
|
/// *(r as *const i32 as *mut i32) += 1;
|
|
|
|
|
/// }
|
|
|
|
|
/// }
|
|
|
|
|
/// ```
|
|
|
|
|
///
|
|
|
|
|
/// {{produces}}
|
|
|
|
|
///
|
|
|
|
|
/// ### Explanation
|
|
|
|
|
///
|
|
|
|
|
/// Casting `&T` to `&mut T` without using interior mutability is undefined behavior,
|
|
|
|
|
/// as it's a violation of Rust reference aliasing requirements.
|
|
|
|
|
///
|
|
|
|
|
/// `UnsafeCell` is the only way to obtain aliasable data that is considered
|
|
|
|
|
/// mutable.
|
2023-07-06 19:45:24 +00:00
|
|
|
INVALID_REFERENCE_CASTING,
|
2023-07-14 19:54:27 +00:00
|
|
|
Deny,
|
2023-05-14 14:20:32 +00:00
|
|
|
"casts of `&T` to `&mut T` without interior mutability"
|
|
|
|
|
}
|
|
|
|
|
|
2023-09-17 14:24:22 +00:00
|
|
|
declare_lint_pass!(InvalidReferenceCasting => [INVALID_REFERENCE_CASTING]);
|
2023-05-14 14:20:32 +00:00
|
|
|
|
2023-07-06 19:45:24 +00:00
|
|
|
impl<'tcx> LateLintPass<'tcx> for InvalidReferenceCasting {
|
2023-07-14 20:10:14 +00:00
|
|
|
fn check_expr(&mut self, cx: &LateContext<'tcx>, expr: &'tcx Expr<'tcx>) {
|
2023-12-12 18:31:17 +00:00
|
|
|
if let Some((e, pat)) = borrow_or_assign(cx, expr) {
|
|
|
|
|
if matches!(pat, PatternKind::Borrow { mutbl: Mutability::Mut } | PatternKind::Assign) {
|
|
|
|
|
let init = cx.expr_or_init(e);
|
|
|
|
|
|
|
|
|
|
let Some(ty_has_interior_mutability) = is_cast_from_ref_to_mut_ptr(cx, init) else {
|
|
|
|
|
return;
|
|
|
|
|
};
|
|
|
|
|
let orig_cast = if init.span != e.span { Some(init.span) } else { None };
|
|
|
|
|
let ty_has_interior_mutability = ty_has_interior_mutability.then_some(());
|
|
|
|
|
|
2024-01-16 03:40:39 +00:00
|
|
|
cx.emit_span_lint(
|
2023-12-12 18:31:17 +00:00
|
|
|
INVALID_REFERENCE_CASTING,
|
|
|
|
|
expr.span,
|
|
|
|
|
if pat == PatternKind::Assign {
|
|
|
|
|
InvalidReferenceCastingDiag::AssignToRef {
|
|
|
|
|
orig_cast,
|
|
|
|
|
ty_has_interior_mutability,
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
InvalidReferenceCastingDiag::BorrowAsMut {
|
|
|
|
|
orig_cast,
|
|
|
|
|
ty_has_interior_mutability,
|
|
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
}
|
2023-05-14 14:20:32 +00:00
|
|
|
}
|
|
|
|
|
}
|
2023-07-14 20:10:14 +00:00
|
|
|
|
2023-12-12 18:31:17 +00:00
|
|
|
#[derive(Debug, Clone, Copy, PartialEq, Eq)]
|
|
|
|
|
enum PatternKind {
|
|
|
|
|
Borrow { mutbl: Mutability },
|
|
|
|
|
Assign,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
fn borrow_or_assign<'tcx>(
|
2023-08-22 13:41:07 +00:00
|
|
|
cx: &LateContext<'tcx>,
|
|
|
|
|
e: &'tcx Expr<'tcx>,
|
2023-12-12 18:31:17 +00:00
|
|
|
) -> Option<(&'tcx Expr<'tcx>, PatternKind)> {
|
|
|
|
|
fn deref_assign_or_addr_of<'tcx>(
|
|
|
|
|
expr: &'tcx Expr<'tcx>,
|
|
|
|
|
) -> Option<(&'tcx Expr<'tcx>, PatternKind)> {
|
|
|
|
|
// &(mut) <expr>
|
|
|
|
|
let (inner, pat) = if let ExprKind::AddrOf(_, mutbl, expr) = expr.kind {
|
|
|
|
|
(expr, PatternKind::Borrow { mutbl })
|
2023-08-22 13:41:07 +00:00
|
|
|
// <expr> = ...
|
|
|
|
|
} else if let ExprKind::Assign(expr, _, _) = expr.kind {
|
2023-12-12 18:31:17 +00:00
|
|
|
(expr, PatternKind::Assign)
|
2023-08-22 13:41:07 +00:00
|
|
|
// <expr> += ...
|
|
|
|
|
} else if let ExprKind::AssignOp(_, expr, _) = expr.kind {
|
2023-12-12 18:31:17 +00:00
|
|
|
(expr, PatternKind::Assign)
|
2023-08-22 13:41:07 +00:00
|
|
|
} else {
|
|
|
|
|
return None;
|
|
|
|
|
};
|
|
|
|
|
|
2023-12-12 18:31:17 +00:00
|
|
|
// *<inner>
|
|
|
|
|
let ExprKind::Unary(UnOp::Deref, e) = &inner.kind else {
|
|
|
|
|
return None;
|
|
|
|
|
};
|
|
|
|
|
Some((e, pat))
|
2023-08-22 13:41:07 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
fn ptr_write<'tcx>(
|
|
|
|
|
cx: &LateContext<'tcx>,
|
|
|
|
|
e: &'tcx Expr<'tcx>,
|
2023-12-12 18:31:17 +00:00
|
|
|
) -> Option<(&'tcx Expr<'tcx>, PatternKind)> {
|
2023-08-22 13:41:07 +00:00
|
|
|
if let ExprKind::Call(path, [arg_ptr, _arg_val]) = e.kind
|
|
|
|
|
&& let ExprKind::Path(ref qpath) = path.kind
|
|
|
|
|
&& let Some(def_id) = cx.qpath_res(qpath, path.hir_id).opt_def_id()
|
|
|
|
|
&& matches!(
|
|
|
|
|
cx.tcx.get_diagnostic_name(def_id),
|
|
|
|
|
Some(sym::ptr_write | sym::ptr_write_volatile | sym::ptr_write_unaligned)
|
2023-10-13 08:58:33 +00:00
|
|
|
)
|
2023-08-22 13:41:07 +00:00
|
|
|
{
|
2023-12-12 18:31:17 +00:00
|
|
|
Some((arg_ptr, PatternKind::Assign))
|
2023-08-22 13:41:07 +00:00
|
|
|
} else {
|
|
|
|
|
None
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
deref_assign_or_addr_of(e).or_else(|| ptr_write(cx, e))
|
|
|
|
|
}
|
|
|
|
|
|
2023-12-12 18:31:17 +00:00
|
|
|
fn is_cast_from_ref_to_mut_ptr<'tcx>(
|
2023-10-04 14:03:39 +00:00
|
|
|
cx: &LateContext<'tcx>,
|
|
|
|
|
orig_expr: &'tcx Expr<'tcx>,
|
|
|
|
|
) -> Option<bool> {
|
2023-09-27 13:38:32 +00:00
|
|
|
let end_ty = cx.typeck_results().node_type(orig_expr.hir_id);
|
|
|
|
|
|
|
|
|
|
// Bail out early if the end type is **not** a mutable pointer.
|
|
|
|
|
if !matches!(end_ty.kind(), ty::RawPtr(TypeAndMut { ty: _, mutbl: Mutability::Mut })) {
|
2023-10-04 14:03:39 +00:00
|
|
|
return None;
|
2023-09-27 13:38:32 +00:00
|
|
|
}
|
|
|
|
|
|
2023-12-12 18:25:34 +00:00
|
|
|
let (e, need_check_freeze) = peel_casts(cx, orig_expr);
|
|
|
|
|
|
|
|
|
|
let start_ty = cx.typeck_results().node_type(e.hir_id);
|
|
|
|
|
if let ty::Ref(_, inner_ty, Mutability::Not) = start_ty.kind() {
|
2023-12-12 18:31:17 +00:00
|
|
|
// If an UnsafeCell method is involved, we need to additionally check the
|
2023-12-12 18:25:34 +00:00
|
|
|
// inner type for the presence of the Freeze trait (ie does NOT contain
|
|
|
|
|
// an UnsafeCell), since in that case we would incorrectly lint on valid casts.
|
|
|
|
|
//
|
2023-12-12 18:31:17 +00:00
|
|
|
// Except on the presence of non concrete skeleton types (ie generics)
|
|
|
|
|
// since there is no way to make it safe for arbitrary types.
|
2023-12-12 18:25:34 +00:00
|
|
|
let inner_ty_has_interior_mutability =
|
|
|
|
|
!inner_ty.is_freeze(cx.tcx, cx.param_env) && inner_ty.has_concrete_skeleton();
|
|
|
|
|
(!need_check_freeze || !inner_ty_has_interior_mutability)
|
|
|
|
|
.then_some(inner_ty_has_interior_mutability)
|
|
|
|
|
} else {
|
|
|
|
|
None
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
fn peel_casts<'tcx>(cx: &LateContext<'tcx>, mut e: &'tcx Expr<'tcx>) -> (&'tcx Expr<'tcx>, bool) {
|
|
|
|
|
let mut gone_trough_unsafe_cell_raw_get = false;
|
|
|
|
|
|
2023-09-27 13:38:32 +00:00
|
|
|
loop {
|
|
|
|
|
e = e.peel_blocks();
|
|
|
|
|
// <expr> as ...
|
|
|
|
|
e = if let ExprKind::Cast(expr, _) = e.kind {
|
|
|
|
|
expr
|
|
|
|
|
// <expr>.cast(), <expr>.cast_mut() or <expr>.cast_const()
|
2023-08-12 10:40:26 +00:00
|
|
|
} else if let ExprKind::MethodCall(_, expr, [], _) = e.kind
|
|
|
|
|
&& let Some(def_id) = cx.typeck_results().type_dependent_def_id(e.hir_id)
|
2023-09-27 13:38:32 +00:00
|
|
|
&& matches!(
|
|
|
|
|
cx.tcx.get_diagnostic_name(def_id),
|
|
|
|
|
Some(sym::ptr_cast | sym::const_ptr_cast | sym::ptr_cast_mut | sym::ptr_cast_const)
|
|
|
|
|
)
|
|
|
|
|
{
|
2023-08-12 10:40:26 +00:00
|
|
|
expr
|
2023-09-27 13:38:32 +00:00
|
|
|
// ptr::from_ref(<expr>), UnsafeCell::raw_get(<expr>) or mem::transmute<_, _>(<expr>)
|
2023-08-24 10:04:40 +00:00
|
|
|
} else if let ExprKind::Call(path, [arg]) = e.kind
|
|
|
|
|
&& let ExprKind::Path(ref qpath) = path.kind
|
|
|
|
|
&& let Some(def_id) = cx.qpath_res(qpath, path.hir_id).opt_def_id()
|
2023-09-27 13:38:32 +00:00
|
|
|
&& matches!(
|
|
|
|
|
cx.tcx.get_diagnostic_name(def_id),
|
|
|
|
|
Some(sym::ptr_from_ref | sym::unsafe_cell_raw_get | sym::transmute)
|
|
|
|
|
)
|
2023-08-24 10:04:40 +00:00
|
|
|
{
|
2023-09-27 13:38:32 +00:00
|
|
|
if cx.tcx.is_diagnostic_item(sym::unsafe_cell_raw_get, def_id) {
|
2023-12-12 18:25:34 +00:00
|
|
|
gone_trough_unsafe_cell_raw_get = true;
|
2023-09-27 13:38:32 +00:00
|
|
|
}
|
2023-08-24 10:04:40 +00:00
|
|
|
arg
|
2023-08-12 10:40:26 +00:00
|
|
|
} else {
|
2023-12-12 19:06:28 +00:00
|
|
|
let init = cx.expr_or_init(e);
|
|
|
|
|
if init.hir_id != e.hir_id {
|
|
|
|
|
init
|
|
|
|
|
} else {
|
|
|
|
|
break;
|
|
|
|
|
}
|
2023-08-12 10:40:26 +00:00
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
|
2023-12-12 18:25:34 +00:00
|
|
|
(e, gone_trough_unsafe_cell_raw_get)
|
2023-07-14 20:10:14 +00:00
|
|
|
}
|
