Skip to content

Commit

Permalink
Auto merge of rust-lang#128985 - GrigorenkoPV:instantly-dangling-poin…
Browse files Browse the repository at this point in the history
…ter, r=Urgau

Lint against getting pointers from immediately dropped temporaries

Fixes rust-lang#123613

## Changes:
1. New lint: `dangling_pointers_from_temporaries`. Is a generalization of `temporary_cstring_as_ptr` for more types and more ways to get a temporary.
2. `temporary_cstring_as_ptr` is removed and marked as renamed to `dangling_pointers_from_temporaries`.
3. `clippy::temporary_cstring_as_ptr` is marked as renamed to `dangling_pointers_from_temporaries`.
4. Fixed a false positive[^fp] for when the pointer is not actually dangling because of lifetime extension for function/method call arguments.
5. `core::cell::Cell` is now `rustc_diagnostic_item = "Cell"`

## Questions:
- [ ]  Instead of manually checking for a list of known methods and diagnostic items, maybe add some sort of annotation to those methods in library and check for the presence of that annotation? rust-lang#128985 (comment)

## Known limitations:

### False negatives[^fn]:

See the comments in `compiler/rustc_lint/src/dangling.rs`

1. Method calls that are not checked for:
   - `temporary_unsafe_cell.get()`
   - `temporary_sync_unsafe_cell.get()`
2. Ways to get a temporary that are not recognized:
   - `owning_temporary.field`
   - `owning_temporary[index]`
3. No checks for ref-to-ptr conversions:
   - `&raw [mut] temporary`
   - `&temporary as *(const|mut) _`
    - `ptr::from_ref(&temporary)` and friends

[^fn]: lint **should** be emitted, but **is not**

[^fp]: lint **should not** be emitted, but **is**
  • Loading branch information
bors committed Oct 29, 2024
2 parents b0248e2 + a5aa408 commit a1b88a0
Show file tree
Hide file tree
Showing 3 changed files with 5 additions and 1 deletion.
1 change: 1 addition & 0 deletions alloc/tests/boxed.rs
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ use core::mem::MaybeUninit;
use core::ptr::NonNull;

#[test]
#[cfg_attr(not(bootstrap), expect(dangling_pointers_from_temporaries))]
fn uninitialized_zero_size_box() {
assert_eq!(
&*Box::<()>::new_uninit() as *const _,
Expand Down
1 change: 1 addition & 0 deletions core/src/cell.rs
Original file line number Diff line number Diff line change
Expand Up @@ -304,6 +304,7 @@ pub use once::OnceCell;
/// ```
///
/// See the [module-level documentation](self) for more.
#[cfg_attr(not(test), rustc_diagnostic_item = "Cell")]
#[stable(feature = "rust1", since = "1.0.0")]
#[repr(transparent)]
#[rustc_pub_transparent]
Expand Down
4 changes: 3 additions & 1 deletion core/src/ffi/c_str.rs
Original file line number Diff line number Diff line change
Expand Up @@ -464,7 +464,9 @@ impl CStr {
/// behavior when `ptr` is used inside the `unsafe` block:
///
/// ```no_run
/// # #![allow(unused_must_use)] #![allow(temporary_cstring_as_ptr)]
/// # #![allow(unused_must_use)]
/// # #![cfg_attr(bootstrap, expect(temporary_cstring_as_ptr))]
/// # #![cfg_attr(not(bootstrap), expect(dangling_pointers_from_temporaries))]
/// use std::ffi::CString;
///
/// // Do not do this:
Expand Down

0 comments on commit a1b88a0

Please sign in to comment.