Check for 'static

Author: Centri3

clippy_lints/src/ptr_to_temporary.rs

@@ -1,10 +1,10 @@
 use clippy_utils::consts::is_promotable;
 use clippy_utils::diagnostics::span_lint_and_note;
-use clippy_utils::{is_from_proc_macro, is_temporary};
+use clippy_utils::{is_from_proc_macro, is_temporary, path_res};
 use rustc_hir::{BorrowKind, Expr, ExprKind, ItemKind, OwnerNode};
 use rustc_lint::{LateContext, LateLintPass, LintContext};
 use rustc_middle::lint::in_external_macro;
-use rustc_middle::ty;
+use rustc_middle::ty::TypeVisitableExt;
 use rustc_session::{declare_lint_pass, declare_tool_lint};
 use rustc_span::sym;
 
@@ -101,15 +101,24 @@ fn check_for_dangling_as_ptr<'tcx>(cx: &LateContext<'tcx>, expr: &'tcx Expr<'tcx
         && let Some(def_id) = cx.typeck_results().type_dependent_def_id(expr.hir_id)
         && cx.tcx.fn_sig(def_id).skip_binder().output().skip_binder().is_unsafe_ptr()
         && matches!(cx.tcx.crate_name(def_id.krate), sym::core | sym::alloc | sym::std)
-        // These will almost always be promoted yet have the `as_ptr` method. Ideally we would
-        // check if these would be promoted but our logic considers any function call to be
-        // non-promotable, but in this case it will be as it's `'static`, soo...
-        && !matches!(
-            cx.typeck_results().expr_ty(recv).peel_refs().kind(),
-            ty::Str | ty::Array(_, _) | ty::Slice(_)
-        )
         && is_temporary(cx, recv)
         && !is_from_proc_macro(cx, expr)
+        // The typeck table only contains `ReErased`.
+        && let Some(def_id) = match recv.kind {
+            ExprKind::Call(path, _) => {
+                path_res(cx, path).opt_def_id()
+            },
+            ExprKind::MethodCall(..) => {
+                cx.typeck_results().type_dependent_def_id(recv.hir_id)
+            },
+            // Anything else will either always have a `'static` lifetime or won't be dropped at
+            // the end of the statement (i.e., will have a longer lifetime), so we can skip them
+            _ => None,
+        }
+        && let ty = cx.tcx.fn_sig(def_id).subst_identity().output()
+        // afaik, any `ReLateBound` means it isn't static. Lifetimes are confusing under the
+        // hood tho so this is likely wrong, and we'll need a smarter heuristic
+        && (ty.has_late_bound_regions() || !ty.skip_binder().is_ref())
     {
         span_lint_and_note(
             cx,

tests/ui/ptr_to_temporary.rs

@@ -76,6 +76,15 @@ fn bad_11() {
     let pab = unsafe { AtomicBool::new(true).as_ptr() };
 }
 
+fn bad_12() {
+    let ps = vec![1].as_slice().as_ptr();
+}
+
+fn bad_13() {
+    // TODO: Not linted. We need to normalize these
+    let ps = <[i32]>::as_ptr(Vec::as_slice(&vec![1]));
+}
+
 // TODO: We need more tests here...
 
 fn fine_1() -> *const i32 {
@@ -93,6 +102,7 @@ fn fine_3() -> *const i32 {
 }
 
 fn fine_4() {
+    // This shouldn't be linted!
     let pa = ([1],).0.as_ptr();
 }
 
@@ -105,12 +115,37 @@ fn fine_5() {
 }
 
 fn fine_6() {
+    fn helper<'a>() -> &'a str {
+        "i'm not ub"
+    }
+
+    let ps = helper().as_ptr();
+}
+
+fn fine_7() {
     fn helper() -> &'static [i32; 1] {
         &[1]
     }
 
     let pa = helper().as_ptr();
-    unsafe { *pa };
+}
+
+fn fine_8() {
+    let ps = "a".as_ptr();
+}
+
+fn fine_9() {
+    let pcstr = CString::new("asd".to_owned()).unwrap();
+    // Not UB, as `pcstr` is not a temporary
+    // TODO: Don't lint this! We need a check for whether a chain begins with a local...
+    pcstr.as_c_str().as_ptr();
+}
+
+fn fine_10() {
+    let pcstr = CString::new("asd".to_owned()).unwrap();
+    // Not UB, as `pcstr` is not a temporary
+    // TODO: Same here, but this time it needs to be normalized
+    CString::as_c_str(&pcstr).as_ptr();
 }
 
 external! {

tests/ui/ptr_to_temporary.stderr

@@ -1,11 +1,3 @@
-error: lint `clippy::temporary_cstring_as_ptr` has been renamed to `temporary_cstring_as_ptr`
-  --> $DIR/ptr_to_temporary.rs:6:5
-   |
-LL |     clippy::temporary_cstring_as_ptr,
-   |     ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ help: use the new name: `temporary_cstring_as_ptr`
-   |
-   = note: `-D renamed-and-removed-lints` implied by `-D warnings`
-
 error: returning a raw pointer to a temporary value that cannot be promoted to a constant
   --> $DIR/ptr_to_temporary.rs:22:5
    |
@@ -55,6 +47,14 @@ LL |     let pv = vec![1].as_ptr();
    |
    = note: usage of this pointer will cause Undefined Behavior as the temporary will be deallocated at the end of the statement, yet the pointer will continue pointing to it, resulting in a dangling pointer
 
+error: calling `as_ptr` on a temporary value
+  --> $DIR/ptr_to_temporary.rs:59:14
+   |
+LL |     let pa = helper().as_ptr();
+   |              ^^^^^^^^^^^^^^^^^
+   |
+   = note: usage of this pointer will cause Undefined Behavior as the temporary will be deallocated at the end of the statement, yet the pointer will continue pointing to it, resulting in a dangling pointer
+
 error: calling `as_ptr` on a temporary value
   --> $DIR/ptr_to_temporary.rs:63:14
    |
@@ -72,20 +72,44 @@ LL |     let prc = RefCell::new("oops more ub").as_ptr();
    = note: usage of this pointer will cause Undefined Behavior as the temporary will be deallocated at the end of the statement, yet the pointer will continue pointing to it, resulting in a dangling pointer
 
 error: calling `as_ptr` on a temporary value
-  --> $DIR/ptr_to_temporary.rs:71:26
+  --> $DIR/ptr_to_temporary.rs:72:26
    |
 LL |     let pcstr = unsafe { CString::new(vec![]).unwrap().as_ptr() };
    |                          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
    |
    = note: usage of this pointer will cause Undefined Behavior as the temporary will be deallocated at the end of the statement, yet the pointer will continue pointing to it, resulting in a dangling pointer
 
 error: calling `as_ptr` on a temporary value
-  --> $DIR/ptr_to_temporary.rs:75:24
+  --> $DIR/ptr_to_temporary.rs:76:24
    |
 LL |     let pab = unsafe { AtomicBool::new(true).as_ptr() };
    |                        ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
    |
    = note: usage of this pointer will cause Undefined Behavior as the temporary will be deallocated at the end of the statement, yet the pointer will continue pointing to it, resulting in a dangling pointer
 
-error: aborting due to 11 previous errors
+error: calling `as_ptr` on a temporary value
+  --> $DIR/ptr_to_temporary.rs:80:14
+   |
+LL |     let ps = vec![1].as_slice().as_ptr();
+   |              ^^^^^^^^^^^^^^^^^^^^^^^^^^^
+   |
+   = note: usage of this pointer will cause Undefined Behavior as the temporary will be deallocated at the end of the statement, yet the pointer will continue pointing to it, resulting in a dangling pointer
+
+error: calling `as_ptr` on a temporary value
+  --> $DIR/ptr_to_temporary.rs:141:5
+   |
+LL |     pcstr.as_c_str().as_ptr();
+   |     ^^^^^^^^^^^^^^^^^^^^^^^^^
+   |
+   = note: usage of this pointer will cause Undefined Behavior as the temporary will be deallocated at the end of the statement, yet the pointer will continue pointing to it, resulting in a dangling pointer
+
+error: calling `as_ptr` on a temporary value
+  --> $DIR/ptr_to_temporary.rs:148:5
+   |
+LL |     CString::as_c_str(&pcstr).as_ptr();
+   |     ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+   |
+   = note: usage of this pointer will cause Undefined Behavior as the temporary will be deallocated at the end of the statement, yet the pointer will continue pointing to it, resulting in a dangling pointer
+
+error: aborting due to 14 previous errors