new lint for accidental double pointer into flat addr case

Author: Soveu

CHANGELOG.md

@@ -5193,6 +5193,7 @@ Released 2018-09-13
 <!-- begin autogenerated links to lint list -->
 [`absolute_paths`]: https://rust-lang.github.io/rust-clippy/master/index.html#absolute_paths
 [`absurd_extreme_comparisons`]: https://rust-lang.github.io/rust-clippy/master/index.html#absurd_extreme_comparisons
+[`accidental_double_ref_into_flat_addr_cast`]: https://rust-lang.github.io/rust-clippy/master/index.html#accidental_double_ref_into_flat_addr_cast
 [`alloc_instead_of_core`]: https://rust-lang.github.io/rust-clippy/master/index.html#alloc_instead_of_core
 [`allow_attributes`]: https://rust-lang.github.io/rust-clippy/master/index.html#allow_attributes
 [`allow_attributes_without_reason`]: https://rust-lang.github.io/rust-clippy/master/index.html#allow_attributes_without_reason

clippy_lints/src/borrow_deref_ref.rs

@@ -21,9 +21,9 @@ declare_clippy_lint! {
     /// False negative on such code:
     /// ```no_run
     /// let x = &12;
-    /// let addr_x = &x as *const _ as usize;
-    /// let addr_y = &&*x as *const _ as usize; // assert ok now, and lint triggered.
-    ///                                         // But if we fix it, assert will fail.
+    /// let addr_x = x as *const _ as usize;
+    /// let addr_y = &*x as *const _ as usize; // assert ok now, and lint triggered.
+    ///                                        // But if we fix it, assert will fail.
     /// assert_ne!(addr_x, addr_y);
     /// ```
     ///

clippy_lints/src/casts/accidental_double_ref_into_flat_addr_cast.rs

@@ -0,0 +1,82 @@
+use rustc_hir::{Expr, ExprKind};
+use rustc_lint::LateContext;
+use rustc_middle::ty::Ty;
+
+pub fn check<'tcx>(cx: &LateContext<'tcx>, cast_expr: &'tcx Expr<'_>, ty_into: Ty<'_>) {
+    // Check this part:
+    // ```
+    // &some_ref as *const _ as usize
+    //                       ^^^^^^^^
+    // &some_ref as *const _ as *const u8
+    //                       ^^^^^^^^^^^^
+    // ```
+    if !ty_into.is_numeric() && !ty_into.is_unsafe_ptr() {
+        return;
+    }
+
+    #[allow(clippy::items_after_statements)] // It is pretty reasonable to have it here?
+    const EXPLICIT_DEREF: bool = true; // *mut and *const have to be explicity deref'd
+
+    // In case of casting into recursive pointer type (e.g. *mut *mut u8), skip this check.
+    // Technically `builtin_deref` should always return us here a type, however,
+    // lets not risk a potential crash with unwrap().
+    if ty_into.is_unsafe_ptr() && ty_into.builtin_deref(EXPLICIT_DEREF).is_some_and(Ty::is_unsafe_ptr) {
+        return;
+    }
+
+    // The type from MIR is already inferred, so we cannot check if it is "as *const _"
+    // if !ty_from.is_unsafe_ptr() ||
+    // !ty_from.builtin_deref(true).is_some_and(Ty::is_ty_or_numeric_infer) {
+    //     return;
+    // }
+
+    // Get these parts of the expression:
+    // ```
+    // &some_ref as *const _ as usize
+    // ^^^^^^^^^ ^^^^^^^^^^^
+    // &some_ref as *const _ as *const u8
+    // ^^^^^^^^^ ^^^^^^^^^^^
+    // ```
+    let ExprKind::Cast(nested_cast_expr, nested_cast_ty) = cast_expr.kind else {
+        return;
+    };
+
+    // Check this part:
+    // ```
+    // &some_ref as *const _ as usize
+    //              ^^^^^^^^
+    // &some_ref as *const _ as *const u8
+    //              ^^^^^^^^
+    // ```
+    // Here we cannot use MIR data (like `cast_from` from function above) as it has already
+    // the type inferred. We have to use the data from HIR.
+    let rustc_hir::TyKind::Ptr(rustc_hir::MutTy { ty, .. }) = nested_cast_ty.kind else {
+        return;
+    };
+    if !matches!(ty.kind, rustc_hir::TyKind::Infer) {
+        return;
+    }
+
+    // Get this part of the expression:
+    // ```
+    // &some_ref as *const _ as usize
+    //  ^^^^^^^^
+    // &some_ref as *const _ as *const u8
+    //  ^^^^^^^^
+    // ```
+    let ExprKind::AddrOf(_, _, some_ref) = nested_cast_expr.kind else {
+        return;
+    };
+
+    // Check if `some_ref` is indeed a reference.
+    if !cx.typeck_results().expr_ty(some_ref).is_ref() {
+        return;
+    }
+
+    clippy_utils::diagnostics::span_lint(
+        cx,
+        super::ACCIDENTAL_DOUBLE_REF_INTO_FLAT_ADDR_CAST,
+        nested_cast_expr.span,
+        "accidental cast",
+    );
+}

clippy_lints/src/casts/mod.rs

@@ -1,3 +1,4 @@
+mod accidental_double_ref_into_flat_addr_cast;
 mod as_ptr_cast_mut;
 mod as_underscore;
 mod borrow_as_ptr;
@@ -717,6 +718,27 @@ declare_clippy_lint! {
     "using `as` to cast a reference to pointer"
 }
 
+declare_clippy_lint! {
+    /// ### What it does
+    /// TODO
+    ///
+    /// ### Why is this bad?
+    /// TODO
+    ///
+    /// ### Example
+    /// ```no_run
+    /// &s as *const _ as usize
+    /// ```
+    /// Use instead:
+    /// ```no_run
+    /// s as *const _ as usize
+    /// ```
+    #[clippy::version = "1.78.0"]
+    pub ACCIDENTAL_DOUBLE_REF_INTO_FLAT_ADDR_CAST,
+    suspicious,
+    "TODO"
+}
+
 pub struct Casts {
     msrv: Msrv,
 }
@@ -753,6 +775,7 @@ impl_lint_pass!(Casts => [
     CAST_NAN_TO_INT,
     ZERO_PTR,
     REF_AS_PTR,
+    ACCIDENTAL_DOUBLE_REF_INTO_FLAT_ADDR_CAST,
 ]);
 
 impl<'tcx> LateLintPass<'tcx> for Casts {
@@ -795,6 +818,7 @@ impl<'tcx> LateLintPass<'tcx> for Casts {
             }
 
             as_underscore::check(cx, expr, cast_to_hir);
+            accidental_double_ref_into_flat_addr_cast::check(cx, expr, cast_to);
 
             if self.msrv.meets(msrvs::PTR_FROM_REF) {
                 ref_as_ptr::check(cx, expr, cast_expr, cast_to_hir);

clippy_lints/src/declared_lints.rs

@@ -78,6 +78,7 @@ pub(crate) static LINTS: &[&crate::LintInfo] = &[
     crate::cargo::NEGATIVE_FEATURE_NAMES_INFO,
     crate::cargo::REDUNDANT_FEATURE_NAMES_INFO,
     crate::cargo::WILDCARD_DEPENDENCIES_INFO,
+    crate::casts::ACCIDENTAL_DOUBLE_REF_INTO_FLAT_ADDR_CAST_INFO,
     crate::casts::AS_PTR_CAST_MUT_INFO,
     crate::casts::AS_UNDERSCORE_INFO,
     crate::casts::BORROW_AS_PTR_INFO,

tests/ui/accidental_double_ref_to_flat_addr.rs

@@ -0,0 +1,13 @@
+#![warn(clippy::accidental_double_ref_into_flat_addr_cast)]
+#![crate_type = "lib"]
+#![no_std]
+
+struct S;
+
+fn f(s: &S) -> usize {
+    &s as *const _ as usize
+}
+
+fn g(s: &S) -> *const u8 {
+    &s as *const _ as *const u8
+}

tests/ui/accidental_double_ref_to_flat_addr.stderr

@@ -0,0 +1,17 @@
+error: accidental cast
+  --> tests/ui/accidental_double_ref_to_flat_addr.rs:8:5
+   |
+LL |     &s as *const _ as usize
+   |     ^^
+   |
+   = note: `-D clippy::accidental-double-ref-into-flat-addr-cast` implied by `-D warnings`
+   = help: to override `-D warnings` add `#[allow(clippy::accidental_double_ref_into_flat_addr_cast)]`
+
+error: accidental cast
+  --> tests/ui/accidental_double_ref_to_flat_addr.rs:12:5
+   |
+LL |     &s as *const _ as *const u8
+   |     ^^
+
+error: aborting due to 2 previous errors
+

tests/ui/borrow_deref_ref.fixed

@@ -65,8 +65,8 @@ with_span!(
 mod false_negative {
     fn foo() {
         let x = &12;
-        let addr_x = &x as *const _ as usize;
-        let addr_y = &x as *const _ as usize; // assert ok
+        let addr_x = x as *const _ as usize;
+        let addr_y = x as *const _ as usize; // assert ok
         // let addr_y = &x as *const _ as usize; // assert fail
         assert_ne!(addr_x, addr_y);
     }

tests/ui/borrow_deref_ref.rs

@@ -65,8 +65,8 @@ with_span!(
 mod false_negative {
     fn foo() {
         let x = &12;
-        let addr_x = &x as *const _ as usize;
-        let addr_y = &&*x as *const _ as usize; // assert ok
+        let addr_x = x as *const _ as usize;
+        let addr_y = &*x as *const _ as usize; // assert ok
         // let addr_y = &x as *const _ as usize; // assert fail
         assert_ne!(addr_x, addr_y);
     }

tests/ui/borrow_deref_ref.stderr

@@ -14,10 +14,10 @@ LL |         let b = &mut &*bar(&12);
    |                      ^^^^^^^^^^ help: if you would like to reborrow, try removing `&*`: `bar(&12)`
 
 error: deref on an immutable reference
-  --> tests/ui/borrow_deref_ref.rs:69:23
+  --> tests/ui/borrow_deref_ref.rs:69:22
    |
-LL |         let addr_y = &&*x as *const _ as usize; // assert ok
-   |                       ^^^ help: if you would like to reborrow, try removing `&*`: `x`
+LL |         let addr_y = &*x as *const _ as usize; // assert ok
+   |                      ^^^ help: if you would like to reborrow, try removing `&*`: `x`
 
 error: aborting due to 3 previous errors