Diagnose 'unsafe' within explicit references to types in expressions

Author: DougGregor

include/swift/AST/DiagnosticsSema.def

@@ -8093,6 +8093,9 @@ NOTE(note_reference_to_unsafe_typed_decl,none,
 NOTE(note_reference_to_unsafe_through_typealias,none,
      "reference to %kind0 whose underlying type involves unsafe type %1",
      (const ValueDecl *, Type))
+NOTE(note_reference_to_unsafe_type,none,
+     "reference to unsafe type %0",
+     (Type))
 NOTE(note_reference_to_nonisolated_unsafe,none,
      "reference to nonisolated(unsafe) %kind0 is unsafe in concurrently-executing code",
      (const ValueDecl *))

lib/Sema/TypeCheckEffects.cpp

@@ -607,6 +607,12 @@ class EffectsHandlingWalker : public ASTWalker {
       recurse = asImpl().checkDeclRef(CE, CE->getInitializer(), CE->getLoc(),
                                       /*isImplicitlyAsync=*/false,
                                       /*isImplicitlyThrows=*/false);
+    } else if (auto ECE = dyn_cast<ExplicitCastExpr>(E)) {
+      recurse = asImpl().checkType(E, ECE->getCastTypeRepr(), ECE->getCastType());
+    } else if (auto TE = dyn_cast<TypeExpr>(E)) {
+      if (!TE->isImplicit()) {
+        recurse = asImpl().checkType(TE, TE->getTypeRepr(), TE->getInstanceType());
+      }
     }
     // Error handling validation (via checkTopLevelEffects) happens after
     // type checking. If an unchecked expression is still around, the code was
@@ -1139,7 +1145,7 @@ class Classification {
     return result;
   }
 
-  /// Used when all we have is are conformances. This can only find
+  /// Used when all we have are conformances. This can only find
   /// "unsafe" uses.
   static Classification forConformances(
       ArrayRef<ProtocolConformanceRef> conformances,
@@ -1153,6 +1159,18 @@ class Classification {
     return result;
   }
 
+  /// Used when all we have are conformances. This can only find
+  /// "unsafe" uses.
+  static Classification forType(Type type, SourceLoc loc) {
+    Classification result;
+    diagnoseUnsafeType(type->getASTContext(), loc, type, [&](Type unsafeType) {
+      result.recordUnsafeUse(
+          UnsafeUse::forReferenceToUnsafe(
+            nullptr, /*isCall=*/false, unsafeType, loc));
+    });
+    return result;
+  }
+
   void merge(Classification other) {
     if (other.isInvalid())
       IsInvalid = true;
@@ -1927,6 +1945,10 @@ class ApplyClassifier {
       return ShouldRecurse;
     }
 
+    ShouldRecurse_t checkType(Expr *E, TypeRepr *typeRepr, Type type) {
+      return ShouldRecurse;
+    }
+
     ConditionalEffectKind checkExhaustiveDoBody(DoCatchStmt *S) {
       // All errors thrown by the do body are caught, but any errors thrown
       // by the catch bodies are bounded by the throwing kind of the do body.
@@ -2061,6 +2083,10 @@ class ApplyClassifier {
       return ShouldRecurse;
     }
 
+    ShouldRecurse_t checkType(Expr *E, TypeRepr *typeRepr, Type type) {
+      return ShouldRecurse;
+    }
+
     void visitExprPre(Expr *expr) { return; }
   };
 
@@ -3485,6 +3511,13 @@ class CheckEffectsCoverage : public EffectsHandlingWalker<CheckEffectsCoverage>
     return ShouldRecurse;
   }
 
+  ShouldRecurse_t checkType(Expr *E, TypeRepr *typeRepr, Type type) {
+    SourceLoc loc = typeRepr ? typeRepr->getLoc() : E->getLoc();
+    auto classification = Classification::forType(type, loc);
+    checkEffectSite(E, /*requiresTry=*/false, classification);
+    return ShouldRecurse;
+  }
+
   ConditionalEffectKind checkExhaustiveDoBody(DoCatchStmt *S) {
     // This is a context where errors are handled.
     ContextScope scope(*this, CurContext.withHandlesErrors());

lib/Sema/TypeCheckType.cpp

@@ -6672,27 +6672,3 @@ Type ExplicitCaughtTypeRequest::evaluate(
 
   llvm_unreachable("Unhandled catch node");
 }
-
-void swift::diagnoseUnsafeType(ASTContext &ctx, SourceLoc loc, Type type,
-                               llvm::function_ref<void(Type)> diagnose) {
-  if (!ctx.LangOpts.hasFeature(Feature::WarnUnsafe))
-    return;
-
-  if (!type->isUnsafe() && !type->getCanonicalType()->isUnsafe())
-    return;
-
-  // Look for a specific @unsafe nominal type.
-  Type specificType;
-  type.findIf([&specificType](Type type) {
-    if (auto typeDecl = type->getAnyNominal()) {
-      if (typeDecl->isUnsafe()) {
-        specificType = type;
-        return false;
-      }
-    }
-
-    return false;
-  });
-
-  diagnose(specificType ? specificType : type);
-}

lib/Sema/TypeCheckType.h

@@ -748,11 +748,6 @@ bool diagnoseMissingOwnership(ParamSpecifier ownership,
                               TypeRepr *repr, Type ty,
                               const TypeResolution &resolution);
 
-/// If the given type involves an unsafe type, diagnose it by calling the
-/// diagnose function with the most specific unsafe type that can be provided.
-void diagnoseUnsafeType(ASTContext &ctx, SourceLoc loc, Type type,
-                        llvm::function_ref<void(Type)> diagnose);
-
 } // end namespace swift
 
 #endif /* SWIFT_SEMA_TYPE_CHECK_TYPE_H */

lib/Sema/TypeCheckUnsafe.cpp

@@ -123,11 +123,11 @@ void swift::diagnoseUnsafeUse(const UnsafeUse &use) {
   case UnsafeUse::ReferenceToUnsafe:
   case UnsafeUse::CallToUnsafe: {
     bool isCall = use.getKind() == UnsafeUse::CallToUnsafe;
-    auto decl = cast<ValueDecl>(use.getDecl());
+    auto decl = cast_or_null<ValueDecl>(use.getDecl());
     auto loc = use.getLocation();
     Type type = use.getType();
-    ASTContext &ctx = decl->getASTContext();
-    if (type) {
+    ASTContext &ctx = decl ? decl->getASTContext() : type->getASTContext();
+    if (type && decl) {
       diagnoseUnsafeType(
           ctx, loc, type,
           [&](Type specificType) {
@@ -136,6 +136,11 @@ void swift::diagnoseUnsafeUse(const UnsafeUse &use) {
                 diag::note_reference_to_unsafe_typed_decl,
                 isCall, decl, specificType);
           });
+    } else if (type) {
+      ctx.Diags.diagnose(
+          loc,
+          diag::note_reference_to_unsafe_type,
+          type);
     } else {
       ctx.Diags.diagnose(
           loc,
@@ -336,3 +341,27 @@ bool swift::isUnsafeInConformance(const ValueDecl *requirement,
   });
   return hasUnsafeType;
 }
+
+void swift::diagnoseUnsafeType(ASTContext &ctx, SourceLoc loc, Type type,
+                               llvm::function_ref<void(Type)> diagnose) {
+  if (!ctx.LangOpts.hasFeature(Feature::WarnUnsafe))
+    return;
+
+  if (!type->isUnsafe() && !type->getCanonicalType()->isUnsafe())
+    return;
+
+  // Look for a specific @unsafe nominal type.
+  Type specificType;
+  type.findIf([&specificType](Type type) {
+    if (auto typeDecl = type->getAnyNominal()) {
+      if (typeDecl->isUnsafe()) {
+        specificType = type;
+        return false;
+      }
+    }
+
+    return false;
+  });
+
+  diagnose(specificType ? specificType : type);
+}

lib/Sema/TypeCheckUnsafe.h

@@ -64,6 +64,12 @@ bool isUnsafe(ConcreteDeclRef declRef);
 bool isUnsafeInConformance(const ValueDecl *requirement,
                            const Witness &witness,
                            NormalProtocolConformance *conformance);
+
+/// If the given type involves an unsafe type, diagnose it by calling the
+/// diagnose function with the most specific unsafe type that can be provided.
+void diagnoseUnsafeType(ASTContext &ctx, SourceLoc loc, Type type,
+                        llvm::function_ref<void(Type)> diagnose);
+
 }
 
 #endif // SWIFT_SEMA_TYPE_CHECK_UNSAFE_H

test/Unsafe/safe.swift

@@ -104,6 +104,26 @@ class MyRange {
   }
 }
 
+func casting(value: Any, i: Int) {
+  // expected-warning@+1{{expression uses unsafe constructs but is not marked with 'unsafe'}}
+  _ = value as? UnsafeType // expected-note{{reference to unsafe type 'UnsafeType'}}
+  // expected-warning@+1{{expression uses unsafe constructs but is not marked with 'unsafe'}}
+  _ = value as! UnsafeType // expected-note{{reference to unsafe type 'UnsafeType'}}
+
+  _ = unsafe value as? UnsafeType
+  _ = unsafe value as! UnsafeType
+
+  // expected-warning@+1{{expression uses unsafe constructs but is not marked with 'unsafe'}}
+  _ = i as any P // expected-note{{@unsafe conformance of 'Int' to protocol 'P' involves unsafe code}}
+}
+
+func metatypes() {
+  // expected-warning@+1{{expression uses unsafe constructs but is not marked with 'unsafe'}}
+  let _: Any.Type = UnsafeType.self // expected-note{{reference to unsafe type 'UnsafeType'}}
+
+  let _: Any.Type = unsafe UnsafeType.self
+}
+
 // Parsing of `unsafe` expressions.
 func testUnsafePositionError() -> Int {
   return 3 + unsafe unsafeInt() // expected-error{{'unsafe' cannot appear to the right of a non-assignment operator}}