-
Notifications
You must be signed in to change notification settings - Fork 13k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
patterns: reject raw pointers that are not just integers #116930
Conversation
r? @davidtwco (rustbot has picked a reviewer for you, use r? to override) |
pub POINTER_STRUCTURAL_MATCH, | ||
Allow, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I didn't realize this lint is still allow-by-default oO. Seems high time we make it warn-by-default?
The 2nd commit makes this forbid-by-default so we can crater it. |
patterns: reject raw pointers that are not just integers Matching against `0 as *const i32` is fine, matching against `&42 as *const i32` is not. Cc `@oli-obk` `@lcnr`
Due to #116929 this lint still has a big gap, it'll only find bad raw pointers "at the root". I wonder if with this change to valtree construction, we can make it so that some lint always fires when a const is used as a pattern and valtree construction fails? I do think those cases should all become hard errors eventually... |
This comment has been minimized.
This comment has been minimized.
☀️ Try build successful - checks-actions |
Let's see how much fallout we're getting from this weak form of the lint. |
👌 Experiment ℹ️ Crater is a tool to run experiments across parts of the Rust ecosystem. Learn more |
0787e62
to
a91227c
Compare
Some changes might have occurred in exhaustiveness checking cc @Nadrieril |
a91227c
to
41ab7f7
Compare
This comment has been minimized.
This comment has been minimized.
Lol, the doctest for |
2e70736
to
35b0255
Compare
@@ -247,6 +247,7 @@ marker_impls! { | |||
/// | |||
/// const CFN: Wrap<fn(&())> = Wrap(higher_order); | |||
/// | |||
/// #[allow(pointer_structural_match)] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
FWIW these entire trait docs are outdated; that's tracked in #115881.
🚧 Experiment ℹ️ Crater is a tool to run experiments across parts of the Rust ecosystem. Learn more |
🎉 Experiment
|
@craterbot run mode=check-only crates=https://crater-reports.s3.amazonaws.com/pr-116930/retry-regressed-list.txt |
This comment was marked as outdated.
This comment was marked as outdated.
Those seem to be 3 legit regressions:
In particular, none of them is matching on a raw pointer that was not derived from an integer. So IMO we should land this PR to make sure people don't start doing that. |
@rust-lang/lang this PR does three things:
We haven't reached a proper conclusion in the recent "match on const" meeting, but the general direction seems to have been towards "it should still work like a pattern" (and not like sugar for Crater found only 3 cases where the warning triggers, in the entire ecosystem. All of them would already warn on stable if they enabled the lint; the new cases covered by this PR were not detected at all by crater. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Implementation changes look good to me, r=me after decisions from t-lang.
); | ||
} | ||
_ => {} | ||
if !have_valtree { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: could be part of the condition on the previous line
I'm in favor of this. (I also have thoughts on the semantics of matching on constants -- tl;dr I think I'm ready to accept "match is not an extensible mechanism" and hence will not act the same as |
T-lang meeting consensus: let's do this, no FCP needed. |
@bors r=davidtwco |
☀️ Test successful - checks-actions |
Finished benchmarking commit (fdaaaf9): comparison URL. Overall result: no relevant changes - no action needed@rustbot label: -perf-regression Instruction countThis benchmark run did not return any relevant results for this metric. Max RSS (memory usage)ResultsThis is a less reliable metric that may be of interest but was not used to determine the overall result at the top of this comment.
CyclesResultsThis is a less reliable metric that may be of interest but was not used to determine the overall result at the top of this comment.
Binary sizeThis benchmark run did not return any relevant results for this metric. Bootstrap: 662.394s -> 663.159s (0.12%) |
patterns: reject raw pointers that are not just integers Matching against `0 as *const i32` is fine, matching against `&42 as *const i32` is not. This extends the existing check against function pointers and wide pointers: we now uniformly reject all these pointer types during valtree construction, and then later lint because of that. See [here](rust-lang/rust#116930 (comment)) for some more explanation and context. Also fixes rust-lang/rust#116929. Cc `@oli-obk` `@lcnr`
patterns: reject raw pointers that are not just integers Matching against `0 as *const i32` is fine, matching against `&42 as *const i32` is not. This extends the existing check against function pointers and wide pointers: we now uniformly reject all these pointer types during valtree construction, and then later lint because of that. See [here](rust-lang/rust#116930 (comment)) for some more explanation and context. Also fixes rust-lang/rust#116929. Cc `@oli-obk` `@lcnr`
patterns: reject raw pointers that are not just integers Matching against `0 as *const i32` is fine, matching against `&42 as *const i32` is not. This extends the existing check against function pointers and wide pointers: we now uniformly reject all these pointer types during valtree construction, and then later lint because of that. See [here](rust-lang/rust#116930 (comment)) for some more explanation and context. Also fixes rust-lang/rust#116929. Cc `@oli-obk` `@lcnr`
Update Rust toolchain from nightly-2023-11-08 to nightly-2023-11-09 without any other source changes. This is an automatically generated pull request. If any of the CI checks fail, manual intervention is required. In such a case, review the changes at https://github.com/rust-lang/rust from rust-lang@7adc89b up to rust-lang@fdaaaf9. The log for this commit range is: rust-lang@fdaaaf9f92 Auto merge of rust-lang#116930 - RalfJung:raw-ptr-match, r=davidtwco rust-lang@30588657b7 avoid unnecessary nested conditionals rust-lang@90fdc1fc27 Auto merge of rust-lang#117716 - GuillaumeGomez:rollup-83gnhll, r=GuillaumeGomez rust-lang@9d3c80248b Rollup merge of rust-lang#117713 - GuillaumeGomez:document-hidden-json, r=notriddle rust-lang@d8c52b378d Rollup merge of rust-lang#117702 - davidtwco:target-tier-refactors, r=petrochenkov rust-lang@5d00a5d936 Rollup merge of rust-lang#117679 - aDotInTheVoid:yes-core, r=GuillaumeGomez rust-lang@c828371179 Rollup merge of rust-lang#117282 - clubby789:recover-wrong-function-header, r=TaKO8Ki rust-lang@e05e4f38b5 Rollup merge of rust-lang#117263 - onur-ozkan:change-id-fix, r=saethlin rust-lang@341efb1017 Auto merge of rust-lang#117560 - lqd:issue-117146, r=matthewjasper rust-lang@33edea60f0 Add test for reexported hidden item with `--document-hidden-items` rust-lang@28acba3c61 Auto merge of rust-lang#115460 - zachs18:borrowedcursor_write_no_panic, r=dtolnay rust-lang@755629fe59 Auto merge of rust-lang#117706 - matthiaskrgr:rollup-lscx7dg, r=matthiaskrgr rust-lang@e0cb1cc296 bootstrap: add more detail on change-id comments rust-lang@e878100386 bootstrap: improve `fn check_version` rust-lang@ae4d18b2da handle the case when the change-id isn't found rust-lang@7e4ffa98b5 Rollup merge of rust-lang#117700 - Zalathar:rename-run-coverage, r=onur-ozkan rust-lang@55306535dd Rollup merge of rust-lang#117698 - nnethercote:space_between-2, r=petrochenkov rust-lang@b1b5a8ea9d Rollup merge of rust-lang#117667 - Alexendoo:doc-clippy-config, r=albertlarsan68 rust-lang@adf4981969 Rollup merge of rust-lang#117663 - klensy:bump-deps, r=davidtwco rust-lang@8198864377 Rollup merge of rust-lang#117650 - saethlin:inline-me-please, r=davidtwco rust-lang@ba7ec56639 Rollup merge of rust-lang#117531 - fmease:rustdoc-effects-properly-elide-x-crate-host-args, r=GuillaumeGomez rust-lang@b74a84c0bc Rollup merge of rust-lang#114316 - ecnelises:aix_doc, r=workingjubilee rust-lang@fab1054e17 Auto merge of rust-lang#117542 - compiler-errors:only-normalize-predicate, r=lcnr rust-lang@750c2ecd15 Auto merge of rust-lang#116881 - LuuuXXX:issue-110087, r=onur-ozkan rust-lang@b9b7982f72 Add AIX platform-support doc rust-lang@ef7ebaa788 rustc_target: move file for uniformity rust-lang@1af256fe8a targets: move target specs to spec/targets rust-lang@76aa83e3e1 target: move base specs to spec/base rust-lang@a573880373 coverage: Rename the `run-coverage` test mode to `coverage-run` rust-lang@7cc997d373 Auto merge of rust-lang#117699 - weihanglo:update-cargo, r=weihanglo rust-lang@0670466e2c Update cargo rust-lang@438b9a6e82 More tests for token stream pretty-printing with adjacent punctuation. rust-lang@783d4b8b26 Clarify `space_between`. rust-lang@91cfcb0219 Auto merge of rust-lang#117484 - Zalathar:tests, r=cjgillot rust-lang@97c9d8f405 Only use normalize_param_env when normalizing predicate in check_item_bounds rust-lang@1b8dee19e8 Fix issue rust-lang#110087 rust-lang@0d5ec963bb Auto merge of rust-lang#117692 - matthiaskrgr:rollup-umaf5pr, r=matthiaskrgr rust-lang@f72e974e3f Rollup merge of rust-lang#117655 - compiler-errors:method-tweaks, r=estebank rust-lang@7552dd19ad Rollup merge of rust-lang#117625 - nnethercote:clippy-perf, r=cuviper rust-lang@3c6307240c Rollup merge of rust-lang#116399 - WaffleLapkin:erase_small_things, r=cjgillot rust-lang@b724d9c90e Rollup merge of rust-lang#113925 - clubby789:const-ctor-repeat, r=estebank rust-lang@fcdd99edca Add -Zcross-crate-inline-threshold=yes rust-lang@e8cf29b584 rustdoc: minor changes suggested by clippy perf lints. rust-lang@ff0b4b6091 Auto merge of rust-lang#117672 - lqd:ci-gcc-lld, r=Kobzol rust-lang@1b3733e5a4 rustc: minor changes suggested by clippy perf lints. rust-lang@eca9a1533f Add an explanation for `transmute_unchecked` rust-lang@1d1fe9a205 add note to remember to update a url when bumping to gcc 10.1.0 rust-lang@434b69a1d6 tests/rustdoc-json: Rewrite tests no not use `#![no_core]`. rust-lang@0875f456f1 tests/rustdoc-json: Remove more needless uses of `#![no_core]`. rust-lang@f784fa7bd9 tests/rustdoc-json: Remove some needless uses of `#![no_core]`. rust-lang@d73eaaac5f ci: bump gcc on dist x64 linux builder to 9.5 rust-lang@f2fd8ad788 Document clippy_config in nightly-rustc docs rust-lang@eed89185bb bump some deps rust-lang@0add056dee Rework print_disambiguation_help rust-lang@88a37acb26 Yeet MethodCallComponents rust-lang@4e6f438d2a coverage: Register `test::Coverage` as the test suite for `tests/coverage` rust-lang@49127c64d6 coverage: Migrate `tests/coverage-map` into `tests/coverage` rust-lang@e9d04c5e24 coverage: Migrate `tests/run-coverage` into `tests/coverage` rust-lang@aea7c27eae coverage: Set up a macro for declaring unified coverage test suites rust-lang@3509aed632 coverage: Add `./x.py test coverage`, an alias for `coverage-map` and `run-coverage` rust-lang@e585a99230 coverage: Give each coverage test mode a separate output directory rust-lang@211d4cee8e coverage: Copy all remaining run-coverage tests into coverage-map rust-lang@4b76b97bc8 coverage: Copy all remaining coverage-map tests into run-coverage rust-lang@f5df56b26b coverage: Flatten `coverage-map/status-quo/` into its parent directory rust-lang@8eef39f082 coverage: Remove `tests/coverage-map/if.rs` rust-lang@7f8a6de72c coverage: Use `-Copt-level=2` by default in run-coverage tests rust-lang@1dcdf83927 rustdoc: properly elide cross-crate host effect args rust-lang@2dff90dc23 add test for issue 117146 rust-lang@de7a8305ae traverse region graph instead of SCCs to compute polonius loan scopes rust-lang@03b24f2756 remove some dead code rust-lang@70a8e157ab make pointer_structural_match warn-by-default rust-lang@af6c7e0ca1 also lint against fn ptr and raw ptr nested inside the const rust-lang@bec88ad4aa patterns: reject raw pointers that are not just integers rust-lang@be0b42fabe Recover from incorrectly ordered/duplicated function keywords rust-lang@b3d50255d9 Use consisntent style of `size_of` in query type erasure rust-lang@61361bb212 Use `transmute_unchecked` and make the types explicit in query type erasure rust-lang@11a64a1834 don't panic in BorrowedCursor::write rust-lang@86b112204a Improve diagnostic for const ctors in array repeat expressions Co-authored-by: celinval <celinval@users.noreply.github.com>
Matching against
0 as *const i32
is fine, matching against&42 as *const i32
is not.This extends the existing check against function pointers and wide pointers: we now uniformly reject all these pointer types during valtree construction, and then later lint because of that. See here for some more explanation and context.
Also fixes #116929.
Cc @oli-obk @lcnr