Rename unsafe_sizeof_count_copies to size_of_in_element_count

nico-abram · nico-abram · commit af9685bb1e7e · 2020-12-03T20:55:38.000-03:00
Also fix review comments:
 - Use const arrays and iterate them for the method/function names
 - merge 2 if_chain's into one using a rest pattern
 - remove unnecessary unsafe block in test

And make the lint only point to the count expression instead of the entire function call
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -2057,6 +2057,7 @@ Released 2018-09-13
 [`single_element_loop`]: https://rust-lang.github.io/rust-clippy/master/index.html#single_element_loop
 [`single_match`]: https://rust-lang.github.io/rust-clippy/master/index.html#single_match
 [`single_match_else`]: https://rust-lang.github.io/rust-clippy/master/index.html#single_match_else
+[`size_of_in_element_count`]: https://rust-lang.github.io/rust-clippy/master/index.html#size_of_in_element_count
 [`skip_while_next`]: https://rust-lang.github.io/rust-clippy/master/index.html#skip_while_next
 [`slow_vector_initialization`]: https://rust-lang.github.io/rust-clippy/master/index.html#slow_vector_initialization
 [`stable_sort_primitive`]: https://rust-lang.github.io/rust-clippy/master/index.html#stable_sort_primitive
@@ -2124,7 +2125,6 @@ Released 2018-09-13
 [`unreadable_literal`]: https://rust-lang.github.io/rust-clippy/master/index.html#unreadable_literal
 [`unsafe_derive_deserialize`]: https://rust-lang.github.io/rust-clippy/master/index.html#unsafe_derive_deserialize
 [`unsafe_removed_from_name`]: https://rust-lang.github.io/rust-clippy/master/index.html#unsafe_removed_from_name
-[`unsafe_sizeof_count_copies`]: https://rust-lang.github.io/rust-clippy/master/index.html#unsafe_sizeof_count_copies
 [`unsafe_vector_initialization`]: https://rust-lang.github.io/rust-clippy/master/index.html#unsafe_vector_initialization
 [`unseparated_literal_suffix`]: https://rust-lang.github.io/rust-clippy/master/index.html#unseparated_literal_suffix
 [`unsound_collection_transmute`]: https://rust-lang.github.io/rust-clippy/master/index.html#unsound_collection_transmute
diff --git a/clippy_lints/src/lib.rs b/clippy_lints/src/lib.rs
@@ -306,6 +306,7 @@ mod self_assignment;
 mod serde_api;
 mod shadow;
 mod single_component_path_imports;
+mod size_of_in_element_count;
 mod slow_vector_initialization;
 mod stable_sort_primitive;
 mod strings;
@@ -329,7 +330,6 @@ mod unnecessary_sort_by;
 mod unnecessary_wraps;
 mod unnested_or_patterns;
 mod unsafe_removed_from_name;
-mod unsafe_sizeof_count_copies;
 mod unused_io_amount;
 mod unused_self;
 mod unused_unit;
@@ -917,7 +917,7 @@ pub fn register_plugins(store: &mut rustc_lint::LintStore, sess: &Session, conf:
         &unnecessary_wraps::UNNECESSARY_WRAPS,
         &unnested_or_patterns::UNNESTED_OR_PATTERNS,
         &unsafe_removed_from_name::UNSAFE_REMOVED_FROM_NAME,
-        &unsafe_sizeof_count_copies::UNSAFE_SIZEOF_COUNT_COPIES,
+        &size_of_in_element_count::SIZE_OF_IN_ELEMENT_COUNT,
         &unused_io_amount::UNUSED_IO_AMOUNT,
         &unused_self::UNUSED_SELF,
         &unused_unit::UNUSED_UNIT,
@@ -1000,7 +1000,7 @@ pub fn register_plugins(store: &mut rustc_lint::LintStore, sess: &Session, conf:
     store.register_late_pass(move || box matches::Matches::new(msrv));
     store.register_early_pass(move || box manual_non_exhaustive::ManualNonExhaustive::new(msrv));
     store.register_late_pass(move || box manual_strip::ManualStrip::new(msrv));
-    store.register_late_pass(|| box unsafe_sizeof_count_copies::UnsafeSizeofCountCopies);
+    store.register_late_pass(|| box size_of_in_element_count::SizeOfInElementCount);
     store.register_late_pass(|| box map_clone::MapClone);
     store.register_late_pass(|| box map_err_ignore::MapErrIgnore);
     store.register_late_pass(|| box shadow::Shadow);
@@ -1608,7 +1608,7 @@ pub fn register_plugins(store: &mut rustc_lint::LintStore, sess: &Session, conf:
         LintId::of(&unnecessary_sort_by::UNNECESSARY_SORT_BY),
         LintId::of(&unnecessary_wraps::UNNECESSARY_WRAPS),
         LintId::of(&unsafe_removed_from_name::UNSAFE_REMOVED_FROM_NAME),
-        LintId::of(&unsafe_sizeof_count_copies::UNSAFE_SIZEOF_COUNT_COPIES),
+        LintId::of(&size_of_in_element_count::SIZE_OF_IN_ELEMENT_COUNT),
         LintId::of(&unused_io_amount::UNUSED_IO_AMOUNT),
         LintId::of(&unused_unit::UNUSED_UNIT),
         LintId::of(&unwrap::PANICKING_UNWRAP),
@@ -1887,7 +1887,7 @@ pub fn register_plugins(store: &mut rustc_lint::LintStore, sess: &Session, conf:
         LintId::of(&unit_return_expecting_ord::UNIT_RETURN_EXPECTING_ORD),
         LintId::of(&unnamed_address::FN_ADDRESS_COMPARISONS),
         LintId::of(&unnamed_address::VTABLE_ADDRESS_COMPARISONS),
-        LintId::of(&unsafe_sizeof_count_copies::UNSAFE_SIZEOF_COUNT_COPIES),
+        LintId::of(&size_of_in_element_count::SIZE_OF_IN_ELEMENT_COUNT),
         LintId::of(&unused_io_amount::UNUSED_IO_AMOUNT),
         LintId::of(&unwrap::PANICKING_UNWRAP),
         LintId::of(&vec_resize_to_zero::VEC_RESIZE_TO_ZERO),
diff --git a/clippy_lints/src/size_of_in_element_count.rs b/clippy_lints/src/size_of_in_element_count.rs
@@ -1,5 +1,5 @@
-//! Lint on unsafe memory copying that use the `size_of` of the pointee type instead of a pointee
-//! count
+//! Lint on use of `size_of` or `size_of_val` of T in an expression
+//! expecting a count of T
 
 use crate::utils::{match_def_path, paths, span_lint_and_help};
 use if_chain::if_chain;
@@ -11,15 +11,11 @@ use rustc_session::{declare_lint_pass, declare_tool_lint};
 
 declare_clippy_lint! {
     /// **What it does:** Detects expressions where
-    /// size_of::<T> is used as the count argument to unsafe
-    /// memory copying functions like ptr::copy and
-    /// ptr::copy_nonoverlapping where T is the pointee type
-    /// of the pointers used
+    /// size_of::<T> or size_of_val::<T> is used as a
+    /// count of elements of type T
     ///
     /// **Why is this bad?** These functions expect a count
-    /// of T and not a number of bytes, which can lead to
-    /// copying the incorrect amount of bytes, which can
-    /// result in Undefined Behaviour
+    /// of T and not a number of bytes
     ///
     /// **Known problems:** None.
     ///
@@ -33,12 +29,12 @@ declare_clippy_lint! {
     /// let mut y = [2u8; SIZE];
     /// unsafe { copy_nonoverlapping(x.as_ptr(), y.as_mut_ptr(), size_of::<u8>() * SIZE) };
     /// ```
-    pub UNSAFE_SIZEOF_COUNT_COPIES,
+    pub SIZE_OF_IN_ELEMENT_COUNT,
     correctness,
-    "unsafe memory copying using a byte count instead of a count of T"
+    "using size_of::<T> or size_of_val::<T> where a count of elements of T is expected"
 }
 
-declare_lint_pass!(UnsafeSizeofCountCopies => [UNSAFE_SIZEOF_COUNT_COPIES]);
+declare_lint_pass!(SizeOfInElementCount => [SIZE_OF_IN_ELEMENT_COUNT]);
 
 fn get_size_of_ty(cx: &LateContext<'tcx>, expr: &'tcx Expr<'_>) -> Option<Ty<'tcx>> {
     match expr.kind {
@@ -62,18 +58,30 @@ fn get_size_of_ty(cx: &LateContext<'tcx>, expr: &'tcx Expr<'_>) -> Option<Ty<'tc
     }
 }
 
+const FUNCTIONS: [[&str; 3]; 6] = [
+    paths::COPY_NONOVERLAPPING,
+    paths::COPY,
+    paths::WRITE_BYTES,
+    paths::PTR_SWAP_NONOVERLAPPING,
+    paths::PTR_SLICE_FROM_RAW_PARTS,
+    paths::PTR_SLICE_FROM_RAW_PARTS_MUT,
+    ];
+const METHODS: [&str; 5] = [
+    "write_bytes",
+    "copy_to",
+    "copy_from",
+    "copy_to_nonoverlapping",
+    "copy_from_nonoverlapping",
+    ];
 fn get_pointee_ty_and_count_expr(cx: &LateContext<'tcx>, expr: &'tcx Expr<'_>) -> Option<(Ty<'tcx>, &'tcx Expr<'tcx>)> {
     if_chain! {
         // Find calls to ptr::{copy, copy_nonoverlapping}
         // and ptr::{swap_nonoverlapping, write_bytes},
         if let ExprKind::Call(func, args) = expr.kind;
-        if let [_, _, count] = args;
+        if let [.., count] = args;
         if let ExprKind::Path(ref func_qpath) = func.kind;
         if let Some(def_id) = cx.qpath_res(func_qpath, func.hir_id).opt_def_id();
-        if match_def_path(cx, def_id, &paths::COPY_NONOVERLAPPING)
-            || match_def_path(cx, def_id, &paths::COPY)
-            || match_def_path(cx, def_id, &paths::WRITE_BYTES)
-            || match_def_path(cx, def_id, &paths::PTR_SWAP_NONOVERLAPPING);
+        if FUNCTIONS.iter().any(|func_path| match_def_path(cx, def_id, func_path));
 
         // Get the pointee type
         if let Some(pointee_ty) = cx.typeck_results().node_substs(func.hir_id).types().next();
@@ -86,8 +94,7 @@ fn get_pointee_ty_and_count_expr(cx: &LateContext<'tcx>, expr: &'tcx Expr<'_>) -
         if let ExprKind::MethodCall(method_path, _, args, _) = expr.kind;
         if let [ptr_self, _, count] = args;
         let method_ident = method_path.ident.as_str();
-        if method_ident == "write_bytes" || method_ident == "copy_to" || method_ident == "copy_from"
-            || method_ident == "copy_to_nonoverlapping" || method_ident == "copy_from_nonoverlapping";
+        if METHODS.iter().any(|m| *m == &*method_ident);
 
         // Get the pointee type
         if let ty::RawPtr(TypeAndMut { ty: pointee_ty, mutbl:_mutability }) =
@@ -96,31 +103,16 @@ fn get_pointee_ty_and_count_expr(cx: &LateContext<'tcx>, expr: &'tcx Expr<'_>) -
             return Some((pointee_ty, count));
         }
     };
-    if_chain! {
-        // Find calls to ptr::copy and copy_nonoverlapping
-        if let ExprKind::Call(func, args) = expr.kind;
-        if let [_data, count] = args;
-        if let ExprKind::Path(ref func_qpath) = func.kind;
-        if let Some(def_id) = cx.qpath_res(func_qpath, func.hir_id).opt_def_id();
-        if match_def_path(cx, def_id, &paths::PTR_SLICE_FROM_RAW_PARTS)
-            || match_def_path(cx, def_id, &paths::PTR_SLICE_FROM_RAW_PARTS_MUT);
-
-        // Get the pointee type
-        if let Some(pointee_ty) = cx.typeck_results().node_substs(func.hir_id).types().next();
-        then {
-            return Some((pointee_ty, count));
-        }
-    };
     None
 }
 
-impl<'tcx> LateLintPass<'tcx> for UnsafeSizeofCountCopies {
+impl<'tcx> LateLintPass<'tcx> for SizeOfInElementCount {
     fn check_expr(&mut self, cx: &LateContext<'tcx>, expr: &'tcx Expr<'_>) {
-        const HELP_MSG: &str = "use a count of elements instead of a count of bytes \
-            for the count parameter, it already gets multiplied by the size of the pointed to type";
+        const HELP_MSG: &str = "use a count of elements instead of a count of bytes\
+            , it already gets multiplied by the size of the type";
 
-        const LINT_MSG: &str = "unsafe memory copying using a byte count \
-            (multiplied by size_of/size_of_val::<T>) instead of a count of T";
+        const LINT_MSG: &str = "found a count of bytes \
+             instead of a count of elements of T";
 
         if_chain! {
             // Find calls to unsafe copy functions and get
@@ -134,8 +126,8 @@ impl<'tcx> LateLintPass<'tcx> for UnsafeSizeofCountCopies {
             then {
                 span_lint_and_help(
                     cx,
-                    UNSAFE_SIZEOF_COUNT_COPIES,
-                    expr.span,
+                    SIZE_OF_IN_ELEMENT_COUNT,
+                    count_expr.span,
                     LINT_MSG,
                     None,
                     HELP_MSG
diff --git a/tests/ui/size_of_in_element_count.rs b/tests/ui/size_of_in_element_count.rs
@@ -1,8 +1,9 @@
-#![warn(clippy::unsafe_sizeof_count_copies)]
+#![warn(clippy::size_of_in_element_count)]
 
 use std::mem::{size_of, size_of_val};
 use std::ptr::{
-    copy, copy_nonoverlapping, slice_from_raw_parts, slice_from_raw_parts_mut, swap_nonoverlapping, write_bytes,
+    copy, copy_nonoverlapping, slice_from_raw_parts,
+    slice_from_raw_parts_mut, swap_nonoverlapping, write_bytes,
 };
 
 fn main() {
@@ -29,8 +30,8 @@ fn main() {
 
     unsafe { swap_nonoverlapping(y.as_mut_ptr(), x.as_mut_ptr(), size_of::<u8>() * SIZE) };
 
-    unsafe { slice_from_raw_parts_mut(y.as_mut_ptr(), size_of::<u8>() * SIZE) };
-    unsafe { slice_from_raw_parts(y.as_ptr(), size_of::<u8>() * SIZE) };
+    slice_from_raw_parts_mut(y.as_mut_ptr(), size_of::<u8>() * SIZE);
+    slice_from_raw_parts(y.as_ptr(), size_of::<u8>() * SIZE);
 
     // Count expression involving multiplication of size_of (Should trigger the lint)
     unsafe { copy_nonoverlapping(x.as_ptr(), y.as_mut_ptr(), size_of::<u8>() * SIZE) };
diff --git a/tests/ui/size_of_in_element_count.stderr b/tests/ui/size_of_in_element_count.stderr
@@ -0,0 +1,131 @@
+error: found a count of bytes instead of a count of elements of T
+  --> $DIR/size_of_in_element_count.rs:17:68
+   |
+LL |     unsafe { copy_nonoverlapping::<u8>(x.as_ptr(), y.as_mut_ptr(), size_of::<u8>()) };
+   |                                                                    ^^^^^^^^^^^^^^^
+   |
+   = note: `-D clippy::size-of-in-element-count` implied by `-D warnings`
+   = help: use a count of elements instead of a count of bytes, it already gets multiplied by the size of the type
+
+error: found a count of bytes instead of a count of elements of T
+  --> $DIR/size_of_in_element_count.rs:18:62
+   |
+LL |     unsafe { copy_nonoverlapping(x.as_ptr(), y.as_mut_ptr(), size_of_val(&x[0])) };
+   |                                                              ^^^^^^^^^^^^^^^^^^
+   |
+   = help: use a count of elements instead of a count of bytes, it already gets multiplied by the size of the type
+
+error: found a count of bytes instead of a count of elements of T
+  --> $DIR/size_of_in_element_count.rs:20:49
+   |
+LL |     unsafe { x.as_ptr().copy_to(y.as_mut_ptr(), size_of::<u8>()) };
+   |                                                 ^^^^^^^^^^^^^^^
+   |
+   = help: use a count of elements instead of a count of bytes, it already gets multiplied by the size of the type
+
+error: found a count of bytes instead of a count of elements of T
+  --> $DIR/size_of_in_element_count.rs:21:64
+   |
+LL |     unsafe { x.as_ptr().copy_to_nonoverlapping(y.as_mut_ptr(), size_of::<u8>()) };
+   |                                                                ^^^^^^^^^^^^^^^
+   |
+   = help: use a count of elements instead of a count of bytes, it already gets multiplied by the size of the type
+
+error: found a count of bytes instead of a count of elements of T
+  --> $DIR/size_of_in_element_count.rs:22:51
+   |
+LL |     unsafe { y.as_mut_ptr().copy_from(x.as_ptr(), size_of::<u8>()) };
+   |                                                   ^^^^^^^^^^^^^^^
+   |
+   = help: use a count of elements instead of a count of bytes, it already gets multiplied by the size of the type
+
+error: found a count of bytes instead of a count of elements of T
+  --> $DIR/size_of_in_element_count.rs:23:66
+   |
+LL |     unsafe { y.as_mut_ptr().copy_from_nonoverlapping(x.as_ptr(), size_of::<u8>()) };
+   |                                                                  ^^^^^^^^^^^^^^^
+   |
+   = help: use a count of elements instead of a count of bytes, it already gets multiplied by the size of the type
+
+error: found a count of bytes instead of a count of elements of T
+  --> $DIR/size_of_in_element_count.rs:25:47
+   |
+LL |     unsafe { copy(x.as_ptr(), y.as_mut_ptr(), size_of::<u8>()) };
+   |                                               ^^^^^^^^^^^^^^^
+   |
+   = help: use a count of elements instead of a count of bytes, it already gets multiplied by the size of the type
+
+error: found a count of bytes instead of a count of elements of T
+  --> $DIR/size_of_in_element_count.rs:26:47
+   |
+LL |     unsafe { copy(x.as_ptr(), y.as_mut_ptr(), size_of_val(&x[0])) };
+   |                                               ^^^^^^^^^^^^^^^^^^
+   |
+   = help: use a count of elements instead of a count of bytes, it already gets multiplied by the size of the type
+
+error: found a count of bytes instead of a count of elements of T
+  --> $DIR/size_of_in_element_count.rs:28:46
+   |
+LL |     unsafe { y.as_mut_ptr().write_bytes(0u8, size_of::<u8>() * SIZE) };
+   |                                              ^^^^^^^^^^^^^^^^^^^^^^
+   |
+   = help: use a count of elements instead of a count of bytes, it already gets multiplied by the size of the type
+
+error: found a count of bytes instead of a count of elements of T
+  --> $DIR/size_of_in_element_count.rs:29:47
+   |
+LL |     unsafe { write_bytes(y.as_mut_ptr(), 0u8, size_of::<u8>() * SIZE) };
+   |                                               ^^^^^^^^^^^^^^^^^^^^^^
+   |
+   = help: use a count of elements instead of a count of bytes, it already gets multiplied by the size of the type
+
+error: found a count of bytes instead of a count of elements of T
+  --> $DIR/size_of_in_element_count.rs:31:66
+   |
+LL |     unsafe { swap_nonoverlapping(y.as_mut_ptr(), x.as_mut_ptr(), size_of::<u8>() * SIZE) };
+   |                                                                  ^^^^^^^^^^^^^^^^^^^^^^
+   |
+   = help: use a count of elements instead of a count of bytes, it already gets multiplied by the size of the type
+
+error: found a count of bytes instead of a count of elements of T
+  --> $DIR/size_of_in_element_count.rs:33:46
+   |
+LL |     slice_from_raw_parts_mut(y.as_mut_ptr(), size_of::<u8>() * SIZE);
+   |                                              ^^^^^^^^^^^^^^^^^^^^^^
+   |
+   = help: use a count of elements instead of a count of bytes, it already gets multiplied by the size of the type
+
+error: found a count of bytes instead of a count of elements of T
+  --> $DIR/size_of_in_element_count.rs:34:38
+   |
+LL |     slice_from_raw_parts(y.as_ptr(), size_of::<u8>() * SIZE);
+   |                                      ^^^^^^^^^^^^^^^^^^^^^^
+   |
+   = help: use a count of elements instead of a count of bytes, it already gets multiplied by the size of the type
+
+error: found a count of bytes instead of a count of elements of T
+  --> $DIR/size_of_in_element_count.rs:37:62
+   |
+LL |     unsafe { copy_nonoverlapping(x.as_ptr(), y.as_mut_ptr(), size_of::<u8>() * SIZE) };
+   |                                                              ^^^^^^^^^^^^^^^^^^^^^^
+   |
+   = help: use a count of elements instead of a count of bytes, it already gets multiplied by the size of the type
+
+error: found a count of bytes instead of a count of elements of T
+  --> $DIR/size_of_in_element_count.rs:40:62
+   |
+LL |     unsafe { copy_nonoverlapping(x.as_ptr(), y.as_mut_ptr(), HALF_SIZE * size_of_val(&x[0]) * 2) };
+   |                                                              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+   |
+   = help: use a count of elements instead of a count of bytes, it already gets multiplied by the size of the type
+
+error: found a count of bytes instead of a count of elements of T
+  --> $DIR/size_of_in_element_count.rs:43:47
+   |
+LL |     unsafe { copy(x.as_ptr(), y.as_mut_ptr(), DOUBLE_SIZE * size_of::<u8>() / 2) };
+   |                                               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+   |
+   = help: use a count of elements instead of a count of bytes, it already gets multiplied by the size of the type
+
+error: aborting due to 16 previous errors
+
diff --git a/tests/ui/unsafe_sizeof_count_copies.stderr b/tests/ui/unsafe_sizeof_count_copies.stderr
