diff options
Diffstat (limited to 'components')
| -rw-r--r-- | components/plugins/lib.rs | 10 | ||||
| -rw-r--r-- | components/plugins/lints.rs | 372 | ||||
| -rw-r--r-- | components/plugins/lints/inheritance_integrity.rs | 90 | ||||
| -rw-r--r-- | components/plugins/lints/mod.rs | 9 | ||||
| -rw-r--r-- | components/plugins/lints/privatize.rs | 38 | ||||
| -rw-r--r-- | components/plugins/lints/str_to_string.rs | 48 | ||||
| -rw-r--r-- | components/plugins/lints/transmute_type.rs | 48 | ||||
| -rw-r--r-- | components/plugins/lints/unrooted_must_root.rs | 160 | ||||
| -rw-r--r-- | components/plugins/utils.rs | 33 |
9 files changed, 430 insertions, 378 deletions
diff --git a/components/plugins/lib.rs b/components/plugins/lib.rs index 6cf75aae7db..5a4a7554a8e 100644 --- a/components/plugins/lib.rs +++ b/components/plugins/lib.rs @@ -44,11 +44,11 @@ pub fn plugin_registrar(reg: &mut Registry) { reg.register_syntax_extension(intern("dom_struct"), Modifier(box jstraceable::expand_dom_struct)); reg.register_syntax_extension(intern("jstraceable"), Decorator(box jstraceable::expand_jstraceable)); reg.register_syntax_extension(intern("_generate_reflector"), Decorator(box reflector::expand_reflector)); - reg.register_lint_pass(box lints::TransmutePass as LintPassObject); - reg.register_lint_pass(box lints::UnrootedPass as LintPassObject); - reg.register_lint_pass(box lints::PrivatizePass as LintPassObject); - reg.register_lint_pass(box lints::InheritancePass as LintPassObject); - reg.register_lint_pass(box lints::StrToStringPass as LintPassObject); + reg.register_lint_pass(box lints::transmute_type::TransmutePass as LintPassObject); + reg.register_lint_pass(box lints::unrooted_must_root::UnrootedPass as LintPassObject); + reg.register_lint_pass(box lints::privatize::PrivatizePass as LintPassObject); + reg.register_lint_pass(box lints::inheritance_integrity::InheritancePass as LintPassObject); + reg.register_lint_pass(box lints::str_to_string::StrToStringPass as LintPassObject); } diff --git a/components/plugins/lints.rs b/components/plugins/lints.rs deleted file mode 100644 index ce744b47150..00000000000 --- a/components/plugins/lints.rs +++ /dev/null @@ -1,372 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -use syntax::{ast, ast_map, ast_util, codemap, visit}; -use syntax::ast::Public; -use syntax::attr::AttrMetaMethods; -use rustc::lint::{Context, LintPass, LintArray, Level}; -use rustc::middle::ty::expr_ty; -use rustc::middle::{ty, def}; -use rustc::middle::typeck::astconv::AstConv; -use rustc::util::ppaux::Repr; - -use utils::match_lang_ty; - -declare_lint!(TRANSMUTE_TYPE_LINT, Allow, - "Warn and report types being transmuted") -declare_lint!(UNROOTED_MUST_ROOT, Deny, - "Warn and report usage of unrooted jsmanaged objects") -declare_lint!(PRIVATIZE, Deny, - "Allows to enforce private fields for struct definitions") -declare_lint!(INHERITANCE_INTEGRITY, Deny, - "Ensures that struct fields are properly laid out for inheritance to work") -declare_lint!(STR_TO_STRING, Deny, - "Warn when a String could use into_string() instead of to_string()") - -/// Lint for auditing transmutes -/// -/// This lint (off by default, enable with `-W transmute-type-lint`) warns about all the transmutes -/// being used, along with the types they transmute to/from. -pub struct TransmutePass; - -/// Lint for ensuring safe usage of unrooted pointers -/// -/// This lint (disable with `-A unrooted-must-root`/`#[allow(unrooted_must_root)]`) ensures that `#[must_root]` values are used correctly. -/// "Incorrect" usage includes: -/// -/// - Not being used in a struct/enum field which is not `#[must_root]` itself -/// - Not being used as an argument to a function (Except onces named `new` and `new_inherited`) -/// - Not being bound locally in a `let` statement, assignment, `for` loop, or `match` statement. -/// -/// This helps catch most situations where pointers like `JS<T>` are used in a way that they can be invalidated by a GC pass. -pub struct UnrootedPass; - -/// Lint for keeping DOM fields private -/// -/// This lint (disable with `-A privatize`/`#[allow(privatize)]`) ensures all types marked with `#[privatize]` have no private fields -pub struct PrivatizePass; - -/// Lint for ensuring proper layout of DOM structs -/// -/// A DOM struct must have one Reflector field or one field -/// which itself is a DOM struct (in which case it must be the first field). -pub struct InheritancePass; - -/// Prefer str.into_string() over str.to_string() -/// -/// The latter creates a `Formatter` and is 5x slower than the former -pub struct StrToStringPass; - -impl LintPass for TransmutePass { - fn get_lints(&self) -> LintArray { - lint_array!(TRANSMUTE_TYPE_LINT) - } - - fn check_expr(&mut self, cx: &Context, ex: &ast::Expr) { - match ex.node { - ast::ExprCall(ref expr, ref args) => { - match expr.node { - ast::ExprPath(ref path) => { - if path.segments.last() - .map_or(false, |ref segment| segment.identifier.name.as_str() == "transmute") - && args.len() == 1 { - let tcx = cx.tcx(); - cx.span_lint(TRANSMUTE_TYPE_LINT, ex.span, - format!("Transmute to {} from {} detected", - expr_ty(tcx, ex).repr(tcx), - expr_ty(tcx, &**args.get(0).unwrap()).repr(tcx) - ).as_slice()); - } - } - _ => {} - } - } - _ => {} - } - } -} - -// Checks if a type has the #[must_root] annotation. -// Unwraps pointers as well -// TODO (#3874, sort of): unwrap other types like Vec/Option/HashMap/etc -fn lint_unrooted_ty(cx: &Context, ty: &ast::Ty, warning: &str) { - match ty.node { - ast::TyVec(ref t) | ast::TyFixedLengthVec(ref t, _) | - ast::TyPtr(ast::MutTy { ty: ref t, ..}) | ast::TyRptr(_, ast::MutTy { ty: ref t, ..}) => lint_unrooted_ty(cx, &**t, warning), - ast::TyPath(_, _, id) => { - match cx.tcx.def_map.borrow()[id].clone() { - def::DefTy(def_id, _) => { - if ty::has_attr(cx.tcx, def_id, "must_root") { - cx.span_lint(UNROOTED_MUST_ROOT, ty.span, warning); - } - } - _ => (), - } - } - _ => (), - }; -} - -// Determines if a block is in an unsafe context so that an unhelpful -// lint can be aborted. -fn unsafe_context(map: &ast_map::Map, id: ast::NodeId) -> bool { - match map.find(map.get_parent(id)) { - Some(ast_map::NodeImplItem(itm)) => { - match *itm { - ast::MethodImplItem(ref meth) => match meth.node { - ast::MethDecl(_, _, _, _, style, _, _, _) => match style { - ast::UnsafeFn => true, - _ => false, - }, - _ => false, - }, - _ => false, - } - }, - Some(ast_map::NodeItem(itm)) => { - match itm.node { - ast::ItemFn(_, style, _, _, _) => match style { - ast::UnsafeFn => true, - _ => false, - }, - _ => false, - } - } - _ => false // There are probably a couple of other unsafe cases we don't care to lint, those will need to be added. - } -} - -impl LintPass for UnrootedPass { - fn get_lints(&self) -> LintArray { - lint_array!(UNROOTED_MUST_ROOT) - } - /// All structs containing #[must_root] types must be #[must_root] themselves - fn check_struct_def(&mut self, cx: &Context, def: &ast::StructDef, _i: ast::Ident, _gen: &ast::Generics, id: ast::NodeId) { - if cx.tcx.map.expect_item(id).attrs.iter().all(|a| !a.check_name("must_root")) { - for ref field in def.fields.iter() { - lint_unrooted_ty(cx, &*field.node.ty, - "Type must be rooted, use #[must_root] on the struct definition to propagate"); - } - } - } - /// All enums containing #[must_root] types must be #[must_root] themselves - fn check_variant(&mut self, cx: &Context, var: &ast::Variant, _gen: &ast::Generics) { - let ref map = cx.tcx.map; - if map.expect_item(map.get_parent(var.node.id)).attrs.iter().all(|a| !a.check_name("must_root")) { - match var.node.kind { - ast::TupleVariantKind(ref vec) => { - for ty in vec.iter() { - lint_unrooted_ty(cx, &*ty.ty, - "Type must be rooted, use #[must_root] on the enum definition to propagate") - } - } - _ => () // Struct variants already caught by check_struct_def - } - } - } - /// Function arguments that are #[must_root] types are not allowed - fn check_fn(&mut self, cx: &Context, kind: visit::FnKind, decl: &ast::FnDecl, - block: &ast::Block, _span: codemap::Span, id: ast::NodeId) { - match kind { - visit::FkItemFn(i, _, _, _) | - visit::FkMethod(i, _, _) if i.as_str() == "new" || i.as_str() == "new_inherited" => { - return; - }, - visit::FkItemFn(_, _, style, _) => match style { - ast::UnsafeFn => return, - _ => () - }, - _ => () - } - - if unsafe_context(&cx.tcx.map, id) { - return; - } - - match block.rules { - ast::DefaultBlock => { - for arg in decl.inputs.iter() { - lint_unrooted_ty(cx, &*arg.ty, - "Type must be rooted") - } - } - _ => () // fn is `unsafe` - } - } - - // Partially copied from rustc::middle::lint::builtin - // Catches `let` statements and assignments which store a #[must_root] value - // Expressions which return out of blocks eventually end up in a `let` or assignment - // statement or a function return (which will be caught when it is used elsewhere) - fn check_stmt(&mut self, cx: &Context, s: &ast::Stmt) { - - match s.node { - ast::StmtDecl(_, id) | - ast::StmtExpr(_, id) | - ast::StmtSemi(_, id) if unsafe_context(&cx.tcx.map, id) => { - return - }, - _ => () - }; - - let expr = match s.node { - // Catch a `let` binding - ast::StmtDecl(ref decl, _) => match decl.node { - ast::DeclLocal(ref loc) => match loc.init { - Some(ref e) => &**e, - _ => return - }, - _ => return - }, - ast::StmtExpr(ref expr, _) => match expr.node { - // This catches deferred `let` statements - ast::ExprAssign(_, ref e) | - // Match statements allow you to bind onto the variable later in an arm - // We need not check arms individually since enum/struct fields are already - // linted in `check_struct_def` and `check_variant` - // (so there is no way of destructuring out a `#[must_root]` field) - ast::ExprMatch(ref e, _, _) | - // For loops allow you to bind a return value locally - ast::ExprForLoop(_, ref e, _, _) => &**e, - // XXXManishearth look into `if let` once it lands in our rustc - _ => return - }, - _ => return - }; - - let t = expr_ty(cx.tcx, &*expr); - match ty::get(t).sty { - ty::ty_struct(did, _) | - ty::ty_enum(did, _) => { - if ty::has_attr(cx.tcx, did, "must_root") { - cx.span_lint(UNROOTED_MUST_ROOT, expr.span, - format!("Expression of type {} must be rooted", t.repr(cx.tcx)).as_slice()); - } - } - _ => {} - } - } -} - -impl LintPass for PrivatizePass { - fn get_lints(&self) -> LintArray { - lint_array!(PRIVATIZE) - } - - fn check_struct_def(&mut self, cx: &Context, def: &ast::StructDef, _i: ast::Ident, _gen: &ast::Generics, id: ast::NodeId) { - if ty::has_attr(cx.tcx, ast_util::local_def(id), "privatize") { - for field in def.fields.iter() { - match field.node { - ast::StructField_ { kind: ast::NamedField(ident, visibility), .. } if visibility == Public => { - cx.span_lint(PRIVATIZE, field.span, - format!("Field {} is public where only private fields are allowed", ident.name).as_slice()); - } - _ => {} - } - } - } - } -} - -impl LintPass for InheritancePass { - fn get_lints(&self) -> LintArray { - lint_array!(INHERITANCE_INTEGRITY) - } - - fn check_struct_def(&mut self, cx: &Context, def: &ast::StructDef, _i: ast::Ident, _gen: &ast::Generics, id: ast::NodeId) { - // Lints are run post expansion, so it's fine to use - // #[_dom_struct_marker] here without also checking for #[dom_struct] - if ty::has_attr(cx.tcx, ast_util::local_def(id), "_dom_struct_marker") { - // Find the reflector, if any - let reflector_span = def.fields.iter().enumerate() - .find(|&(ctr, f)| { - if match_lang_ty(cx, &*f.node.ty, "reflector") { - if ctr > 0 { - cx.span_lint(INHERITANCE_INTEGRITY, f.span, - "The Reflector should be the first field of the DOM struct"); - } - return true; - } - false - }) - .map(|(_, f)| f.span); - // Find all #[dom_struct] fields - let dom_spans: Vec<_> = def.fields.iter().enumerate().filter_map(|(ctr, f)| { - if let ast::TyPath(_, _, ty_id) = f.node.ty.node { - if let Some(def::DefTy(def_id, _)) = cx.tcx.def_map.borrow().get(&ty_id).cloned() { - if ty::has_attr(cx.tcx, def_id, "_dom_struct_marker") { - // If the field is not the first, it's probably - // being misused (a) - if ctr > 0 { - cx.span_lint(INHERITANCE_INTEGRITY, f.span, - "Bare DOM structs should only be used as the first field of a \ - DOM struct. Consider using JS<T> instead."); - } - return Some(f.span) - } - } - } - None - }).collect(); - - // We should not have both a reflector and a dom struct field - if let Some(sp) = reflector_span { - if dom_spans.len() > 0 { - cx.span_lint(INHERITANCE_INTEGRITY, cx.tcx.map.expect_item(id).span, - "This DOM struct has both Reflector and bare DOM struct members"); - if cx.current_level(INHERITANCE_INTEGRITY) != Level::Allow { - let sess = cx.sess(); - sess.span_note(sp, "Reflector found here"); - for span in dom_spans.iter() { - sess.span_note(*span, "Bare DOM struct found here"); - } - } - } - // Nor should we have more than one dom struct field - } else if dom_spans.len() > 1 { - cx.span_lint(INHERITANCE_INTEGRITY, cx.tcx.map.expect_item(id).span, - "This DOM struct has multiple DOM struct members, only one is allowed"); - if cx.current_level(INHERITANCE_INTEGRITY) != Level::Allow { - for span in dom_spans.iter() { - cx.sess().span_note(*span, "Bare DOM struct found here"); - } - } - } else if dom_spans.len() == 0 { - cx.span_lint(INHERITANCE_INTEGRITY, cx.tcx.map.expect_item(id).span, - "This DOM struct has no reflector or parent DOM struct"); - } - } - } -} - -impl LintPass for StrToStringPass { - fn get_lints(&self) -> LintArray { - lint_array!(STR_TO_STRING) - } - - fn check_expr(&mut self, cx: &Context, expr: &ast::Expr) { - match expr.node { - ast::ExprMethodCall(ref method, _, ref args) - if method.node.as_str() == "to_string" - && is_str(cx, &*args[0]) => { - cx.span_lint(STR_TO_STRING, expr.span, - "str.into_string() is more efficient than str.to_string(), please use it instead"); - }, - _ => () - } - - fn is_str(cx: &Context, expr: &ast::Expr) -> bool { - fn walk_ty<'t>(ty: ty::t) -> ty::t { - match ty::get(ty).sty { - ty::ty_ptr(ref tm) | ty::ty_rptr(_, ref tm) => walk_ty(tm.ty), - _ => ty - } - } - match ty::get(walk_ty(expr_ty(cx.tcx, expr))).sty { - ty::ty_str => true, - _ => false - } - } - } -} diff --git a/components/plugins/lints/inheritance_integrity.rs b/components/plugins/lints/inheritance_integrity.rs new file mode 100644 index 00000000000..d3ea6ee280d --- /dev/null +++ b/components/plugins/lints/inheritance_integrity.rs @@ -0,0 +1,90 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +use syntax::{ast, ast_util}; +use rustc::lint::{Context, LintPass, LintArray, Level}; +use rustc::middle::{ty, def}; +use rustc::middle::typeck::astconv::AstConv; + +use utils::match_lang_ty; + +declare_lint!(INHERITANCE_INTEGRITY, Deny, + "Ensures that struct fields are properly laid out for inheritance to work") + +/// Lint for ensuring proper layout of DOM structs +/// +/// A DOM struct must have one Reflector field or one field +/// which itself is a DOM struct (in which case it must be the first field). +pub struct InheritancePass; + +impl LintPass for InheritancePass { + fn get_lints(&self) -> LintArray { + lint_array!(INHERITANCE_INTEGRITY) + } + + fn check_struct_def(&mut self, cx: &Context, def: &ast::StructDef, _i: ast::Ident, _gen: &ast::Generics, id: ast::NodeId) { + // Lints are run post expansion, so it's fine to use + // #[_dom_struct_marker] here without also checking for #[dom_struct] + if ty::has_attr(cx.tcx, ast_util::local_def(id), "_dom_struct_marker") { + // Find the reflector, if any + let reflector_span = def.fields.iter().enumerate() + .find(|&(ctr, f)| { + if match_lang_ty(cx, &*f.node.ty, "reflector") { + if ctr > 0 { + cx.span_lint(INHERITANCE_INTEGRITY, f.span, + "The Reflector should be the first field of the DOM struct"); + } + return true; + } + false + }) + .map(|(_, f)| f.span); + // Find all #[dom_struct] fields + let dom_spans: Vec<_> = def.fields.iter().enumerate().filter_map(|(ctr, f)| { + if let ast::TyPath(_, _, ty_id) = f.node.ty.node { + if let Some(def::DefTy(def_id, _)) = cx.tcx.def_map.borrow().get(&ty_id).cloned() { + if ty::has_attr(cx.tcx, def_id, "_dom_struct_marker") { + // If the field is not the first, it's probably + // being misused (a) + if ctr > 0 { + cx.span_lint(INHERITANCE_INTEGRITY, f.span, + "Bare DOM structs should only be used as the first field of a \ + DOM struct. Consider using JS<T> instead."); + } + return Some(f.span) + } + } + } + None + }).collect(); + + // We should not have both a reflector and a dom struct field + if let Some(sp) = reflector_span { + if dom_spans.len() > 0 { + cx.span_lint(INHERITANCE_INTEGRITY, cx.tcx.map.expect_item(id).span, + "This DOM struct has both Reflector and bare DOM struct members"); + if cx.current_level(INHERITANCE_INTEGRITY) != Level::Allow { + let sess = cx.sess(); + sess.span_note(sp, "Reflector found here"); + for span in dom_spans.iter() { + sess.span_note(*span, "Bare DOM struct found here"); + } + } + } + // Nor should we have more than one dom struct field + } else if dom_spans.len() > 1 { + cx.span_lint(INHERITANCE_INTEGRITY, cx.tcx.map.expect_item(id).span, + "This DOM struct has multiple DOM struct members, only one is allowed"); + if cx.current_level(INHERITANCE_INTEGRITY) != Level::Allow { + for span in dom_spans.iter() { + cx.sess().span_note(*span, "Bare DOM struct found here"); + } + } + } else if dom_spans.len() == 0 { + cx.span_lint(INHERITANCE_INTEGRITY, cx.tcx.map.expect_item(id).span, + "This DOM struct has no reflector or parent DOM struct"); + } + } + } +} diff --git a/components/plugins/lints/mod.rs b/components/plugins/lints/mod.rs new file mode 100644 index 00000000000..af7083e5b5f --- /dev/null +++ b/components/plugins/lints/mod.rs @@ -0,0 +1,9 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + + pub mod inheritance_integrity; + pub mod privatize; + pub mod str_to_string; + pub mod transmute_type; + pub mod unrooted_must_root; diff --git a/components/plugins/lints/privatize.rs b/components/plugins/lints/privatize.rs new file mode 100644 index 00000000000..07e7ca594da --- /dev/null +++ b/components/plugins/lints/privatize.rs @@ -0,0 +1,38 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +use syntax::{ast, ast_util}; +use syntax::ast::Public; +use syntax::attr::AttrMetaMethods; +use rustc::lint::{Context, LintPass, LintArray}; +use rustc::middle::ty; +use rustc::middle::typeck::astconv::AstConv; + +declare_lint!(PRIVATIZE, Deny, + "Allows to enforce private fields for struct definitions") + +/// Lint for keeping DOM fields private +/// +/// This lint (disable with `-A privatize`/`#[allow(privatize)]`) ensures all types marked with `#[privatize]` have no private fields +pub struct PrivatizePass; + +impl LintPass for PrivatizePass { + fn get_lints(&self) -> LintArray { + lint_array!(PRIVATIZE) + } + + fn check_struct_def(&mut self, cx: &Context, def: &ast::StructDef, _i: ast::Ident, _gen: &ast::Generics, id: ast::NodeId) { + if ty::has_attr(cx.tcx, ast_util::local_def(id), "privatize") { + for field in def.fields.iter() { + match field.node { + ast::StructField_ { kind: ast::NamedField(ident, visibility), .. } if visibility == Public => { + cx.span_lint(PRIVATIZE, field.span, + format!("Field {} is public where only private fields are allowed", ident.name).as_slice()); + } + _ => {} + } + } + } + } +} diff --git a/components/plugins/lints/str_to_string.rs b/components/plugins/lints/str_to_string.rs new file mode 100644 index 00000000000..79c2d917139 --- /dev/null +++ b/components/plugins/lints/str_to_string.rs @@ -0,0 +1,48 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +use syntax::ast; +use rustc::lint::{Context, LintPass, LintArray}; +use rustc::middle::ty::expr_ty; +use rustc::middle::ty; +use rustc::middle::typeck::astconv::AstConv; + +declare_lint!(STR_TO_STRING, Deny, + "Warn when a String could use into_string() instead of to_string()") + +/// Prefer str.into_string() over str.to_string() +/// +/// The latter creates a `Formatter` and is 5x slower than the former +pub struct StrToStringPass; + +impl LintPass for StrToStringPass { + fn get_lints(&self) -> LintArray { + lint_array!(STR_TO_STRING) + } + + fn check_expr(&mut self, cx: &Context, expr: &ast::Expr) { + match expr.node { + ast::ExprMethodCall(ref method, _, ref args) + if method.node.as_str() == "to_string" + && is_str(cx, &*args[0]) => { + cx.span_lint(STR_TO_STRING, expr.span, + "str.into_string() is more efficient than str.to_string(), please use it instead"); + }, + _ => () + } + + fn is_str(cx: &Context, expr: &ast::Expr) -> bool { + fn walk_ty<'t>(ty: ty::t) -> ty::t { + match ty::get(ty).sty { + ty::ty_ptr(ref tm) | ty::ty_rptr(_, ref tm) => walk_ty(tm.ty), + _ => ty + } + } + match ty::get(walk_ty(expr_ty(cx.tcx, expr))).sty { + ty::ty_str => true, + _ => false + } + } + } +} diff --git a/components/plugins/lints/transmute_type.rs b/components/plugins/lints/transmute_type.rs new file mode 100644 index 00000000000..a5d6ec55ba3 --- /dev/null +++ b/components/plugins/lints/transmute_type.rs @@ -0,0 +1,48 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +use syntax::ast; +use syntax::attr::AttrMetaMethods; +use rustc::lint::{Context, LintPass, LintArray}; +use rustc::middle::ty::expr_ty; +use rustc::middle::typeck::astconv::AstConv; +use rustc::util::ppaux::Repr; + +declare_lint!(TRANSMUTE_TYPE_LINT, Allow, + "Warn and report types being transmuted") + +/// Lint for auditing transmutes +/// +/// This lint (off by default, enable with `-W transmute-type-lint`) warns about all the transmutes +/// being used, along with the types they transmute to/from. +pub struct TransmutePass; + +impl LintPass for TransmutePass { + fn get_lints(&self) -> LintArray { + lint_array!(TRANSMUTE_TYPE_LINT) + } + + fn check_expr(&mut self, cx: &Context, ex: &ast::Expr) { + match ex.node { + ast::ExprCall(ref expr, ref args) => { + match expr.node { + ast::ExprPath(ref path) => { + if path.segments.last() + .map_or(false, |ref segment| segment.identifier.name.as_str() == "transmute") + && args.len() == 1 { + let tcx = cx.tcx(); + cx.span_lint(TRANSMUTE_TYPE_LINT, ex.span, + format!("Transmute to {} from {} detected", + expr_ty(tcx, ex).repr(tcx), + expr_ty(tcx, &**args.get(0).unwrap()).repr(tcx) + ).as_slice()); + } + } + _ => {} + } + } + _ => {} + } + } +} diff --git a/components/plugins/lints/unrooted_must_root.rs b/components/plugins/lints/unrooted_must_root.rs new file mode 100644 index 00000000000..582d1502fa3 --- /dev/null +++ b/components/plugins/lints/unrooted_must_root.rs @@ -0,0 +1,160 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +use syntax::{ast, codemap, visit}; +use syntax::attr::AttrMetaMethods; +use rustc::lint::{Context, LintPass, LintArray}; +use rustc::middle::ty::expr_ty; +use rustc::middle::{ty, def}; +use rustc::middle::typeck::astconv::AstConv; +use rustc::util::ppaux::Repr; +use utils::unsafe_context; + +declare_lint!(UNROOTED_MUST_ROOT, Deny, + "Warn and report usage of unrooted jsmanaged objects") + +/// Lint for ensuring safe usage of unrooted pointers +/// +/// This lint (disable with `-A unrooted-must-root`/`#[allow(unrooted_must_root)]`) ensures that `#[must_root]` values are used correctly. +/// "Incorrect" usage includes: +/// +/// - Not being used in a struct/enum field which is not `#[must_root]` itself +/// - Not being used as an argument to a function (Except onces named `new` and `new_inherited`) +/// - Not being bound locally in a `let` statement, assignment, `for` loop, or `match` statement. +/// +/// This helps catch most situations where pointers like `JS<T>` are used in a way that they can be invalidated by a GC pass. +pub struct UnrootedPass; + +// Checks if a type has the #[must_root] annotation. +// Unwraps pointers as well +// TODO (#3874, sort of): unwrap other types like Vec/Option/HashMap/etc +fn lint_unrooted_ty(cx: &Context, ty: &ast::Ty, warning: &str) { + match ty.node { + ast::TyVec(ref t) | ast::TyFixedLengthVec(ref t, _) | + ast::TyPtr(ast::MutTy { ty: ref t, ..}) | ast::TyRptr(_, ast::MutTy { ty: ref t, ..}) => lint_unrooted_ty(cx, &**t, warning), + ast::TyPath(_, _, id) => { + match cx.tcx.def_map.borrow()[id].clone() { + def::DefTy(def_id, _) => { + if ty::has_attr(cx.tcx, def_id, "must_root") { + cx.span_lint(UNROOTED_MUST_ROOT, ty.span, warning); + } + } + _ => (), + } + } + _ => (), + }; +} + +impl LintPass for UnrootedPass { + fn get_lints(&self) -> LintArray { + lint_array!(UNROOTED_MUST_ROOT) + } + /// All structs containing #[must_root] types must be #[must_root] themselves + fn check_struct_def(&mut self, cx: &Context, def: &ast::StructDef, _i: ast::Ident, _gen: &ast::Generics, id: ast::NodeId) { + if cx.tcx.map.expect_item(id).attrs.iter().all(|a| !a.check_name("must_root")) { + for ref field in def.fields.iter() { + lint_unrooted_ty(cx, &*field.node.ty, + "Type must be rooted, use #[must_root] on the struct definition to propagate"); + } + } + } + /// All enums containing #[must_root] types must be #[must_root] themselves + fn check_variant(&mut self, cx: &Context, var: &ast::Variant, _gen: &ast::Generics) { + let ref map = cx.tcx.map; + if map.expect_item(map.get_parent(var.node.id)).attrs.iter().all(|a| !a.check_name("must_root")) { + match var.node.kind { + ast::TupleVariantKind(ref vec) => { + for ty in vec.iter() { + lint_unrooted_ty(cx, &*ty.ty, + "Type must be rooted, use #[must_root] on the enum definition to propagate") + } + } + _ => () // Struct variants already caught by check_struct_def + } + } + } + /// Function arguments that are #[must_root] types are not allowed + fn check_fn(&mut self, cx: &Context, kind: visit::FnKind, decl: &ast::FnDecl, + block: &ast::Block, _span: codemap::Span, id: ast::NodeId) { + match kind { + visit::FkItemFn(i, _, _, _) | + visit::FkMethod(i, _, _) if i.as_str() == "new" || i.as_str() == "new_inherited" => { + return; + }, + visit::FkItemFn(_, _, style, _) => match style { + ast::UnsafeFn => return, + _ => () + }, + _ => () + } + + if unsafe_context(&cx.tcx.map, id) { + return; + } + + match block.rules { + ast::DefaultBlock => { + for arg in decl.inputs.iter() { + lint_unrooted_ty(cx, &*arg.ty, + "Type must be rooted") + } + } + _ => () // fn is `unsafe` + } + } + + // Partially copied from rustc::middle::lint::builtin + // Catches `let` statements and assignments which store a #[must_root] value + // Expressions which return out of blocks eventually end up in a `let` or assignment + // statement or a function return (which will be caught when it is used elsewhere) + fn check_stmt(&mut self, cx: &Context, s: &ast::Stmt) { + + match s.node { + ast::StmtDecl(_, id) | + ast::StmtExpr(_, id) | + ast::StmtSemi(_, id) if unsafe_context(&cx.tcx.map, id) => { + return + }, + _ => () + }; + + let expr = match s.node { + // Catch a `let` binding + ast::StmtDecl(ref decl, _) => match decl.node { + ast::DeclLocal(ref loc) => match loc.init { + Some(ref e) => &**e, + _ => return + }, + _ => return + }, + ast::StmtExpr(ref expr, _) => match expr.node { + // This catches deferred `let` statements + ast::ExprAssign(_, ref e) | + // Match statements allow you to bind onto the variable later in an arm + // We need not check arms individually since enum/struct fields are already + // linted in `check_struct_def` and `check_variant` + // (so there is no way of destructuring out a `#[must_root]` field) + ast::ExprMatch(ref e, _, _) | + // For loops allow you to bind a return value locally + ast::ExprForLoop(_, ref e, _, _) => &**e, + // XXXManishearth look into `if let` once it lands in our rustc + _ => return + }, + _ => return + }; + + let t = expr_ty(cx.tcx, &*expr); + match ty::get(t).sty { + ty::ty_struct(did, _) | + ty::ty_enum(did, _) => { + if ty::has_attr(cx.tcx, did, "must_root") { + cx.span_lint(UNROOTED_MUST_ROOT, expr.span, + format!("Expression of type {} must be rooted", t.repr(cx.tcx)).as_slice()); + } + } + _ => {} + } + } +} diff --git a/components/plugins/utils.rs b/components/plugins/utils.rs index 34d74a4001f..132d7afaaa8 100644 --- a/components/plugins/utils.rs +++ b/components/plugins/utils.rs @@ -4,12 +4,14 @@ use rustc::lint::Context; use rustc::middle::{ty, def}; +use rustc::middle::typeck::astconv::AstConv; use syntax::ptr::P; -use syntax::ast; +use syntax::{ast, ast_map}; use syntax::ast::{TyPath, Path, AngleBracketedParameters, PathSegment, Ty}; use syntax::attr::mark_used; + /// Matches a type with a provided string, and returns its type parameters if successful /// /// Try not to use this for types defined in crates you own, use match_lang_ty instead (for lint passes) @@ -60,3 +62,32 @@ pub fn match_lang_ty(cx: &Context, ty: &Ty, value: &str) -> bool { } found } + +// Determines if a block is in an unsafe context so that an unhelpful +// lint can be aborted. +pub fn unsafe_context(map: &ast_map::Map, id: ast::NodeId) -> bool { + match map.find(map.get_parent(id)) { + Some(ast_map::NodeImplItem(itm)) => { + match *itm { + ast::MethodImplItem(ref meth) => match meth.node { + ast::MethDecl(_, _, _, _, style, _, _, _) => match style { + ast::UnsafeFn => true, + _ => false, + }, + _ => false, + }, + _ => false, + } + }, + Some(ast_map::NodeItem(itm)) => { + match itm.node { + ast::ItemFn(_, style, _, _, _) => match style { + ast::UnsafeFn => true, + _ => false, + }, + _ => false, + } + } + _ => false // There are probably a couple of other unsafe cases we don't care to lint, those will need to be added. + } +} |