rustc_attr_parsing/
safety.rs

1use rustc_ast::Safety;
2use rustc_errors::{Diagnostic, MultiSpan};
3use rustc_hir::AttrPath;
4use rustc_session::lint::LintId;
5use rustc_session::lint::builtin::UNSAFE_ATTR_OUTSIDE_UNSAFE;
6use rustc_span::Span;
7
8use crate::attributes::AttributeSafety;
9use crate::{AttributeParser, EmitAttribute, ShouldEmit, errors};
10
11impl<'sess> AttributeParser<'sess> {
12    pub fn check_attribute_safety(
13        &mut self,
14        attr_path: &AttrPath,
15        attr_span: Span,
16        attr_safety: Safety,
17        expected_safety: AttributeSafety,
18        emit_lint: &mut impl FnMut(LintId, MultiSpan, EmitAttribute),
19    ) {
20        if #[allow(non_exhaustive_omitted_patterns)] match self.should_emit {
    ShouldEmit::Nothing => true,
    _ => false,
}matches!(self.should_emit, ShouldEmit::Nothing) {
21            return;
22        }
23
24        match (expected_safety, attr_safety) {
25            // - Unsafe builtin attribute
26            // - User wrote `#[unsafe(..)]`, which is permitted on any edition
27            (AttributeSafety::Unsafe { .. }, Safety::Unsafe(..)) => {
28                // OK
29            }
30
31            // - Unsafe builtin attribute
32            // - User did not write `#[unsafe(..)]`
33            (AttributeSafety::Unsafe { unsafe_since }, Safety::Default) => {
34                let path_span = attr_path.span;
35
36                // If the `attr_item`'s span is not from a macro, then just suggest
37                // wrapping it in `unsafe(...)`. Otherwise, we suggest putting the
38                // `unsafe(`, `)` right after and right before the opening and closing
39                // square bracket respectively.
40                let diag_span = attr_span;
41
42                // Attributes can be safe in earlier editions, and become unsafe in later ones.
43                //
44                // Use the span of the attribute's name to determine the edition: the span of the
45                // attribute as a whole may be inaccurate if it was emitted by a macro.
46                //
47                // See https://github.com/rust-lang/rust/issues/142182.
48                let emit_error = match unsafe_since {
49                    None => true,
50                    Some(unsafe_since) => path_span.edition() >= unsafe_since,
51                };
52
53                let mut not_from_proc_macro = true;
54                if diag_span.from_expansion()
55                    && let Ok(mut snippet) = self.sess.source_map().span_to_snippet(diag_span)
56                {
57                    snippet.retain(|c| !c.is_whitespace());
58                    if snippet.contains("!(") || snippet.starts_with("#[") && snippet.ends_with("]")
59                    {
60                        not_from_proc_macro = false;
61                    }
62                }
63
64                if emit_error {
65                    self.emit_err(crate::session_diagnostics::UnsafeAttrOutsideUnsafe {
66                        span: path_span,
67                        suggestion: not_from_proc_macro.then(|| {
68                            crate::session_diagnostics::UnsafeAttrOutsideUnsafeSuggestion {
69                                left: diag_span.shrink_to_lo(),
70                                right: diag_span.shrink_to_hi(),
71                            }
72                        }),
73                    });
74                } else {
75                    emit_lint(
76                        LintId::of(UNSAFE_ATTR_OUTSIDE_UNSAFE),
77                        path_span.into(),
78                        EmitAttribute(Box::new(move |dcx, level, _| {
79                            errors::UnsafeAttrOutsideUnsafeLint {
80                                span: path_span,
81                                suggestion: not_from_proc_macro
82                                    .then(|| (diag_span.shrink_to_lo(), diag_span.shrink_to_hi()))
83                                    .map(|(left, right)| {
84                                        crate::session_diagnostics::UnsafeAttrOutsideUnsafeSuggestion { left, right }
85                                    }),
86                            }
87                            .into_diag(dcx, level)
88                        })),
89                    )
90                }
91            }
92
93            // - Normal builtin attribute
94            // - Writing `#[unsafe(..)]` is not permitted on normal builtin attributes
95            (AttributeSafety::Normal, Safety::Unsafe(unsafe_span)) => {
96                self.emit_err(crate::session_diagnostics::InvalidAttrUnsafe {
97                    span: unsafe_span,
98                    name: attr_path.clone(),
99                });
100            }
101
102            // - Normal builtin attribute
103            // - No explicit `#[unsafe(..)]` written.
104            (AttributeSafety::Normal, Safety::Default) => {
105                // OK
106            }
107
108            (_, Safety::Safe(..)) => {
109                self.sess.dcx().span_delayed_bug(
110                    attr_span,
111                    "`check_attribute_safety` does not expect `Safety::Safe` on attributes",
112                );
113            }
114        }
115    }
116}
rustc_attr_parsing/safety.rs

rustc_attr_parsing/
safety.rs
