rustc_parse/
validate_attr.rs

1//! Meta-syntax validation logic of attributes for post-expansion.
2
3use rustc_ast::token::Delimiter;
4use rustc_ast::tokenstream::DelimSpan;
5use rustc_ast::{
6    self as ast, AttrArgs, Attribute, DelimArgs, MetaItem, MetaItemInner, MetaItemKind, NodeId,
7    Safety,
8};
9use rustc_errors::{Applicability, FatalError, PResult};
10use rustc_feature::{AttributeSafety, AttributeTemplate, BUILTIN_ATTRIBUTE_MAP, BuiltinAttribute};
11use rustc_session::errors::report_lit_error;
12use rustc_session::lint::BuiltinLintDiag;
13use rustc_session::lint::builtin::{ILL_FORMED_ATTRIBUTE_INPUT, UNSAFE_ATTR_OUTSIDE_UNSAFE};
14use rustc_session::parse::ParseSess;
15use rustc_span::{Span, Symbol, sym};
16
17use crate::{errors, parse_in};
18
19pub fn check_attr(psess: &ParseSess, attr: &Attribute, id: NodeId) {
20    if attr.is_doc_comment() || attr.has_name(sym::cfg_trace) || attr.has_name(sym::cfg_attr_trace)
21    {
22        return;
23    }
24
25    let builtin_attr_info = attr.ident().and_then(|ident| BUILTIN_ATTRIBUTE_MAP.get(&ident.name));
26
27    let builtin_attr_safety = builtin_attr_info.map(|x| x.safety);
28    check_attribute_safety(psess, builtin_attr_safety, attr, id);
29
30    // Check input tokens for built-in and key-value attributes.
31    match builtin_attr_info {
32        // `rustc_dummy` doesn't have any restrictions specific to built-in attributes.
33        Some(BuiltinAttribute { name, template, .. }) if *name != sym::rustc_dummy => {
34            match parse_meta(psess, attr) {
35                // Don't check safety again, we just did that
36                Ok(meta) => {
37                    check_builtin_meta_item(psess, &meta, attr.style, *name, *template, false)
38                }
39                Err(err) => {
40                    err.emit();
41                }
42            }
43        }
44        _ => {
45            let attr_item = attr.get_normal_item();
46            if let AttrArgs::Eq { .. } = attr_item.args {
47                // All key-value attributes are restricted to meta-item syntax.
48                match parse_meta(psess, attr) {
49                    Ok(_) => {}
50                    Err(err) => {
51                        err.emit();
52                    }
53                }
54            }
55        }
56    }
57}
58
59pub fn parse_meta<'a>(psess: &'a ParseSess, attr: &Attribute) -> PResult<'a, MetaItem> {
60    let item = attr.get_normal_item();
61    Ok(MetaItem {
62        unsafety: item.unsafety,
63        span: attr.span,
64        path: item.path.clone(),
65        kind: match &item.args {
66            AttrArgs::Empty => MetaItemKind::Word,
67            AttrArgs::Delimited(DelimArgs { dspan, delim, tokens }) => {
68                check_meta_bad_delim(psess, *dspan, *delim);
69                let nmis =
70                    parse_in(psess, tokens.clone(), "meta list", |p| p.parse_meta_seq_top())?;
71                MetaItemKind::List(nmis)
72            }
73            AttrArgs::Eq { expr, .. } => {
74                if let ast::ExprKind::Lit(token_lit) = expr.kind {
75                    let res = ast::MetaItemLit::from_token_lit(token_lit, expr.span);
76                    let res = match res {
77                        Ok(lit) => {
78                            if token_lit.suffix.is_some() {
79                                let mut err = psess.dcx().struct_span_err(
80                                    expr.span,
81                                    "suffixed literals are not allowed in attributes",
82                                );
83                                err.help(
84                                    "instead of using a suffixed literal (`1u8`, `1.0f32`, etc.), \
85                                    use an unsuffixed version (`1`, `1.0`, etc.)",
86                                );
87                                return Err(err);
88                            } else {
89                                MetaItemKind::NameValue(lit)
90                            }
91                        }
92                        Err(err) => {
93                            let guar = report_lit_error(psess, err, token_lit, expr.span);
94                            let lit = ast::MetaItemLit {
95                                symbol: token_lit.symbol,
96                                suffix: token_lit.suffix,
97                                kind: ast::LitKind::Err(guar),
98                                span: expr.span,
99                            };
100                            MetaItemKind::NameValue(lit)
101                        }
102                    };
103                    res
104                } else {
105                    // Example cases:
106                    // - `#[foo = 1+1]`: results in `ast::ExprKind::BinOp`.
107                    // - `#[foo = include_str!("nonexistent-file.rs")]`:
108                    //   results in `ast::ExprKind::Err`. In that case we delay
109                    //   the error because an earlier error will have already
110                    //   been reported.
111                    let msg = "attribute value must be a literal";
112                    let mut err = psess.dcx().struct_span_err(expr.span, msg);
113                    if let ast::ExprKind::Err(_) = expr.kind {
114                        err.downgrade_to_delayed_bug();
115                    }
116                    return Err(err);
117                }
118            }
119        },
120    })
121}
122
123fn check_meta_bad_delim(psess: &ParseSess, span: DelimSpan, delim: Delimiter) {
124    if let Delimiter::Parenthesis = delim {
125        return;
126    }
127    psess.dcx().emit_err(errors::MetaBadDelim {
128        span: span.entire(),
129        sugg: errors::MetaBadDelimSugg { open: span.open, close: span.close },
130    });
131}
132
133pub(super) fn check_cfg_attr_bad_delim(psess: &ParseSess, span: DelimSpan, delim: Delimiter) {
134    if let Delimiter::Parenthesis = delim {
135        return;
136    }
137    psess.dcx().emit_err(errors::CfgAttrBadDelim {
138        span: span.entire(),
139        sugg: errors::MetaBadDelimSugg { open: span.open, close: span.close },
140    });
141}
142
143/// Checks that the given meta-item is compatible with this `AttributeTemplate`.
144fn is_attr_template_compatible(template: &AttributeTemplate, meta: &ast::MetaItemKind) -> bool {
145    let is_one_allowed_subword = |items: &[MetaItemInner]| match items {
146        [item] => item.is_word() && template.one_of.iter().any(|&word| item.has_name(word)),
147        _ => false,
148    };
149    match meta {
150        MetaItemKind::Word => template.word,
151        MetaItemKind::List(items) => template.list.is_some() || is_one_allowed_subword(items),
152        MetaItemKind::NameValue(lit) if lit.kind.is_str() => template.name_value_str.is_some(),
153        MetaItemKind::NameValue(..) => false,
154    }
155}
156
157pub fn check_attribute_safety(
158    psess: &ParseSess,
159    builtin_attr_safety: Option<AttributeSafety>,
160    attr: &Attribute,
161    id: NodeId,
162) {
163    let attr_item = attr.get_normal_item();
164    match (builtin_attr_safety, attr_item.unsafety) {
165        // - Unsafe builtin attribute
166        // - User wrote `#[unsafe(..)]`, which is permitted on any edition
167        (Some(AttributeSafety::Unsafe { .. }), Safety::Unsafe(..)) => {
168            // OK
169        }
170
171        // - Unsafe builtin attribute
172        // - User did not write `#[unsafe(..)]`
173        (Some(AttributeSafety::Unsafe { unsafe_since }), Safety::Default) => {
174            let path_span = attr_item.path.span;
175
176            // If the `attr_item`'s span is not from a macro, then just suggest
177            // wrapping it in `unsafe(...)`. Otherwise, we suggest putting the
178            // `unsafe(`, `)` right after and right before the opening and closing
179            // square bracket respectively.
180            let diag_span = attr_item.span();
181
182            // Attributes can be safe in earlier editions, and become unsafe in later ones.
183            let emit_error = match unsafe_since {
184                None => true,
185                Some(unsafe_since) => attr.span.edition() >= unsafe_since,
186            };
187
188            if emit_error {
189                psess.dcx().emit_err(errors::UnsafeAttrOutsideUnsafe {
190                    span: path_span,
191                    suggestion: errors::UnsafeAttrOutsideUnsafeSuggestion {
192                        left: diag_span.shrink_to_lo(),
193                        right: diag_span.shrink_to_hi(),
194                    },
195                });
196            } else {
197                psess.buffer_lint(
198                    UNSAFE_ATTR_OUTSIDE_UNSAFE,
199                    path_span,
200                    id,
201                    BuiltinLintDiag::UnsafeAttrOutsideUnsafe {
202                        attribute_name_span: path_span,
203                        sugg_spans: (diag_span.shrink_to_lo(), diag_span.shrink_to_hi()),
204                    },
205                );
206            }
207        }
208
209        // - Normal builtin attribute, or any non-builtin attribute
210        // - All non-builtin attributes are currently considered safe; writing `#[unsafe(..)]` is
211        //   not permitted on non-builtin attributes or normal builtin attributes
212        (Some(AttributeSafety::Normal) | None, Safety::Unsafe(unsafe_span)) => {
213            psess.dcx().emit_err(errors::InvalidAttrUnsafe {
214                span: unsafe_span,
215                name: attr_item.path.clone(),
216            });
217        }
218
219        // - Normal builtin attribute
220        // - No explicit `#[unsafe(..)]` written.
221        (Some(AttributeSafety::Normal), Safety::Default) => {
222            // OK
223        }
224
225        // - Non-builtin attribute
226        // - No explicit `#[unsafe(..)]` written.
227        (None, Safety::Default) => {
228            // OK
229        }
230
231        (
232            Some(AttributeSafety::Unsafe { .. } | AttributeSafety::Normal) | None,
233            Safety::Safe(..),
234        ) => {
235            psess.dcx().span_delayed_bug(
236                attr_item.span(),
237                "`check_attribute_safety` does not expect `Safety::Safe` on attributes",
238            );
239        }
240    }
241}
242
243// Called by `check_builtin_meta_item` and code that manually denies
244// `unsafe(...)` in `cfg`
245pub fn deny_builtin_meta_unsafety(psess: &ParseSess, meta: &MetaItem) {
246    // This only supports denying unsafety right now - making builtin attributes
247    // support unsafety will requite us to thread the actual `Attribute` through
248    // for the nice diagnostics.
249    if let Safety::Unsafe(unsafe_span) = meta.unsafety {
250        psess
251            .dcx()
252            .emit_err(errors::InvalidAttrUnsafe { span: unsafe_span, name: meta.path.clone() });
253    }
254}
255
256pub fn check_builtin_meta_item(
257    psess: &ParseSess,
258    meta: &MetaItem,
259    style: ast::AttrStyle,
260    name: Symbol,
261    template: AttributeTemplate,
262    deny_unsafety: bool,
263) {
264    if !is_attr_template_compatible(&template, &meta.kind) {
265        emit_malformed_attribute(psess, style, meta.span, name, template);
266    }
267
268    if deny_unsafety {
269        deny_builtin_meta_unsafety(psess, meta);
270    }
271}
272
273fn emit_malformed_attribute(
274    psess: &ParseSess,
275    style: ast::AttrStyle,
276    span: Span,
277    name: Symbol,
278    template: AttributeTemplate,
279) {
280    // Some of previously accepted forms were used in practice,
281    // report them as warnings for now.
282    let should_warn = |name| {
283        matches!(name, sym::doc | sym::ignore | sym::inline | sym::link | sym::test | sym::bench)
284    };
285
286    let error_msg = format!("malformed `{name}` attribute input");
287    let mut suggestions = vec![];
288    let inner = if style == ast::AttrStyle::Inner { "!" } else { "" };
289    if template.word {
290        suggestions.push(format!("#{inner}[{name}]"));
291    }
292    if let Some(descr) = template.list {
293        suggestions.push(format!("#{inner}[{name}({descr})]"));
294    }
295    suggestions.extend(template.one_of.iter().map(|&word| format!("#{inner}[{name}({word})]")));
296    if let Some(descr) = template.name_value_str {
297        suggestions.push(format!("#{inner}[{name} = \"{descr}\"]"));
298    }
299    if should_warn(name) {
300        psess.buffer_lint(
301            ILL_FORMED_ATTRIBUTE_INPUT,
302            span,
303            ast::CRATE_NODE_ID,
304            BuiltinLintDiag::IllFormedAttributeInput { suggestions: suggestions.clone() },
305        );
306    } else {
307        suggestions.sort();
308        psess
309            .dcx()
310            .struct_span_err(span, error_msg)
311            .with_span_suggestions(
312                span,
313                if suggestions.len() == 1 {
314                    "must be of the form"
315                } else {
316                    "the following are the possible correct uses"
317                },
318                suggestions,
319                Applicability::HasPlaceholders,
320            )
321            .emit();
322    }
323}
324
325pub fn emit_fatal_malformed_builtin_attribute(
326    psess: &ParseSess,
327    attr: &Attribute,
328    name: Symbol,
329) -> ! {
330    let template = BUILTIN_ATTRIBUTE_MAP.get(&name).expect("builtin attr defined").template;
331    emit_malformed_attribute(psess, attr.style, attr.span, name, template);
332    // This is fatal, otherwise it will likely cause a cascade of other errors
333    // (and an error here is expected to be very rare).
334    FatalError.raise()
335}