Lint against invalid POSIX function definitions

Author: Urgau

compiler/rustc_hir/src/lang_items.rs

@@ -455,6 +455,14 @@ language_item_table! {
     MemCmp,                  sym::memcmp_fn,           memcmp_fn,                  Target::Fn,             GenericRequirement::None;
     Bcmp,                    sym::bcmp_fn,             bcmp_fn,                    Target::Fn,             GenericRequirement::None;
     StrLen,                  sym::strlen_fn,           strlen_fn,                  Target::Fn,             GenericRequirement::None;
+    Open,                    sym::open_fn,             open_fn,                    Target::Fn,             GenericRequirement::None;
+    Read,                    sym::read_fn,             read_fn,                    Target::Fn,             GenericRequirement::None;
+    Write,                   sym::write_fn,            write_fn,                   Target::Fn,             GenericRequirement::None;
+    Close,                   sym::close_fn,            close_fn,                   Target::Fn,             GenericRequirement::None;
+    Malloc,                  sym::malloc_fn,           malloc_fn,                  Target::Fn,             GenericRequirement::None;
+    Realloc,                 sym::realloc_fn,          realloc_fn,                 Target::Fn,             GenericRequirement::None;
+    Free,                    sym::free_fn,             free_fn,                    Target::Fn,             GenericRequirement::None;
+    Exit,                    sym::exit_fn,             exit_fn,                    Target::Fn,             GenericRequirement::None;
 }
 
 /// The requirement imposed on the generics of a lang item

compiler/rustc_hir/src/weak_lang_items.rs

@@ -47,4 +47,12 @@ weak_only_lang_items! {
     MemCmp,
     Bcmp,
     StrLen,
+    Open,
+    Read,
+    Write,
+    Close,
+    Malloc,
+    Realloc,
+    Free,
+    Exit,
 }

compiler/rustc_lint/src/runtime_symbols.rs

@@ -11,7 +11,7 @@ use crate::{LateContext, LateLintPass, LintContext};
 
 declare_lint! {
     /// The `invalid_runtime_symbol_definitions` lint checks the signature of items whose
-    /// symbol name is a runtime symbol expected by `core` differs significantly from the
+    /// symbol name is a runtime symbol expected by `core` or `std` differs significantly from the
     /// expected signature (like mismatch ABI, mismatch C variadics, mismatch argument count,
     /// missing return type, ...).
     ///
@@ -32,7 +32,8 @@ declare_lint! {
     /// standard-library facility or undefined behavior may occur.
     ///
     /// The symbols currently checked are `memcpy`, `memmove`, `memset`, `memcmp`,
-    /// `bcmp` and `strlen`.
+    /// `bcmp`, `strlen`, as well as the following POSIX symbols: `open`, `read`, `write`
+    /// `close`, `malloc`, `realloc`, `free` and `exit`.
     ///
     /// [^1]: https://doc.rust-lang.org/core/index.html#how-to-use-the-core-library
     pub INVALID_RUNTIME_SYMBOL_DEFINITIONS,
@@ -42,7 +43,7 @@ declare_lint! {
 
 declare_lint! {
     /// The `suspicious_runtime_symbol_definitions` lint checks the signature of items whose
-    /// symbol name is a runtime symbol expected by `core`.
+    /// symbol name is a runtime symbol expected by `core` or `std`.
     ///
     /// ### Example
     ///
@@ -62,7 +63,8 @@ declare_lint! {
     /// standard-library facility or undefined behavior may occur.
     ///
     /// The symbols currently checked are `memcpy`, `memmove`, `memset`, `memcmp`,
-    /// `bcmp` and `strlen`.
+    /// `bcmp`, `strlen`, as well as the following POSIX symbols: `open`, `read`, `write`
+    /// `close`, `malloc`, `realloc`, `free` and `exit`.
     ///
     /// [^1]: https://doc.rust-lang.org/core/index.html#how-to-use-the-core-library
     pub SUSPICIOUS_RUNTIME_SYMBOL_DEFINITIONS,
@@ -73,12 +75,22 @@ declare_lint! {
 declare_lint_pass!(RuntimeSymbols => [INVALID_RUNTIME_SYMBOL_DEFINITIONS, SUSPICIOUS_RUNTIME_SYMBOL_DEFINITIONS]);
 
 static EXPECTED_SYMBOLS: &[ExpectedSymbol] = &[
+    // `core` symbols
     ExpectedSymbol { symbol: "memcpy", lang: LanguageItems::memcpy_fn },
     ExpectedSymbol { symbol: "memmove", lang: LanguageItems::memmove_fn },
     ExpectedSymbol { symbol: "memset", lang: LanguageItems::memset_fn },
     ExpectedSymbol { symbol: "memcmp", lang: LanguageItems::memcmp_fn },
     ExpectedSymbol { symbol: "bcmp", lang: LanguageItems::bcmp_fn },
     ExpectedSymbol { symbol: "strlen", lang: LanguageItems::strlen_fn },
+    // POSIX symbols
+    ExpectedSymbol { symbol: "open", lang: LanguageItems::open_fn },
+    ExpectedSymbol { symbol: "read", lang: LanguageItems::read_fn },
+    ExpectedSymbol { symbol: "write", lang: LanguageItems::write_fn },
+    ExpectedSymbol { symbol: "close", lang: LanguageItems::close_fn },
+    ExpectedSymbol { symbol: "malloc", lang: LanguageItems::malloc_fn },
+    ExpectedSymbol { symbol: "realloc", lang: LanguageItems::realloc_fn },
+    ExpectedSymbol { symbol: "free", lang: LanguageItems::free_fn },
+    ExpectedSymbol { symbol: "exit", lang: LanguageItems::exit_fn },
 ];
 
 #[derive(Copy, Clone, Debug)]

compiler/rustc_span/src/symbol.rs

@@ -615,6 +615,7 @@ symbols! {
         clone_closures,
         clone_fn,
         clone_from,
+        close_fn,
         closure,
         closure_lifetime_binder,
         closure_to_fn_coercion,
@@ -898,6 +899,7 @@ symbols! {
         exhaustive_integer_patterns,
         exhaustive_patterns,
         existential_type,
+        exit_fn,
         exp2f16,
         exp2f32,
         exp2f64,
@@ -1009,6 +1011,7 @@ symbols! {
         format_unsafe_arg,
         fp,
         framework,
+        free_fn,
         freeze,
         freeze_impls,
         freg,
@@ -1248,6 +1251,7 @@ symbols! {
         macro_vis_matcher,
         macros_in_extern,
         main,
+        malloc_fn,
         managed_boxes,
         manually_drop,
         map,
@@ -1473,6 +1477,7 @@ symbols! {
         on_unmatched_args,
         opaque,
         opaque_module_name_placeholder: "<opaque>",
+        open_fn,
         ops,
         opt_out_copy,
         optimize,
@@ -1656,9 +1661,11 @@ symbols! {
         raw_identifiers,
         raw_ref_op,
         re_rebalance_coherence,
+        read_fn,
         read_via_copy,
         readonly,
         realloc,
+        realloc_fn,
         realtime,
         reason,
         reborrow,
@@ -2359,6 +2366,7 @@ symbols! {
         write_box_via_move,
         write_bytes,
         write_fmt,
+        write_fn,
         write_macro,
         write_str,
         write_via_move,

library/std/src/lib.rs

@@ -321,6 +321,7 @@
 #![feature(borrowed_buf_init)]
 #![feature(bstr)]
 #![feature(bstr_internals)]
+#![feature(c_size_t)]
 #![feature(cast_maybe_uninit)]
 #![feature(char_internals)]
 #![feature(clone_to_uninit)]

library/std/src/sys/alloc/unix.rs

@@ -2,6 +2,25 @@ use super::{MIN_ALIGN, realloc_fallback};
 use crate::alloc::{GlobalAlloc, Layout, System};
 use crate::ptr;
 
+// Used by rustc for checking the definitions of other function with the same symbol names
+//
+// See the `invalid_runtime_symbols_definitions` lint.
+#[cfg(not(test))]
+mod runtime_symbols {
+    use core::ffi::{c_size_t, c_void};
+
+    unsafe extern "C" {
+        #[lang = "malloc_fn"]
+        fn malloc(size: c_size_t) -> *mut c_void;
+
+        #[lang = "realloc_fn"]
+        fn realloc(ptr: *mut c_void, size: c_size_t) -> *mut c_void;
+
+        #[lang = "free_fn"]
+        fn free(ptr: *mut c_void);
+    }
+}
+
 #[stable(feature = "alloc_system_type", since = "1.28.0")]
 unsafe impl GlobalAlloc for System {
     #[inline]

library/std/src/sys/exit.rs

@@ -68,6 +68,25 @@ cfg_select! {
     }
 }
 
+#[cfg(not(test))]
+cfg_select! {
+    any(
+        target_family = "unix",
+        target_os = "wasi",
+    ) => {
+        // Used by rustc for checking the definitions of other function with the same symbol names
+        //
+        // See the `invalid_runtime_symbols_definitions` lint.
+        mod runtime_symbols {
+            unsafe extern "C" {
+                #[lang = "exit_fn"]
+                fn exit(status: core::ffi::c_int) -> !;
+            }
+        }
+    }
+    _ => {}
+}
+
 pub fn exit(code: i32) -> ! {
     cfg_select! {
         target_os = "hermit" => {

library/std/src/sys/fs/unix.rs

@@ -100,6 +100,28 @@ use crate::sys::weak::weak;
 use crate::sys::{AsInner, AsInnerMut, FromInner, IntoInner, cvt, cvt_r};
 use crate::{mem, ptr};
 
+// Used by rustc for checking the definitions of other function with the same symbol names
+//
+// See the `invalid_runtime_symbols_definitions` lint.
+#[cfg(not(test))]
+mod runtime_symbols {
+    use core::ffi::{c_char, c_int, c_size_t, c_ssize_t, c_void};
+
+    unsafe extern "C" {
+        #[lang = "open_fn"]
+        fn open(pathname: *const c_char, flags: c_int, ...) -> c_int;
+
+        #[lang = "read_fn"]
+        fn read(fd: c_int, buf: *mut c_void, count: c_size_t) -> c_ssize_t;
+
+        #[lang = "write_fn"]
+        fn write(fd: c_int, buf: *const c_void, count: c_size_t) -> c_ssize_t;
+
+        #[lang = "close_fn"]
+        fn close(fd: c_int) -> c_int;
+    }
+}
+
 pub struct File(FileDesc);
 
 // FIXME: This should be available on Linux with all `target_env`.

tests/ui/lint/runtime-symbols-no-std.rs

@@ -0,0 +1,27 @@
+// This test makes sure that the following symbols are not linked against
+// in a #[no_std] context.
+
+//@ check-pass
+
+#![no_std]
+#![crate_type = "lib"]
+
+use core::ffi::{c_char, c_int, c_void};
+
+#[no_mangle]
+pub fn open() {}
+
+extern "C" {
+    pub fn read();
+    pub fn write();
+}
+
+#[no_mangle]
+pub static close: () = ();
+
+extern "C" {
+    pub fn malloc();
+    pub fn realloc();
+    pub fn free();
+    pub fn exit();
+}

tests/ui/lint/runtime-symbols-unix.rs

@@ -0,0 +1,57 @@
+// This test checks the runtime symbols lint with the Unix symbols.
+
+//@ only-unix
+//@ edition: 2021
+//@ normalize-stderr: "\*const [iu]8" -> "*const U8"
+
+#![feature(c_variadic)]
+#![allow(clashing_extern_declarations)] // we are voluntarily testing different definitions
+
+use core::ffi::{c_char, c_int, c_void};
+
+fn invalid() {
+    #[no_mangle]
+    pub fn open() {}
+    //~^ ERROR invalid definition of the runtime `open` symbol
+
+    extern "C" {
+        pub fn read();
+        //~^ ERROR invalid definition of the runtime `read` symbol
+
+        pub fn write();
+        //~^ ERROR invalid definition of the runtime `write` symbol
+    }
+
+    #[no_mangle]
+    pub static close: () = ();
+    //~^ ERROR invalid definition of the runtime `close` symbol
+
+    extern "C" {
+        pub fn malloc();
+        //~^ ERROR invalid definition of the runtime `malloc` symbol
+
+        pub fn realloc();
+        //~^ ERROR invalid definition of the runtime `realloc` symbol
+
+        pub fn free();
+        //~^ ERROR invalid definition of the runtime `free` symbol
+
+        pub fn exit();
+        //~^ ERROR invalid definition of the runtime `exit` symbol
+    }
+}
+
+fn suspicious() {
+    extern "C" {
+        pub fn open(path: *const u8, oflag: usize, ...) -> c_int;
+        //~^ WARN suspicious definition of the runtime `open` symbol
+
+        pub fn free(ptr: *const u8);
+        //~^ WARN suspicious definition of the runtime `free` symbol
+
+        pub fn exit(code: f32) -> !;
+        //~^ WARN suspicious definition of the runtime `exit` symbol
+    }
+}
+
+fn main() {}