Skip to content

feat: add cast_ptr_sized_int lint #16262

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
ab22593k wants to merge 1 commit into
base: master
Choose a base branch
from
Open

feat: add cast_ptr_sized_int lint #16262

ab22593k wants to merge 1 commit into from
+474 −0

Conversation

@ab22593k
Copy link

@ab22593k ab22593k commented Dec 18, 2025
edited
Loading

Introduce a new restriction lint to identify casts between pointer-sized integer types (usize, isize) and fixed-size integer types.

Encourage the use of TryFrom or TryInto over direct as casts to make potential platform-specific truncation or zero-extension explicit and handled.

Also Provide machine-applicable suggestions to replace risky casts with fallible conversions while excluding constant contexts where such traits are not yet stable.

Closes: #9231

changelog: add cast_ptr_sized_int lint

@rustbot rustbot added needs-fcp S-waiting-on-review Status: Awaiting review from the assignee but also interested parties labels Dec 18, 2025
@rustbot
Copy link
Collaborator

rustbot commented Dec 18, 2025

r? @samueltardieu

rustbot has assigned @samueltardieu.
They will have a look at your PR within the next two weeks and either review your PR or reassign to another reviewer.

Use r? to explicitly pick a reviewer

@rustbot

This comment has been minimized.

Sign in to view
@github-actions
Copy link

github-actions bot commented Dec 18, 2025
edited
Loading

Lintcheck changes for fa57af9

Lint Added Removed Changed
clippy::cast_ptr_sized_int 1382 0 0

This comment will be updated if you push new changes

samueltardieu
samueltardieu reviewed Dec 19, 2025
View reviewed changes
Copy link
Member

@samueltardieu samueltardieu left a comment
edited by rustbot
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Aren't those cases already covered by the cast_lossless, cast_possible_truncation, cast_possible_wrap, and cast_sign_loss lints?

Moreover, the suggestion transforms integer types into options, which is not a directly applicable fix.

View changes since this review

@samueltardieu
Copy link
Member

samueltardieu commented Dec 19, 2025

@rustbot author

@rustbot rustbot removed the S-waiting-on-review Status: Awaiting review from the assignee but also interested parties label Dec 19, 2025
@rustbot
Copy link
Collaborator

rustbot commented Dec 19, 2025

Reminder, once the PR becomes ready for a review, use @rustbot ready.

@rustbot rustbot added the S-waiting-on-author Status: This is awaiting some action from the author. (Use `@rustbot ready` to update this status) label Dec 19, 2025
@ab22593k
Copy link
Author

ab22593k commented Dec 19, 2025

This is exactly the gap the lint addresses: If you compile on 64-bit, usize as u64 looks safe. But the same code behaves differently on 32-bit. No existing lint catches this architecture-dependent behavior.

The suggestion is not directly applicable: should i remove the suggestion (just warn without providing a fix)?

@samueltardieu
Copy link
Member

samueltardieu commented Dec 19, 2025

The lint still triggers inconsistently. For example:

  • usize can also be a 16-bit integer on some tier 3 platforms such as MSP430
  • A cast from u8 or u16 to usize will always succeed and should not be warned about
  • A cast from usize to u64 or u128 will always succeed and should not be warned about

And indeed, no fix should be provided if it would be incorrect, but the help message may suggest using try_from() and let the user act on it.

@ab22593k
feat: add cast_ptr_sized_int lint
fa57af9 
Introduce a new lint to detect casts between pointer-sized integers (`usize`, `isize`)
and fixed-size integer types.

- Identifies architecture-dependent casts that may lead to truncation or
unexpected behavior when moving between 32-bit and 64-bit platforms.
- Encourages the use of `TryFrom` or `TryInto` to make potential conversion
failures explicit and handled.
- Includes optimization logic to ignore always-safe casts, such as widening
conversions from small fixed-size integers to pointer-sized types.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@samueltardieu samueltardieu samueltardieu left review comments

Assignees

@samueltardieu samueltardieu

Labels

needs-fcp S-waiting-on-author Status: This is awaiting some action from the author. (Use `@rustbot ready` to update this status)

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Have a lint against usize-to-u64 casts (or, against *all* integer casts)

3 participants

@ab22593k @rustbot @samueltardieu