Open
Description
What it does
Tracks the creation of null pointers with std::ptr::{null, null_mut}, and any binding that holds them that are never touched until they are dereferenced. When such a case is encountered, a deny-by-default lint is triggered.
Advantage
- compile time detection of assured UB
- slightly lowered need for miri
Drawbacks
- detection logic to avoid false positives might be tricky
- miri already catches this, this could be considered redundant
Example
fn foo(x: *mut i32) -> i32 {
unsafe {
if x.is_null() {
*x
} else {
0
}
}
}
fn main() {
foo(std::ptr::null_mut());
}Should complain about the access to a null pointer at compile time on *x.