Add new lint [manual_checked_sub]

CHANGELOG.md

@@ -5847,6 +5847,7 @@ Released 2018-09-13
 [`manual_async_fn`]: https://rust-lang.github.io/rust-clippy/master/index.html#manual_async_fn
 [`manual_bits`]: https://rust-lang.github.io/rust-clippy/master/index.html#manual_bits
 [`manual_c_str_literals`]: https://rust-lang.github.io/rust-clippy/master/index.html#manual_c_str_literals
+[`manual_checked_sub`]: https://rust-lang.github.io/rust-clippy/master/index.html#manual_checked_sub
 [`manual_clamp`]: https://rust-lang.github.io/rust-clippy/master/index.html#manual_clamp
 [`manual_contains`]: https://rust-lang.github.io/rust-clippy/master/index.html#manual_contains
 [`manual_dangling_ptr`]: https://rust-lang.github.io/rust-clippy/master/index.html#manual_dangling_ptr

clippy_lints/src/declared_lints.rs

@@ -289,6 +289,7 @@ pub static LINTS: &[&crate::LintInfo] = &[
     crate::manual_assert::MANUAL_ASSERT_INFO,
     crate::manual_async_fn::MANUAL_ASYNC_FN_INFO,
     crate::manual_bits::MANUAL_BITS_INFO,
+    crate::manual_checked_sub::MANUAL_CHECKED_SUB_INFO,
     crate::manual_clamp::MANUAL_CLAMP_INFO,
     crate::manual_div_ceil::MANUAL_DIV_CEIL_INFO,
     crate::manual_float_methods::MANUAL_IS_FINITE_INFO,

clippy_lints/src/dereference.rs

@@ -433,12 +433,12 @@ impl<'tcx> LateLintPass<'tcx> for Dereferencing<'tcx> {
                             (2, deref_msg)
                         };
 
-                        if deref_count >= required_refs {
+                        if let Some(result) = deref_count.checked_sub(required_refs) {
                             self.state = Some((
                                 State::DerefedBorrow(DerefedBorrow {
                                     // One of the required refs is for the current borrow expression, the remaining ones
                                     // can't be removed without breaking the code. See earlier comment.
-                                    count: deref_count - required_refs,
+                                    count: result,
                                     msg,
                                     stability,
                                     for_field_access: if let ExprUseNode::FieldAccess(name) = use_node

clippy_lints/src/lib.rs

@@ -208,6 +208,7 @@ mod manual_abs_diff;
 mod manual_assert;
 mod manual_async_fn;
 mod manual_bits;
+mod manual_checked_sub;
 mod manual_clamp;
 mod manual_div_ceil;
 mod manual_float_methods;
@@ -942,6 +943,8 @@ pub fn register_lints(store: &mut rustc_lint::LintStore, conf: &'static Conf) {
     store.register_late_pass(move |_| Box::new(non_std_lazy_statics::NonStdLazyStatic::new(conf)));
     store.register_late_pass(|_| Box::new(manual_option_as_slice::ManualOptionAsSlice::new(conf)));
     store.register_late_pass(|_| Box::new(single_option_map::SingleOptionMap));
+    store.register_late_pass(move |_| Box::new(manual_checked_sub::ManualCheckedSub::new(conf)));
     store.register_late_pass(move |_| Box::new(redundant_test_prefix::RedundantTestPrefix));
+
     // add lints here, do not remove this comment, it's used in `new_lint`
 }

clippy_lints/src/manual_checked_sub.rs

@@ -0,0 +1,193 @@
+use clippy_config::Conf;
+use clippy_utils::diagnostics::span_lint;
+use clippy_utils::msrvs::{self, Msrv};
+
+use clippy_utils::{is_mutable, path_to_local};
+use rustc_ast::{BinOpKind, LitIntType, LitKind};
+use rustc_data_structures::packed::Pu128;
+use rustc_hir::intravisit::{Visitor, walk_expr};
+use rustc_hir::{Expr, ExprKind};
+use rustc_lint::{LateContext, LateLintPass};
+use rustc_middle::ty::{self};
+use rustc_session::impl_lint_pass;
+
+declare_clippy_lint! {
+    /// ### What it does
+    /// Checks for manual re-implementations of checked subtraction.
+    ///
+    /// ### Why is this bad?
+    /// Manually re-implementing checked subtraction can be error-prone and less readable.
+    /// Using the standard library method `.checked_sub()` is clearer and less likely to contain bugs.
+    ///
+    /// ### Example
+    /// ```rust
+    /// // Bad: Manual implementation of checked subtraction
+    /// fn get_remaining_items(total: u32, used: u32) -> Option<u32> {
+    ///     if total >= used {
+    ///         Some(total - used)
+    ///     } else {
+    ///         None
+    ///     }
+    /// }
+    /// ```
+    ///
+    /// Use instead:
+    /// ```rust
+    /// // Good: Using the standard library's checked_sub
+    /// fn get_remaining_items(total: u32, used: u32) -> Option<u32> {
+    ///     total.checked_sub(used)
+    /// }
+    /// ```
+    #[clippy::version = "1.86.0"]
+    pub MANUAL_CHECKED_SUB,
+    complexity,
+    "Checks for manual re-implementations of checked subtraction."
+}
+
+pub struct ManualCheckedSub {
+    msrv: Msrv,
+}
+
+impl ManualCheckedSub {
+    #[must_use]
+    pub fn new(conf: &'static Conf) -> Self {
+        Self { msrv: conf.msrv }
+    }
+}
+
+impl_lint_pass!(ManualCheckedSub => [MANUAL_CHECKED_SUB]);
+
+impl<'tcx> LateLintPass<'tcx> for ManualCheckedSub {
+    fn check_expr(&mut self, cx: &LateContext<'tcx>, expr: &'tcx Expr<'_>) {
+        if !self.msrv.meets(cx, msrvs::CHECKED_SUB) {
+            return;
+        }
+
+        if let Some(if_expr) = clippy_utils::higher::If::hir(expr)
+            && let ExprKind::Binary(op, lhs, rhs) = if_expr.cond.kind
+            && !(matches!(lhs.kind, ExprKind::Lit(_)) && matches!(rhs.kind, ExprKind::Lit(_)))
+            && is_unsigned_int(cx, lhs)
+            && is_unsigned_int(cx, rhs)
+        {
+            // Skip if either non-literal operand is mutable
+            if (!matches!(lhs.kind, ExprKind::Lit(_)) && is_mutable(cx, lhs))
+                || (!matches!(rhs.kind, ExprKind::Lit(_)) && is_mutable(cx, rhs))
+            {
+                return;
+            }
+
+            // Skip if either lhs or rhs is a macro call
+            if lhs.span.from_expansion() || rhs.span.from_expansion() {
+                return;
+            }
+
+            if let BinOpKind::Ge | BinOpKind::Gt | BinOpKind::Le | BinOpKind::Lt = op.node {
+                SubExprVisitor {
+                    cx,
+                    if_expr: expr,
+
+                    condition_lhs: lhs,
+                    condition_rhs: rhs,
+                    condition_op: op.node,
+                }
+                .visit_expr(if_expr.then);
+            }
+        }
+    }
+}
+
+struct SubExprVisitor<'cx, 'tcx> {
+    cx: &'cx LateContext<'tcx>,
+    if_expr: &'tcx Expr<'tcx>,
+
+    condition_lhs: &'tcx Expr<'tcx>,
+    condition_rhs: &'tcx Expr<'tcx>,
+    condition_op: BinOpKind,
+}
+
+impl<'tcx> Visitor<'tcx> for SubExprVisitor<'_, 'tcx> {
+    fn visit_expr(&mut self, expr: &'tcx Expr<'_>) {
+        if let ExprKind::Binary(op, sub_lhs, sub_rhs) = expr.kind
+            && let BinOpKind::Sub = op.node
+        {
+            // // Skip if either sub_lhs or sub_rhs is a macro call
+            if sub_lhs.span.from_expansion() || sub_rhs.span.from_expansion() {
+                return;
+            }
+
+            if let ExprKind::Lit(lit) = self.condition_lhs.kind
+                && self.condition_op == BinOpKind::Lt
+                && let LitKind::Int(Pu128(0), _) = lit.node
+                && (is_referencing_same_variable(sub_lhs, self.condition_rhs))
+            {
+                self.emit_lint();
+            }
+
+            if let ExprKind::Lit(lit) = self.condition_rhs.kind
+                && self.condition_op == BinOpKind::Gt
+                && let LitKind::Int(Pu128(0), _) = lit.node
+                && (is_referencing_same_variable(sub_lhs, self.condition_lhs))
+            {
+                self.emit_lint();
+            }
+
+            if self.condition_op == BinOpKind::Ge
+                && (is_referencing_same_variable(sub_lhs, self.condition_lhs)
+                    || are_literals_equal(sub_lhs, self.condition_lhs))
+                && (is_referencing_same_variable(sub_rhs, self.condition_rhs)
+                    || are_literals_equal(sub_rhs, self.condition_rhs))
+            {
+                self.emit_lint();
+            }
+
+            if self.condition_op == BinOpKind::Le
+                && (is_referencing_same_variable(sub_lhs, self.condition_rhs)
+                    || are_literals_equal(sub_lhs, self.condition_rhs))
+                && (is_referencing_same_variable(sub_rhs, self.condition_lhs)
+                    || are_literals_equal(sub_rhs, self.condition_lhs))
+            {
+                self.emit_lint();
+            }
+        }
+
+        walk_expr(self, expr);
+    }
+}
+
+impl SubExprVisitor<'_, '_> {
+    fn emit_lint(&mut self) {
+        span_lint(
+            self.cx,
+            MANUAL_CHECKED_SUB,
+            self.if_expr.span,
+            "manual re-implementation of checked subtraction - consider using `.checked_sub()`",
+        );
+    }
+}
+
+fn is_unsigned_int<'tcx>(cx: &LateContext<'tcx>, expr: &Expr<'tcx>) -> bool {
+    let expr_type = cx.typeck_results().expr_ty(expr).peel_refs();
+    if matches!(expr_type.kind(), ty::Uint(_)) {
+        return true;
+    }
+
+    false
+}
+
+fn are_literals_equal<'tcx>(expr1: &Expr<'tcx>, expr2: &Expr<'tcx>) -> bool {
+    if let (ExprKind::Lit(lit1), ExprKind::Lit(lit2)) = (&expr1.kind, &expr2.kind)
+        && let (LitKind::Int(val1, suffix1), LitKind::Int(val2, suffix2)) = (&lit1.node, &lit2.node)
+    {
+        return val1 == val2 && suffix1 == suffix2 && *suffix1 != LitIntType::Unsuffixed;
+    }
+
+    false
+}
+
+fn is_referencing_same_variable<'tcx>(expr1: &'tcx Expr<'_>, expr2: &'tcx Expr<'_>) -> bool {
+    if let (Some(id1), Some(id2)) = (path_to_local(expr1), path_to_local(expr2)) {
+        return id1 == id2;
+    }
+
+    false
+}

clippy_lints/src/methods/map_with_unused_argument_over_ranges.rs

@@ -30,10 +30,10 @@ fn extract_count_with_applicability(
             && let LitKind::Int(Pu128(upper_bound), _) = lit.node
         {
             // Here we can explicitly calculate the number of iterations
-            let count = if upper_bound >= lower_bound {
+            let count = if let Some(result) = upper_bound.checked_sub(lower_bound) {
                 match range.limits {
-                    RangeLimits::HalfOpen => upper_bound - lower_bound,
-                    RangeLimits::Closed => (upper_bound - lower_bound).checked_add(1)?,
+                    RangeLimits::HalfOpen => result,
+                    RangeLimits::Closed => (result).checked_add(1)?,
                 }
             } else {
                 0

clippy_utils/src/msrvs.rs

@@ -51,7 +51,7 @@ msrv_aliases! {
     1,52,0 { STR_SPLIT_ONCE, REM_EUCLID_CONST }
     1,51,0 { BORROW_AS_PTR, SEEK_FROM_CURRENT, UNSIGNED_ABS }
     1,50,0 { BOOL_THEN, CLAMP, SLICE_FILL }
-    1,47,0 { TAU, IS_ASCII_DIGIT_CONST, ARRAY_IMPL_ANY_LEN, SATURATING_SUB_CONST }
+    1,47,0 { TAU, IS_ASCII_DIGIT_CONST, ARRAY_IMPL_ANY_LEN, SATURATING_SUB_CONST, CHECKED_SUB }
     1,46,0 { CONST_IF_MATCH }
     1,45,0 { STR_STRIP_PREFIX }
     1,43,0 { LOG2_10, LOG10_2, NUMERIC_ASSOCIATED_CONSTANTS }

tests/ui/implicit_saturating_sub.fixed

@@ -1,4 +1,9 @@
-#![allow(unused_assignments, unused_mut, clippy::assign_op_pattern)]
+#![allow(
+    unused_assignments,
+    unused_mut,
+    clippy::assign_op_pattern,
+    clippy::manual_checked_sub
+)]
 #![warn(clippy::implicit_saturating_sub)]
 
 use std::cmp::PartialEq;

tests/ui/implicit_saturating_sub.rs

@@ -1,4 +1,9 @@
-#![allow(unused_assignments, unused_mut, clippy::assign_op_pattern)]
+#![allow(
+    unused_assignments,
+    unused_mut,
+    clippy::assign_op_pattern,
+    clippy::manual_checked_sub
+)]
 #![warn(clippy::implicit_saturating_sub)]
 
 use std::cmp::PartialEq;