cast_checks

A procedural macro to check for invalid casts

Like [-C overflow-checks], cast_checks is enabled only for debug builds by default. To enable cast_checks for release builds, set the crate-level release feature.

How it works

cast_checks::enable essentially rewrites each expression of the form:

rust,ignore expr as T

to an expression involving [try_into]:

rust,ignore <_ as TryInto::< T >>::try_into( expr ).expect("invalid cast")

So when an invalid cast occurs, a message like the following results:

text thread 'checked_truncation' panicked at 'invalid cast: TryFromIntError(())', cast_checks/tests/basic.rs:30:13

We say "essentially rewrites" because the code that cast_checks::enable actually generates is slightly more complicated. It uses Nikolai Vazquez's [trick from impls] to determine whether an appropriate [TryInto] implementation exists.

How to use

With a stable compiler

You must use cast_checks::enable as an outer [attribute]. Example:

```rust

[cast_checks::enable]

fn as_u16(x: u64) -> u16 { x as u16 } ```

With a nightly compiler

TL;DR: We recommend enabling Rust features [custom_inner_attributes] and [proc_macro_hygiene], and compiling with [RUSTFLAGS='--cfg procmacro2_semver_exempt'].

If you enable the [custom_inner_attributes] and [proc_macro_hygiene] features, you can use cast_checks::enable as an inner [attribute]. Example:

```rust,ignore

![feature(custominnerattributes, procmacrohygiene)]

mod m { #![cast_checks::enable]

/* items */

} ```

However, in our experience, this can cause panics to refer to the wrong locations.

To help counter the above, if you compile with the [procmacro2_semver_exempt] config flag, cast_checks will include more elaborate expect messages. Example:

text thread 'checked_truncation' panicked at 'invalid cast in `x as u8` at cast_checks/tests/basic.rs:30:13: TryFromIntError(())', cast_checks/tests/basic.rs:30:13

CAST_CHECKS_LOG

If you are concerned that some casts are not being checked, try setting CAST_CHECKS_LOG when compiling. This will cause cast_checks to dump all rewritten locations to standard output. Example:

text cast_checks rewriting `x as u8` at cast_checks/tests/basic.rs:13:17 cast_checks rewriting `y as u128` at cast_checks/tests/basic.rs:22:13 ...

Note that CAST_CHECKS_LOG requires --cfg procmacro2_semver_exempt be passed to rustc.