new lint: manual_offset_from_unsigned

[jaroslawroszyk]

Fixes #16156

Description

This PR introduces a new lint manual_offset_from_unsigned that detects patterns like ptr1.offset_from(ptr2) as usize and suggests replacing them with ptr1.offset_from_unsigned(ptr2).

Why is this important?

The offset_from_unsigned method (stabilized in Rust 1.87.0) explicitly handles the safety precondition that the pointer must be greater than or equal to the argument. Using this method is more idiomatic, potentially allows for better compiler optimizations, and makes the code's intent clearer than a raw cast to usize.

Example

unsafe {
    let _ = ptr2.offset_from(ptr1) as usize;
}

Can be replaced with:

unsafe {
    let _ = ptr2.offset_from_unsigned(ptr1);
}

Implementation Details

The implementation handles both raw pointers and NonNull types. It uses a helper function to "peel" blocks and unsafe scopes to find the inner method call even when it's wrapped in a block.

• I've followed the contribution guidelines

• I've added UI tests for the new lint

• I've run cargo dev update_lints

changelog: [manual_offset_from_unsigned]: Added a lint to detect manual conversion from offset_from to usize.

[rustbot]

r? @dswij

rustbot has assigned @dswij.
They will have a look at your PR within the next two weeks and either review your PR or reassign to another reviewer.

Use r? to explicitly pick a reviewer

Why was this reviewer chosen?

The reviewer was selected based on:

• Owners of files modified in this PR: 7 candidates
• 7 candidates expanded to 7 candidates
• Random selection from Jarcho, dswij, llogiq, samueltardieu

[github-actions]

Lintcheck changes for 03cb98a

Lint	Added	Removed	Changed
clippy::manual_offset_from_unsigned	3	0	0

This comment will be updated if you push new changes

[jaroslawroszyk]

@rustbot ready