rustc_ty_utils/layout/
invariant.rs

1use std::assert_matches::assert_matches;
2
3use rustc_abi::{BackendRepr, FieldsShape, Scalar, Size, TagEncoding, Variants};
4use rustc_middle::bug;
5use rustc_middle::ty::layout::{HasTyCtxt, LayoutCx, TyAndLayout};
6
7/// Enforce some basic invariants on layouts.
8pub(super) fn layout_sanity_check<'tcx>(cx: &LayoutCx<'tcx>, layout: &TyAndLayout<'tcx>) {
9    let tcx = cx.tcx();
10
11    // Type-level uninhabitedness should always imply ABI uninhabitedness.
12    if layout.ty.is_privately_uninhabited(tcx, cx.typing_env) {
13        assert!(
14            layout.is_uninhabited(),
15            "{:?} is type-level uninhabited but not ABI-uninhabited?",
16            layout.ty
17        );
18    }
19
20    if layout.size.bytes() % layout.align.abi.bytes() != 0 {
21        bug!("size is not a multiple of align, in the following layout:\n{layout:#?}");
22    }
23    if layout.size.bytes() >= tcx.data_layout.obj_size_bound() {
24        bug!("size is too large, in the following layout:\n{layout:#?}");
25    }
26
27    if !cfg!(debug_assertions) {
28        // Stop here, the rest is kind of expensive.
29        return;
30    }
31
32    /// Yields non-ZST fields of the type
33    fn non_zst_fields<'tcx, 'a>(
34        cx: &'a LayoutCx<'tcx>,
35        layout: &'a TyAndLayout<'tcx>,
36    ) -> impl Iterator<Item = (Size, TyAndLayout<'tcx>)> {
37        (0..layout.layout.fields().count()).filter_map(|i| {
38            let field = layout.field(cx, i);
39            // Also checking `align == 1` here leads to test failures in
40            // `layout/zero-sized-array-union.rs`, where a type has a zero-size field with
41            // alignment 4 that still gets ignored during layout computation (which is okay
42            // since other fields already force alignment 4).
43            let zst = field.is_zst();
44            (!zst).then(|| (layout.fields.offset(i), field))
45        })
46    }
47
48    fn skip_newtypes<'tcx>(cx: &LayoutCx<'tcx>, layout: &TyAndLayout<'tcx>) -> TyAndLayout<'tcx> {
49        if matches!(layout.layout.variants(), Variants::Multiple { .. }) {
50            // Definitely not a newtype of anything.
51            return *layout;
52        }
53        let mut fields = non_zst_fields(cx, layout);
54        let Some(first) = fields.next() else {
55            // No fields here, so this could be a primitive or enum -- either way it's not a newtype around a thing
56            return *layout;
57        };
58        if fields.next().is_none() {
59            let (offset, first) = first;
60            if offset == Size::ZERO && first.layout.size() == layout.size {
61                // This is a newtype, so keep recursing.
62                // FIXME(RalfJung): I don't think it would be correct to do any checks for
63                // alignment here, so we don't. Is that correct?
64                return skip_newtypes(cx, &first);
65            }
66        }
67        // No more newtypes here.
68        *layout
69    }
70
71    fn check_layout_abi<'tcx>(cx: &LayoutCx<'tcx>, layout: &TyAndLayout<'tcx>) {
72        // Verify the ABI-mandated alignment and size for scalars.
73        let align = layout.backend_repr.scalar_align(cx);
74        let size = layout.backend_repr.scalar_size(cx);
75        if let Some(align) = align {
76            assert_eq!(
77                layout.layout.align().abi,
78                align,
79                "alignment mismatch between ABI and layout in {layout:#?}"
80            );
81        }
82        if let Some(size) = size {
83            assert_eq!(
84                layout.layout.size(),
85                size,
86                "size mismatch between ABI and layout in {layout:#?}"
87            );
88        }
89
90        // Verify per-ABI invariants
91        match layout.layout.backend_repr() {
92            BackendRepr::Scalar(_) => {
93                // These must always be present for `Scalar` types.
94                let align = align.unwrap();
95                let size = size.unwrap();
96                // Check that this matches the underlying field.
97                let inner = skip_newtypes(cx, layout);
98                assert!(
99                    matches!(inner.layout.backend_repr(), BackendRepr::Scalar(_)),
100                    "`Scalar` type {} is newtype around non-`Scalar` type {}",
101                    layout.ty,
102                    inner.ty
103                );
104                match inner.layout.fields() {
105                    FieldsShape::Primitive => {
106                        // Fine.
107                    }
108                    FieldsShape::Union(..) => {
109                        // FIXME: I guess we could also check something here? Like, look at all fields?
110                        return;
111                    }
112                    FieldsShape::Arbitrary { .. } => {
113                        // Should be an enum, the only field is the discriminant.
114                        assert!(
115                            inner.ty.is_enum(),
116                            "`Scalar` layout for non-primitive non-enum type {}",
117                            inner.ty
118                        );
119                        assert_eq!(
120                            inner.layout.fields().count(),
121                            1,
122                            "`Scalar` layout for multiple-field type in {inner:#?}",
123                        );
124                        let offset = inner.layout.fields().offset(0);
125                        let field = inner.field(cx, 0);
126                        // The field should be at the right offset, and match the `scalar` layout.
127                        assert_eq!(
128                            offset,
129                            Size::ZERO,
130                            "`Scalar` field at non-0 offset in {inner:#?}",
131                        );
132                        assert_eq!(field.size, size, "`Scalar` field with bad size in {inner:#?}",);
133                        assert_eq!(
134                            field.align.abi, align,
135                            "`Scalar` field with bad align in {inner:#?}",
136                        );
137                        assert!(
138                            matches!(field.backend_repr, BackendRepr::Scalar(_)),
139                            "`Scalar` field with bad ABI in {inner:#?}",
140                        );
141                    }
142                    _ => {
143                        panic!("`Scalar` layout for non-primitive non-enum type {}", inner.ty);
144                    }
145                }
146            }
147            BackendRepr::ScalarPair(scalar1, scalar2) => {
148                // Check that the underlying pair of fields matches.
149                let inner = skip_newtypes(cx, layout);
150                assert!(
151                    matches!(inner.layout.backend_repr(), BackendRepr::ScalarPair(..)),
152                    "`ScalarPair` type {} is newtype around non-`ScalarPair` type {}",
153                    layout.ty,
154                    inner.ty
155                );
156                if matches!(inner.layout.variants(), Variants::Multiple { .. }) {
157                    // FIXME: ScalarPair for enums is enormously complicated and it is very hard
158                    // to check anything about them.
159                    return;
160                }
161                match inner.layout.fields() {
162                    FieldsShape::Arbitrary { .. } => {
163                        // Checked below.
164                    }
165                    FieldsShape::Union(..) => {
166                        // FIXME: I guess we could also check something here? Like, look at all fields?
167                        return;
168                    }
169                    _ => {
170                        panic!("`ScalarPair` layout with unexpected field shape in {inner:#?}");
171                    }
172                }
173                let mut fields = non_zst_fields(cx, &inner);
174                let (offset1, field1) = fields.next().unwrap_or_else(|| {
175                    panic!(
176                        "`ScalarPair` layout for type with not even one non-ZST field: {inner:#?}"
177                    )
178                });
179                let (offset2, field2) = fields.next().unwrap_or_else(|| {
180                    panic!(
181                        "`ScalarPair` layout for type with less than two non-ZST fields: {inner:#?}"
182                    )
183                });
184                assert_matches!(
185                    fields.next(),
186                    None,
187                    "`ScalarPair` layout for type with at least three non-ZST fields: {inner:#?}"
188                );
189                // The fields might be in opposite order.
190                let (offset1, field1, offset2, field2) = if offset1 <= offset2 {
191                    (offset1, field1, offset2, field2)
192                } else {
193                    (offset2, field2, offset1, field1)
194                };
195                // The fields should be at the right offset, and match the `scalar` layout.
196                let size1 = scalar1.size(cx);
197                let align1 = scalar1.align(cx).abi;
198                let size2 = scalar2.size(cx);
199                let align2 = scalar2.align(cx).abi;
200                assert_eq!(
201                    offset1,
202                    Size::ZERO,
203                    "`ScalarPair` first field at non-0 offset in {inner:#?}",
204                );
205                assert_eq!(
206                    field1.size, size1,
207                    "`ScalarPair` first field with bad size in {inner:#?}",
208                );
209                assert_eq!(
210                    field1.align.abi, align1,
211                    "`ScalarPair` first field with bad align in {inner:#?}",
212                );
213                assert_matches!(
214                    field1.backend_repr,
215                    BackendRepr::Scalar(_),
216                    "`ScalarPair` first field with bad ABI in {inner:#?}",
217                );
218                let field2_offset = size1.align_to(align2);
219                assert_eq!(
220                    offset2, field2_offset,
221                    "`ScalarPair` second field at bad offset in {inner:#?}",
222                );
223                assert_eq!(
224                    field2.size, size2,
225                    "`ScalarPair` second field with bad size in {inner:#?}",
226                );
227                assert_eq!(
228                    field2.align.abi, align2,
229                    "`ScalarPair` second field with bad align in {inner:#?}",
230                );
231                assert_matches!(
232                    field2.backend_repr,
233                    BackendRepr::Scalar(_),
234                    "`ScalarPair` second field with bad ABI in {inner:#?}",
235                );
236            }
237            BackendRepr::SimdVector { element, count } => {
238                let align = layout.align.abi;
239                let size = layout.size;
240                let element_align = element.align(cx).abi;
241                let element_size = element.size(cx);
242                // Currently, vectors must always be aligned to at least their elements:
243                assert!(align >= element_align);
244                // And the size has to be element * count plus alignment padding, of course
245                assert!(size == (element_size * count).align_to(align));
246            }
247            BackendRepr::Memory { .. } => {} // Nothing to check.
248        }
249    }
250
251    check_layout_abi(cx, layout);
252
253    match &layout.variants {
254        Variants::Empty => {
255            assert!(layout.is_uninhabited());
256        }
257        Variants::Single { index } => {
258            if let Some(variants) = layout.ty.variant_range(tcx) {
259                assert!(variants.contains(index));
260            } else {
261                // Types without variants use `0` as dummy variant index.
262                assert!(index.as_u32() == 0);
263            }
264        }
265        Variants::Multiple { variants, tag, tag_encoding, .. } => {
266            if let TagEncoding::Niche { niche_start, untagged_variant, niche_variants } =
267                tag_encoding
268            {
269                let niche_size = tag.size(cx);
270                assert!(*niche_start <= niche_size.unsigned_int_max());
271                for (idx, variant) in variants.iter_enumerated() {
272                    // Ensure all inhabited variants are accounted for.
273                    if !variant.is_uninhabited() {
274                        assert!(idx == *untagged_variant || niche_variants.contains(&idx));
275                    }
276                }
277            }
278            for variant in variants.iter() {
279                // No nested "multiple".
280                assert_matches!(variant.variants, Variants::Single { .. });
281                // Variants should have the same or a smaller size as the full thing,
282                // and same for alignment.
283                if variant.size > layout.size {
284                    bug!(
285                        "Type with size {} bytes has variant with size {} bytes: {layout:#?}",
286                        layout.size.bytes(),
287                        variant.size.bytes(),
288                    )
289                }
290                if variant.align.abi > layout.align.abi {
291                    bug!(
292                        "Type with alignment {} bytes has variant with alignment {} bytes: {layout:#?}",
293                        layout.align.abi.bytes(),
294                        variant.align.abi.bytes(),
295                    )
296                }
297                // Skip empty variants.
298                if variant.size == Size::ZERO
299                    || variant.fields.count() == 0
300                    || variant.is_uninhabited()
301                {
302                    // These are never actually accessed anyway, so we can skip the coherence check
303                    // for them. They also fail that check, since they may have
304                    // a different ABI even when the main type is
305                    // `Scalar`/`ScalarPair`. (Note that sometimes, variants with fields have size
306                    // 0, and sometimes, variants without fields have non-0 size.)
307                    continue;
308                }
309                // The top-level ABI and the ABI of the variants should be coherent.
310                let scalar_coherent = |s1: Scalar, s2: Scalar| {
311                    s1.size(cx) == s2.size(cx) && s1.align(cx) == s2.align(cx)
312                };
313                let abi_coherent = match (layout.backend_repr, variant.backend_repr) {
314                    (BackendRepr::Scalar(s1), BackendRepr::Scalar(s2)) => scalar_coherent(s1, s2),
315                    (BackendRepr::ScalarPair(a1, b1), BackendRepr::ScalarPair(a2, b2)) => {
316                        scalar_coherent(a1, a2) && scalar_coherent(b1, b2)
317                    }
318                    (BackendRepr::Memory { .. }, _) => true,
319                    _ => false,
320                };
321                if !abi_coherent {
322                    bug!(
323                        "Variant ABI is incompatible with top-level ABI:\nvariant={:#?}\nTop-level: {layout:#?}",
324                        variant
325                    );
326                }
327            }
328        }
329    }
330}