]> git.proxmox.com Git - rustc.git/blob - compiler/rustc_lint/src/types.rs
projects / rustc.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
New upstream version 1.48.0~beta.8+dfsg1
[rustc.git] / compiler / rustc_lint / src / types.rs
1 use crate::{LateContext, LateLintPass, LintContext};
2 use rustc_ast as ast;
3 use rustc_attr as attr;
4 use rustc_data_structures::fx::FxHashSet;
5 use rustc_errors::Applicability;
6 use rustc_hir as hir;
7 use rustc_hir::{is_range_literal, ExprKind, Node};
8 use rustc_index::vec::Idx;
9 use rustc_middle::mir::interpret::{sign_extend, truncate};
10 use rustc_middle::ty::layout::{IntegerExt, SizeSkeleton};
11 use rustc_middle::ty::subst::SubstsRef;
12 use rustc_middle::ty::{self, AdtKind, Ty, TyCtxt, TypeFoldable};
13 use rustc_span::source_map;
14 use rustc_span::symbol::sym;
15 use rustc_span::{Span, DUMMY_SP};
16 use rustc_target::abi::Abi;
17 use rustc_target::abi::{Integer, LayoutOf, TagEncoding, VariantIdx, Variants};
18 use rustc_target::spec::abi::Abi as SpecAbi;
19
20 use std::cmp;
21 use tracing::debug;
22
23 declare_lint! {
24 /// The `unused_comparisons` lint detects comparisons made useless by
25 /// limits of the types involved.
26 ///
27 /// ### Example
28 ///
29 /// ```rust
30 /// fn foo(x: u8) {
31 /// x >= 0;
32 /// }
33 /// ```
34 ///
35 /// {{produces}}
36 ///
37 /// ### Explanation
38 ///
39 /// A useless comparison may indicate a mistake, and should be fixed or
40 /// removed.
41 UNUSED_COMPARISONS,
42 Warn,
43 "comparisons made useless by limits of the types involved"
44 }
45
46 declare_lint! {
47 /// The `overflowing_literals` lint detects literal out of range for its
48 /// type.
49 ///
50 /// ### Example
51 ///
52 /// ```rust,compile_fail
53 /// let x: u8 = 1000;
54 /// ```
55 ///
56 /// {{produces}}
57 ///
58 /// ### Explanation
59 ///
60 /// It is usually a mistake to use a literal that overflows the type where
61 /// it is used. Either use a literal that is within range, or change the
62 /// type to be within the range of the literal.
63 OVERFLOWING_LITERALS,
64 Deny,
65 "literal out of range for its type"
66 }
67
68 declare_lint! {
69 /// The `variant_size_differences` lint detects enums with widely varying
70 /// variant sizes.
71 ///
72 /// ### Example
73 ///
74 /// ```rust,compile_fail
75 /// #![deny(variant_size_differences)]
76 /// enum En {
77 /// V0(u8),
78 /// VBig([u8; 1024]),
79 /// }
80 /// ```
81 ///
82 /// {{produces}}
83 ///
84 /// ### Explanation
85 ///
86 /// It can be a mistake to add a variant to an enum that is much larger
87 /// than the other variants, bloating the overall size required for all
88 /// variants. This can impact performance and memory usage. This is
89 /// triggered if one variant is more than 3 times larger than the
90 /// second-largest variant.
91 ///
92 /// Consider placing the large variant's contents on the heap (for example
93 /// via [`Box`]) to keep the overall size of the enum itself down.
94 ///
95 /// This lint is "allow" by default because it can be noisy, and may not be
96 /// an actual problem. Decisions about this should be guided with
97 /// profiling and benchmarking.
98 ///
99 /// [`Box`]: https://doc.rust-lang.org/std/boxed/index.html
100 VARIANT_SIZE_DIFFERENCES,
101 Allow,
102 "detects enums with widely varying variant sizes"
103 }
104
105 #[derive(Copy, Clone)]
106 pub struct TypeLimits {
107 /// Id of the last visited negated expression
108 negated_expr_id: Option<hir::HirId>,
109 }
110
111 impl_lint_pass!(TypeLimits => [UNUSED_COMPARISONS, OVERFLOWING_LITERALS]);
112
113 impl TypeLimits {
114 pub fn new() -> TypeLimits {
115 TypeLimits { negated_expr_id: None }
116 }
117 }
118
119 /// Attempts to special-case the overflowing literal lint when it occurs as a range endpoint.
120 /// Returns `true` iff the lint was overridden.
121 fn lint_overflowing_range_endpoint<'tcx>(
122 cx: &LateContext<'tcx>,
123 lit: &hir::Lit,
124 lit_val: u128,
125 max: u128,
126 expr: &'tcx hir::Expr<'tcx>,
127 parent_expr: &'tcx hir::Expr<'tcx>,
128 ty: &str,
129 ) -> bool {
130 // We only want to handle exclusive (`..`) ranges,
131 // which are represented as `ExprKind::Struct`.
132 let mut overwritten = false;
133 if let ExprKind::Struct(_, eps, _) = &parent_expr.kind {
134 if eps.len() != 2 {
135 return false;
136 }
137 // We can suggest using an inclusive range
138 // (`..=`) instead only if it is the `end` that is
139 // overflowing and only by 1.
140 if eps[1].expr.hir_id == expr.hir_id && lit_val - 1 == max {
141 cx.struct_span_lint(OVERFLOWING_LITERALS, parent_expr.span, |lint| {
142 let mut err = lint.build(&format!("range endpoint is out of range for `{}`", ty));
143 if let Ok(start) = cx.sess().source_map().span_to_snippet(eps[0].span) {
144 use ast::{LitIntType, LitKind};
145 // We need to preserve the literal's suffix,
146 // as it may determine typing information.
147 let suffix = match lit.node {
148 LitKind::Int(_, LitIntType::Signed(s)) => s.name_str().to_string(),
149 LitKind::Int(_, LitIntType::Unsigned(s)) => s.name_str().to_string(),
150 LitKind::Int(_, LitIntType::Unsuffixed) => "".to_string(),
151 _ => bug!(),
152 };
153 let suggestion = format!("{}..={}{}", start, lit_val - 1, suffix);
154 err.span_suggestion(
155 parent_expr.span,
156 &"use an inclusive range instead",
157 suggestion,
158 Applicability::MachineApplicable,
159 );
160 err.emit();
161 overwritten = true;
162 }
163 });
164 }
165 }
166 overwritten
167 }
168
169 // For `isize` & `usize`, be conservative with the warnings, so that the
170 // warnings are consistent between 32- and 64-bit platforms.
171 fn int_ty_range(int_ty: ast::IntTy) -> (i128, i128) {
172 match int_ty {
173 ast::IntTy::Isize => (i64::MIN as i128, i64::MAX as i128),
174 ast::IntTy::I8 => (i8::MIN as i64 as i128, i8::MAX as i128),
175 ast::IntTy::I16 => (i16::MIN as i64 as i128, i16::MAX as i128),
176 ast::IntTy::I32 => (i32::MIN as i64 as i128, i32::MAX as i128),
177 ast::IntTy::I64 => (i64::MIN as i128, i64::MAX as i128),
178 ast::IntTy::I128 => (i128::MIN as i128, i128::MAX),
179 }
180 }
181
182 fn uint_ty_range(uint_ty: ast::UintTy) -> (u128, u128) {
183 match uint_ty {
184 ast::UintTy::Usize => (u64::MIN as u128, u64::MAX as u128),
185 ast::UintTy::U8 => (u8::MIN as u128, u8::MAX as u128),
186 ast::UintTy::U16 => (u16::MIN as u128, u16::MAX as u128),
187 ast::UintTy::U32 => (u32::MIN as u128, u32::MAX as u128),
188 ast::UintTy::U64 => (u64::MIN as u128, u64::MAX as u128),
189 ast::UintTy::U128 => (u128::MIN, u128::MAX),
190 }
191 }
192
193 fn get_bin_hex_repr(cx: &LateContext<'_>, lit: &hir::Lit) -> Option<String> {
194 let src = cx.sess().source_map().span_to_snippet(lit.span).ok()?;
195 let firstch = src.chars().next()?;
196
197 if firstch == '0' {
198 match src.chars().nth(1) {
199 Some('x' | 'b') => return Some(src),
200 _ => return None,
201 }
202 }
203
204 None
205 }
206
207 fn report_bin_hex_error(
208 cx: &LateContext<'_>,
209 expr: &hir::Expr<'_>,
210 ty: attr::IntType,
211 repr_str: String,
212 val: u128,
213 negative: bool,
214 ) {
215 let size = Integer::from_attr(&cx.tcx, ty).size();
216 cx.struct_span_lint(OVERFLOWING_LITERALS, expr.span, |lint| {
217 let (t, actually) = match ty {
218 attr::IntType::SignedInt(t) => {
219 let actually = sign_extend(val, size) as i128;
220 (t.name_str(), actually.to_string())
221 }
222 attr::IntType::UnsignedInt(t) => {
223 let actually = truncate(val, size);
224 (t.name_str(), actually.to_string())
225 }
226 };
227 let mut err = lint.build(&format!("literal out of range for {}", t));
228 err.note(&format!(
229 "the literal `{}` (decimal `{}`) does not fit into \
230 the type `{}` and will become `{}{}`",
231 repr_str, val, t, actually, t
232 ));
233 if let Some(sugg_ty) =
234 get_type_suggestion(&cx.typeck_results().node_type(expr.hir_id), val, negative)
235 {
236 if let Some(pos) = repr_str.chars().position(|c| c == 'i' || c == 'u') {
237 let (sans_suffix, _) = repr_str.split_at(pos);
238 err.span_suggestion(
239 expr.span,
240 &format!("consider using `{}` instead", sugg_ty),
241 format!("{}{}", sans_suffix, sugg_ty),
242 Applicability::MachineApplicable,
243 );
244 } else {
245 err.help(&format!("consider using `{}` instead", sugg_ty));
246 }
247 }
248 err.emit();
249 });
250 }
251
252 // This function finds the next fitting type and generates a suggestion string.
253 // It searches for fitting types in the following way (`X < Y`):
254 // - `iX`: if literal fits in `uX` => `uX`, else => `iY`
255 // - `-iX` => `iY`
256 // - `uX` => `uY`
257 //
258 // No suggestion for: `isize`, `usize`.
259 fn get_type_suggestion(t: Ty<'_>, val: u128, negative: bool) -> Option<&'static str> {
260 use rustc_ast::IntTy::*;
261 use rustc_ast::UintTy::*;
262 macro_rules! find_fit {
263 ($ty:expr, $val:expr, $negative:expr,
264 $($type:ident => [$($utypes:expr),*] => [$($itypes:expr),*]),+) => {
265 {
266 let _neg = if negative { 1 } else { 0 };
267 match $ty {
268 $($type => {
269 $(if !negative && val <= uint_ty_range($utypes).1 {
270 return Some($utypes.name_str())
271 })*
272 $(if val <= int_ty_range($itypes).1 as u128 + _neg {
273 return Some($itypes.name_str())
274 })*
275 None
276 },)+
277 _ => None
278 }
279 }
280 }
281 }
282 match t.kind() {
283 ty::Int(i) => find_fit!(i, val, negative,
284 I8 => [U8] => [I16, I32, I64, I128],
285 I16 => [U16] => [I32, I64, I128],
286 I32 => [U32] => [I64, I128],
287 I64 => [U64] => [I128],
288 I128 => [U128] => []),
289 ty::Uint(u) => find_fit!(u, val, negative,
290 U8 => [U8, U16, U32, U64, U128] => [],
291 U16 => [U16, U32, U64, U128] => [],
292 U32 => [U32, U64, U128] => [],
293 U64 => [U64, U128] => [],
294 U128 => [U128] => []),
295 _ => None,
296 }
297 }
298
299 fn lint_int_literal<'tcx>(
300 cx: &LateContext<'tcx>,
301 type_limits: &TypeLimits,
302 e: &'tcx hir::Expr<'tcx>,
303 lit: &hir::Lit,
304 t: ast::IntTy,
305 v: u128,
306 ) {
307 let int_type = t.normalize(cx.sess().target.ptr_width);
308 let (min, max) = int_ty_range(int_type);
309 let max = max as u128;
310 let negative = type_limits.negated_expr_id == Some(e.hir_id);
311
312 // Detect literal value out of range [min, max] inclusive
313 // avoiding use of -min to prevent overflow/panic
314 if (negative && v > max + 1) || (!negative && v > max) {
315 if let Some(repr_str) = get_bin_hex_repr(cx, lit) {
316 report_bin_hex_error(cx, e, attr::IntType::SignedInt(t), repr_str, v, negative);
317 return;
318 }
319
320 let par_id = cx.tcx.hir().get_parent_node(e.hir_id);
321 if let Node::Expr(par_e) = cx.tcx.hir().get(par_id) {
322 if let hir::ExprKind::Struct(..) = par_e.kind {
323 if is_range_literal(par_e)
324 && lint_overflowing_range_endpoint(cx, lit, v, max, e, par_e, t.name_str())
325 {
326 // The overflowing literal lint was overridden.
327 return;
328 }
329 }
330 }
331
332 cx.struct_span_lint(OVERFLOWING_LITERALS, e.span, |lint| {
333 lint.build(&format!("literal out of range for `{}`", t.name_str()))
334 .note(&format!(
335 "the literal `{}` does not fit into the type `{}` whose range is `{}..={}`",
336 cx.sess()
337 .source_map()
338 .span_to_snippet(lit.span)
339 .expect("must get snippet from literal"),
340 t.name_str(),
341 min,
342 max,
343 ))
344 .emit();
345 });
346 }
347 }
348
349 fn lint_uint_literal<'tcx>(
350 cx: &LateContext<'tcx>,
351 e: &'tcx hir::Expr<'tcx>,
352 lit: &hir::Lit,
353 t: ast::UintTy,
354 ) {
355 let uint_type = t.normalize(cx.sess().target.ptr_width);
356 let (min, max) = uint_ty_range(uint_type);
357 let lit_val: u128 = match lit.node {
358 // _v is u8, within range by definition
359 ast::LitKind::Byte(_v) => return,
360 ast::LitKind::Int(v, _) => v,
361 _ => bug!(),
362 };
363 if lit_val < min || lit_val > max {
364 let parent_id = cx.tcx.hir().get_parent_node(e.hir_id);
365 if let Node::Expr(par_e) = cx.tcx.hir().get(parent_id) {
366 match par_e.kind {
367 hir::ExprKind::Cast(..) => {
368 if let ty::Char = cx.typeck_results().expr_ty(par_e).kind() {
369 cx.struct_span_lint(OVERFLOWING_LITERALS, par_e.span, |lint| {
370 lint.build("only `u8` can be cast into `char`")
371 .span_suggestion(
372 par_e.span,
373 &"use a `char` literal instead",
374 format!("'\\u{{{:X}}}'", lit_val),
375 Applicability::MachineApplicable,
376 )
377 .emit();
378 });
379 return;
380 }
381 }
382 hir::ExprKind::Struct(..) if is_range_literal(par_e) => {
383 let t = t.name_str();
384 if lint_overflowing_range_endpoint(cx, lit, lit_val, max, e, par_e, t) {
385 // The overflowing literal lint was overridden.
386 return;
387 }
388 }
389 _ => {}
390 }
391 }
392 if let Some(repr_str) = get_bin_hex_repr(cx, lit) {
393 report_bin_hex_error(cx, e, attr::IntType::UnsignedInt(t), repr_str, lit_val, false);
394 return;
395 }
396 cx.struct_span_lint(OVERFLOWING_LITERALS, e.span, |lint| {
397 lint.build(&format!("literal out of range for `{}`", t.name_str()))
398 .note(&format!(
399 "the literal `{}` does not fit into the type `{}` whose range is `{}..={}`",
400 cx.sess()
401 .source_map()
402 .span_to_snippet(lit.span)
403 .expect("must get snippet from literal"),
404 t.name_str(),
405 min,
406 max,
407 ))
408 .emit()
409 });
410 }
411 }
412
413 fn lint_literal<'tcx>(
414 cx: &LateContext<'tcx>,
415 type_limits: &TypeLimits,
416 e: &'tcx hir::Expr<'tcx>,
417 lit: &hir::Lit,
418 ) {
419 match *cx.typeck_results().node_type(e.hir_id).kind() {
420 ty::Int(t) => {
421 match lit.node {
422 ast::LitKind::Int(v, ast::LitIntType::Signed(_) | ast::LitIntType::Unsuffixed) => {
423 lint_int_literal(cx, type_limits, e, lit, t, v)
424 }
425 _ => bug!(),
426 };
427 }
428 ty::Uint(t) => lint_uint_literal(cx, e, lit, t),
429 ty::Float(t) => {
430 let is_infinite = match lit.node {
431 ast::LitKind::Float(v, _) => match t {
432 ast::FloatTy::F32 => v.as_str().parse().map(f32::is_infinite),
433 ast::FloatTy::F64 => v.as_str().parse().map(f64::is_infinite),
434 },
435 _ => bug!(),
436 };
437 if is_infinite == Ok(true) {
438 cx.struct_span_lint(OVERFLOWING_LITERALS, e.span, |lint| {
439 lint.build(&format!("literal out of range for `{}`", t.name_str()))
440 .note(&format!(
441 "the literal `{}` does not fit into the type `{}` and will be converted to `std::{}::INFINITY`",
442 cx.sess()
443 .source_map()
444 .span_to_snippet(lit.span)
445 .expect("must get snippet from literal"),
446 t.name_str(),
447 t.name_str(),
448 ))
449 .emit();
450 });
451 }
452 }
453 _ => {}
454 }
455 }
456
457 impl<'tcx> LateLintPass<'tcx> for TypeLimits {
458 fn check_expr(&mut self, cx: &LateContext<'tcx>, e: &'tcx hir::Expr<'tcx>) {
459 match e.kind {
460 hir::ExprKind::Unary(hir::UnOp::UnNeg, ref expr) => {
461 // propagate negation, if the negation itself isn't negated
462 if self.negated_expr_id != Some(e.hir_id) {
463 self.negated_expr_id = Some(expr.hir_id);
464 }
465 }
466 hir::ExprKind::Binary(binop, ref l, ref r) => {
467 if is_comparison(binop) && !check_limits(cx, binop, &l, &r) {
468 cx.struct_span_lint(UNUSED_COMPARISONS, e.span, |lint| {
469 lint.build("comparison is useless due to type limits").emit()
470 });
471 }
472 }
473 hir::ExprKind::Lit(ref lit) => lint_literal(cx, self, e, lit),
474 _ => {}
475 };
476
477 fn is_valid<T: cmp::PartialOrd>(binop: hir::BinOp, v: T, min: T, max: T) -> bool {
478 match binop.node {
479 hir::BinOpKind::Lt => v > min && v <= max,
480 hir::BinOpKind::Le => v >= min && v < max,
481 hir::BinOpKind::Gt => v >= min && v < max,
482 hir::BinOpKind::Ge => v > min && v <= max,
483 hir::BinOpKind::Eq | hir::BinOpKind::Ne => v >= min && v <= max,
484 _ => bug!(),
485 }
486 }
487
488 fn rev_binop(binop: hir::BinOp) -> hir::BinOp {
489 source_map::respan(
490 binop.span,
491 match binop.node {
492 hir::BinOpKind::Lt => hir::BinOpKind::Gt,
493 hir::BinOpKind::Le => hir::BinOpKind::Ge,
494 hir::BinOpKind::Gt => hir::BinOpKind::Lt,
495 hir::BinOpKind::Ge => hir::BinOpKind::Le,
496 _ => return binop,
497 },
498 )
499 }
500
501 fn check_limits(
502 cx: &LateContext<'_>,
503 binop: hir::BinOp,
504 l: &hir::Expr<'_>,
505 r: &hir::Expr<'_>,
506 ) -> bool {
507 let (lit, expr, swap) = match (&l.kind, &r.kind) {
508 (&hir::ExprKind::Lit(_), _) => (l, r, true),
509 (_, &hir::ExprKind::Lit(_)) => (r, l, false),
510 _ => return true,
511 };
512 // Normalize the binop so that the literal is always on the RHS in
513 // the comparison
514 let norm_binop = if swap { rev_binop(binop) } else { binop };
515 match *cx.typeck_results().node_type(expr.hir_id).kind() {
516 ty::Int(int_ty) => {
517 let (min, max) = int_ty_range(int_ty);
518 let lit_val: i128 = match lit.kind {
519 hir::ExprKind::Lit(ref li) => match li.node {
520 ast::LitKind::Int(
521 v,
522 ast::LitIntType::Signed(_) | ast::LitIntType::Unsuffixed,
523 ) => v as i128,
524 _ => return true,
525 },
526 _ => bug!(),
527 };
528 is_valid(norm_binop, lit_val, min, max)
529 }
530 ty::Uint(uint_ty) => {
531 let (min, max): (u128, u128) = uint_ty_range(uint_ty);
532 let lit_val: u128 = match lit.kind {
533 hir::ExprKind::Lit(ref li) => match li.node {
534 ast::LitKind::Int(v, _) => v,
535 _ => return true,
536 },
537 _ => bug!(),
538 };
539 is_valid(norm_binop, lit_val, min, max)
540 }
541 _ => true,
542 }
543 }
544
545 fn is_comparison(binop: hir::BinOp) -> bool {
546 match binop.node {
547 hir::BinOpKind::Eq
548 | hir::BinOpKind::Lt
549 | hir::BinOpKind::Le
550 | hir::BinOpKind::Ne
551 | hir::BinOpKind::Ge
552 | hir::BinOpKind::Gt => true,
553 _ => false,
554 }
555 }
556 }
557 }
558
559 declare_lint! {
560 /// The `improper_ctypes` lint detects incorrect use of types in foreign
561 /// modules.
562 ///
563 /// ### Example
564 ///
565 /// ```rust
566 /// extern "C" {
567 /// static STATIC: String;
568 /// }
569 /// ```
570 ///
571 /// {{produces}}
572 ///
573 /// ### Explanation
574 ///
575 /// The compiler has several checks to verify that types used in `extern`
576 /// blocks are safe and follow certain rules to ensure proper
577 /// compatibility with the foreign interfaces. This lint is issued when it
578 /// detects a probable mistake in a definition. The lint usually should
579 /// provide a description of the issue, along with possibly a hint on how
580 /// to resolve it.
581 IMPROPER_CTYPES,
582 Warn,
583 "proper use of libc types in foreign modules"
584 }
585
586 declare_lint_pass!(ImproperCTypesDeclarations => [IMPROPER_CTYPES]);
587
588 declare_lint! {
589 /// The `improper_ctypes_definitions` lint detects incorrect use of
590 /// [`extern` function] definitions.
591 ///
592 /// [`extern` function]: https://doc.rust-lang.org/reference/items/functions.html#extern-function-qualifier
593 ///
594 /// ### Example
595 ///
596 /// ```rust
597 /// # #![allow(unused)]
598 /// pub extern "C" fn str_type(p: &str) { }
599 /// ```
600 ///
601 /// {{produces}}
602 ///
603 /// ### Explanation
604 ///
605 /// There are many parameter and return types that may be specified in an
606 /// `extern` function that are not compatible with the given ABI. This
607 /// lint is an alert that these types should not be used. The lint usually
608 /// should provide a description of the issue, along with possibly a hint
609 /// on how to resolve it.
610 IMPROPER_CTYPES_DEFINITIONS,
611 Warn,
612 "proper use of libc types in foreign item definitions"
613 }
614
615 declare_lint_pass!(ImproperCTypesDefinitions => [IMPROPER_CTYPES_DEFINITIONS]);
616
617 #[derive(Clone, Copy)]
618 crate enum CItemKind {
619 Declaration,
620 Definition,
621 }
622
623 struct ImproperCTypesVisitor<'a, 'tcx> {
624 cx: &'a LateContext<'tcx>,
625 mode: CItemKind,
626 }
627
628 enum FfiResult<'tcx> {
629 FfiSafe,
630 FfiPhantom(Ty<'tcx>),
631 FfiUnsafe { ty: Ty<'tcx>, reason: String, help: Option<String> },
632 }
633
634 crate fn nonnull_optimization_guaranteed<'tcx>(tcx: TyCtxt<'tcx>, def: &ty::AdtDef) -> bool {
635 tcx.get_attrs(def.did)
636 .iter()
637 .any(|a| tcx.sess.check_name(a, sym::rustc_nonnull_optimization_guaranteed))
638 }
639
640 /// `repr(transparent)` structs can have a single non-ZST field, this function returns that
641 /// field.
642 pub fn transparent_newtype_field<'a, 'tcx>(
643 tcx: TyCtxt<'tcx>,
644 variant: &'a ty::VariantDef,
645 ) -> Option<&'a ty::FieldDef> {
646 let param_env = tcx.param_env(variant.def_id);
647 for field in &variant.fields {
648 let field_ty = tcx.type_of(field.did);
649 let is_zst =
650 tcx.layout_of(param_env.and(field_ty)).map(|layout| layout.is_zst()).unwrap_or(false);
651
652 if !is_zst {
653 return Some(field);
654 }
655 }
656
657 None
658 }
659
660 /// Is type known to be non-null?
661 crate fn ty_is_known_nonnull<'tcx>(cx: &LateContext<'tcx>, ty: Ty<'tcx>, mode: CItemKind) -> bool {
662 let tcx = cx.tcx;
663 match ty.kind() {
664 ty::FnPtr(_) => true,
665 ty::Ref(..) => true,
666 ty::Adt(def, _) if def.is_box() && matches!(mode, CItemKind::Definition) => true,
667 ty::Adt(def, substs) if def.repr.transparent() && !def.is_union() => {
668 let marked_non_null = nonnull_optimization_guaranteed(tcx, &def);
669
670 if marked_non_null {
671 return true;
672 }
673
674 for variant in &def.variants {
675 if let Some(field) = transparent_newtype_field(cx.tcx, variant) {
676 if ty_is_known_nonnull(cx, field.ty(tcx, substs), mode) {
677 return true;
678 }
679 }
680 }
681
682 false
683 }
684 _ => false,
685 }
686 }
687
688 /// Given a non-null scalar (or transparent) type `ty`, return the nullable version of that type.
689 /// If the type passed in was not scalar, returns None.
690 fn get_nullable_type<'tcx>(cx: &LateContext<'tcx>, ty: Ty<'tcx>) -> Option<Ty<'tcx>> {
691 let tcx = cx.tcx;
692 Some(match *ty.kind() {
693 ty::Adt(field_def, field_substs) => {
694 let inner_field_ty = {
695 let first_non_zst_ty =
696 field_def.variants.iter().filter_map(|v| transparent_newtype_field(cx.tcx, v));
697 debug_assert_eq!(
698 first_non_zst_ty.clone().count(),
699 1,
700 "Wrong number of fields for transparent type"
701 );
702 first_non_zst_ty
703 .last()
704 .expect("No non-zst fields in transparent type.")
705 .ty(tcx, field_substs)
706 };
707 return get_nullable_type(cx, inner_field_ty);
708 }
709 ty::Int(ty) => tcx.mk_mach_int(ty),
710 ty::Uint(ty) => tcx.mk_mach_uint(ty),
711 ty::RawPtr(ty_mut) => tcx.mk_ptr(ty_mut),
712 // As these types are always non-null, the nullable equivalent of
713 // Option<T> of these types are their raw pointer counterparts.
714 ty::Ref(_region, ty, mutbl) => tcx.mk_ptr(ty::TypeAndMut { ty, mutbl }),
715 ty::FnPtr(..) => {
716 // There is no nullable equivalent for Rust's function pointers -- you
717 // must use an Option<fn(..) -> _> to represent it.
718 ty
719 }
720
721 // We should only ever reach this case if ty_is_known_nonnull is extended
722 // to other types.
723 ref unhandled => {
724 debug!(
725 "get_nullable_type: Unhandled scalar kind: {:?} while checking {:?}",
726 unhandled, ty
727 );
728 return None;
729 }
730 })
731 }
732
733 /// Check if this enum can be safely exported based on the "nullable pointer optimization". If it
734 /// can, return the type that `ty` can be safely converted to, otherwise return `None`.
735 /// Currently restricted to function pointers, boxes, references, `core::num::NonZero*`,
736 /// `core::ptr::NonNull`, and `#[repr(transparent)]` newtypes.
737 /// FIXME: This duplicates code in codegen.
738 crate fn repr_nullable_ptr<'tcx>(
739 cx: &LateContext<'tcx>,
740 ty: Ty<'tcx>,
741 ckind: CItemKind,
742 ) -> Option<Ty<'tcx>> {
743 debug!("is_repr_nullable_ptr(cx, ty = {:?})", ty);
744 if let ty::Adt(ty_def, substs) = ty.kind() {
745 if ty_def.variants.len() != 2 {
746 return None;
747 }
748
749 let get_variant_fields = |index| &ty_def.variants[VariantIdx::new(index)].fields;
750 let variant_fields = [get_variant_fields(0), get_variant_fields(1)];
751 let fields = if variant_fields[0].is_empty() {
752 &variant_fields[1]
753 } else if variant_fields[1].is_empty() {
754 &variant_fields[0]
755 } else {
756 return None;
757 };
758
759 if fields.len() != 1 {
760 return None;
761 }
762
763 let field_ty = fields[0].ty(cx.tcx, substs);
764 if !ty_is_known_nonnull(cx, field_ty, ckind) {
765 return None;
766 }
767
768 // At this point, the field's type is known to be nonnull and the parent enum is Option-like.
769 // If the computed size for the field and the enum are different, the nonnull optimization isn't
770 // being applied (and we've got a problem somewhere).
771 let compute_size_skeleton = |t| SizeSkeleton::compute(t, cx.tcx, cx.param_env).unwrap();
772 if !compute_size_skeleton(ty).same_size(compute_size_skeleton(field_ty)) {
773 bug!("improper_ctypes: Option nonnull optimization not applied?");
774 }
775
776 // Return the nullable type this Option-like enum can be safely represented with.
777 let field_ty_abi = &cx.layout_of(field_ty).unwrap().abi;
778 if let Abi::Scalar(field_ty_scalar) = field_ty_abi {
779 match (field_ty_scalar.valid_range.start(), field_ty_scalar.valid_range.end()) {
780 (0, _) => unreachable!("Non-null optimisation extended to a non-zero value."),
781 (1, _) => {
782 return Some(get_nullable_type(cx, field_ty).unwrap());
783 }
784 (start, end) => unreachable!("Unhandled start and end range: ({}, {})", start, end),
785 };
786 }
787 }
788 None
789 }
790
791 impl<'a, 'tcx> ImproperCTypesVisitor<'a, 'tcx> {
792 /// Check if the type is array and emit an unsafe type lint.
793 fn check_for_array_ty(&mut self, sp: Span, ty: Ty<'tcx>) -> bool {
794 if let ty::Array(..) = ty.kind() {
795 self.emit_ffi_unsafe_type_lint(
796 ty,
797 sp,
798 "passing raw arrays by value is not FFI-safe",
799 Some("consider passing a pointer to the array"),
800 );
801 true
802 } else {
803 false
804 }
805 }
806
807 /// Checks if the given field's type is "ffi-safe".
808 fn check_field_type_for_ffi(
809 &self,
810 cache: &mut FxHashSet<Ty<'tcx>>,
811 field: &ty::FieldDef,
812 substs: SubstsRef<'tcx>,
813 ) -> FfiResult<'tcx> {
814 let field_ty = field.ty(self.cx.tcx, substs);
815 if field_ty.has_opaque_types() {
816 self.check_type_for_ffi(cache, field_ty)
817 } else {
818 let field_ty = self.cx.tcx.normalize_erasing_regions(self.cx.param_env, field_ty);
819 self.check_type_for_ffi(cache, field_ty)
820 }
821 }
822
823 /// Checks if the given `VariantDef`'s field types are "ffi-safe".
824 fn check_variant_for_ffi(
825 &self,
826 cache: &mut FxHashSet<Ty<'tcx>>,
827 ty: Ty<'tcx>,
828 def: &ty::AdtDef,
829 variant: &ty::VariantDef,
830 substs: SubstsRef<'tcx>,
831 ) -> FfiResult<'tcx> {
832 use FfiResult::*;
833
834 if def.repr.transparent() {
835 // Can assume that only one field is not a ZST, so only check
836 // that field's type for FFI-safety.
837 if let Some(field) = transparent_newtype_field(self.cx.tcx, variant) {
838 self.check_field_type_for_ffi(cache, field, substs)
839 } else {
840 bug!("malformed transparent type");
841 }
842 } else {
843 // We can't completely trust repr(C) markings; make sure the fields are
844 // actually safe.
845 let mut all_phantom = !variant.fields.is_empty();
846 for field in &variant.fields {
847 match self.check_field_type_for_ffi(cache, &field, substs) {
848 FfiSafe => {
849 all_phantom = false;
850 }
851 FfiPhantom(..) if def.is_enum() => {
852 return FfiUnsafe {
853 ty,
854 reason: "this enum contains a PhantomData field".into(),
855 help: None,
856 };
857 }
858 FfiPhantom(..) => {}
859 r => return r,
860 }
861 }
862
863 if all_phantom { FfiPhantom(ty) } else { FfiSafe }
864 }
865 }
866
867 /// Checks if the given type is "ffi-safe" (has a stable, well-defined
868 /// representation which can be exported to C code).
869 fn check_type_for_ffi(&self, cache: &mut FxHashSet<Ty<'tcx>>, ty: Ty<'tcx>) -> FfiResult<'tcx> {
870 use FfiResult::*;
871
872 let tcx = self.cx.tcx;
873
874 // Protect against infinite recursion, for example
875 // `struct S(*mut S);`.
876 // FIXME: A recursion limit is necessary as well, for irregular
877 // recursive types.
878 if !cache.insert(ty) {
879 return FfiSafe;
880 }
881
882 match ty.kind() {
883 ty::Adt(def, _) if def.is_box() && matches!(self.mode, CItemKind::Definition) => {
884 FfiSafe
885 }
886
887 ty::Adt(def, substs) => {
888 if def.is_phantom_data() {
889 return FfiPhantom(ty);
890 }
891 match def.adt_kind() {
892 AdtKind::Struct | AdtKind::Union => {
893 let kind = if def.is_struct() { "struct" } else { "union" };
894
895 if !def.repr.c() && !def.repr.transparent() {
896 return FfiUnsafe {
897 ty,
898 reason: format!("this {} has unspecified layout", kind),
899 help: Some(format!(
900 "consider adding a `#[repr(C)]` or \
901 `#[repr(transparent)]` attribute to this {}",
902 kind
903 )),
904 };
905 }
906
907 let is_non_exhaustive =
908 def.non_enum_variant().is_field_list_non_exhaustive();
909 if is_non_exhaustive && !def.did.is_local() {
910 return FfiUnsafe {
911 ty,
912 reason: format!("this {} is non-exhaustive", kind),
913 help: None,
914 };
915 }
916
917 if def.non_enum_variant().fields.is_empty() {
918 return FfiUnsafe {
919 ty,
920 reason: format!("this {} has no fields", kind),
921 help: Some(format!("consider adding a member to this {}", kind)),
922 };
923 }
924
925 self.check_variant_for_ffi(cache, ty, def, def.non_enum_variant(), substs)
926 }
927 AdtKind::Enum => {
928 if def.variants.is_empty() {
929 // Empty enums are okay... although sort of useless.
930 return FfiSafe;
931 }
932
933 // Check for a repr() attribute to specify the size of the
934 // discriminant.
935 if !def.repr.c() && !def.repr.transparent() && def.repr.int.is_none() {
936 // Special-case types like `Option<extern fn()>`.
937 if repr_nullable_ptr(self.cx, ty, self.mode).is_none() {
938 return FfiUnsafe {
939 ty,
940 reason: "enum has no representation hint".into(),
941 help: Some(
942 "consider adding a `#[repr(C)]`, \
943 `#[repr(transparent)]`, or integer `#[repr(...)]` \
944 attribute to this enum"
945 .into(),
946 ),
947 };
948 }
949 }
950
951 if def.is_variant_list_non_exhaustive() && !def.did.is_local() {
952 return FfiUnsafe {
953 ty,
954 reason: "this enum is non-exhaustive".into(),
955 help: None,
956 };
957 }
958
959 // Check the contained variants.
960 for variant in &def.variants {
961 let is_non_exhaustive = variant.is_field_list_non_exhaustive();
962 if is_non_exhaustive && !variant.def_id.is_local() {
963 return FfiUnsafe {
964 ty,
965 reason: "this enum has non-exhaustive variants".into(),
966 help: None,
967 };
968 }
969
970 match self.check_variant_for_ffi(cache, ty, def, variant, substs) {
971 FfiSafe => (),
972 r => return r,
973 }
974 }
975
976 FfiSafe
977 }
978 }
979 }
980
981 ty::Char => FfiUnsafe {
982 ty,
983 reason: "the `char` type has no C equivalent".into(),
984 help: Some("consider using `u32` or `libc::wchar_t` instead".into()),
985 },
986
987 ty::Int(ast::IntTy::I128) | ty::Uint(ast::UintTy::U128) => FfiUnsafe {
988 ty,
989 reason: "128-bit integers don't currently have a known stable ABI".into(),
990 help: None,
991 },
992
993 // Primitive types with a stable representation.
994 ty::Bool | ty::Int(..) | ty::Uint(..) | ty::Float(..) | ty::Never => FfiSafe,
995
996 ty::Slice(_) => FfiUnsafe {
997 ty,
998 reason: "slices have no C equivalent".into(),
999 help: Some("consider using a raw pointer instead".into()),
1000 },
1001
1002 ty::Dynamic(..) => {
1003 FfiUnsafe { ty, reason: "trait objects have no C equivalent".into(), help: None }
1004 }
1005
1006 ty::Str => FfiUnsafe {
1007 ty,
1008 reason: "string slices have no C equivalent".into(),
1009 help: Some("consider using `*const u8` and a length instead".into()),
1010 },
1011
1012 ty::Tuple(..) => FfiUnsafe {
1013 ty,
1014 reason: "tuples have unspecified layout".into(),
1015 help: Some("consider using a struct instead".into()),
1016 },
1017
1018 ty::RawPtr(ty::TypeAndMut { ty, .. }) | ty::Ref(_, ty, _)
1019 if {
1020 matches!(self.mode, CItemKind::Definition)
1021 && ty.is_sized(self.cx.tcx.at(DUMMY_SP), self.cx.param_env)
1022 } =>
1023 {
1024 FfiSafe
1025 }
1026
1027 ty::RawPtr(ty::TypeAndMut { ty, .. }) | ty::Ref(_, ty, _) => {
1028 self.check_type_for_ffi(cache, ty)
1029 }
1030
1031 ty::Array(inner_ty, _) => self.check_type_for_ffi(cache, inner_ty),
1032
1033 ty::FnPtr(sig) => {
1034 if self.is_internal_abi(sig.abi()) {
1035 return FfiUnsafe {
1036 ty,
1037 reason: "this function pointer has Rust-specific calling convention".into(),
1038 help: Some(
1039 "consider using an `extern fn(...) -> ...` \
1040 function pointer instead"
1041 .into(),
1042 ),
1043 };
1044 }
1045
1046 let sig = tcx.erase_late_bound_regions(&sig);
1047 if !sig.output().is_unit() {
1048 let r = self.check_type_for_ffi(cache, sig.output());
1049 match r {
1050 FfiSafe => {}
1051 _ => {
1052 return r;
1053 }
1054 }
1055 }
1056 for arg in sig.inputs() {
1057 let r = self.check_type_for_ffi(cache, arg);
1058 match r {
1059 FfiSafe => {}
1060 _ => {
1061 return r;
1062 }
1063 }
1064 }
1065 FfiSafe
1066 }
1067
1068 ty::Foreign(..) => FfiSafe,
1069
1070 // While opaque types are checked for earlier, if a projection in a struct field
1071 // normalizes to an opaque type, then it will reach this branch.
1072 ty::Opaque(..) => {
1073 FfiUnsafe { ty, reason: "opaque types have no C equivalent".into(), help: None }
1074 }
1075
1076 // `extern "C" fn` functions can have type parameters, which may or may not be FFI-safe,
1077 // so they are currently ignored for the purposes of this lint.
1078 ty::Param(..) | ty::Projection(..) if matches!(self.mode, CItemKind::Definition) => {
1079 FfiSafe
1080 }
1081
1082 ty::Param(..)
1083 | ty::Projection(..)
1084 | ty::Infer(..)
1085 | ty::Bound(..)
1086 | ty::Error(_)
1087 | ty::Closure(..)
1088 | ty::Generator(..)
1089 | ty::GeneratorWitness(..)
1090 | ty::Placeholder(..)
1091 | ty::FnDef(..) => bug!("unexpected type in foreign function: {:?}", ty),
1092 }
1093 }
1094
1095 fn emit_ffi_unsafe_type_lint(
1096 &mut self,
1097 ty: Ty<'tcx>,
1098 sp: Span,
1099 note: &str,
1100 help: Option<&str>,
1101 ) {
1102 let lint = match self.mode {
1103 CItemKind::Declaration => IMPROPER_CTYPES,
1104 CItemKind::Definition => IMPROPER_CTYPES_DEFINITIONS,
1105 };
1106
1107 self.cx.struct_span_lint(lint, sp, |lint| {
1108 let item_description = match self.mode {
1109 CItemKind::Declaration => "block",
1110 CItemKind::Definition => "fn",
1111 };
1112 let mut diag = lint.build(&format!(
1113 "`extern` {} uses type `{}`, which is not FFI-safe",
1114 item_description, ty
1115 ));
1116 diag.span_label(sp, "not FFI-safe");
1117 if let Some(help) = help {
1118 diag.help(help);
1119 }
1120 diag.note(note);
1121 if let ty::Adt(def, _) = ty.kind() {
1122 if let Some(sp) = self.cx.tcx.hir().span_if_local(def.did) {
1123 diag.span_note(sp, "the type is defined here");
1124 }
1125 }
1126 diag.emit();
1127 });
1128 }
1129
1130 fn check_for_opaque_ty(&mut self, sp: Span, ty: Ty<'tcx>) -> bool {
1131 struct ProhibitOpaqueTypes<'a, 'tcx> {
1132 cx: &'a LateContext<'tcx>,
1133 ty: Option<Ty<'tcx>>,
1134 };
1135
1136 impl<'a, 'tcx> ty::fold::TypeVisitor<'tcx> for ProhibitOpaqueTypes<'a, 'tcx> {
1137 fn visit_ty(&mut self, ty: Ty<'tcx>) -> bool {
1138 match ty.kind() {
1139 ty::Opaque(..) => {
1140 self.ty = Some(ty);
1141 true
1142 }
1143 // Consider opaque types within projections FFI-safe if they do not normalize
1144 // to more opaque types.
1145 ty::Projection(..) => {
1146 let ty = self.cx.tcx.normalize_erasing_regions(self.cx.param_env, ty);
1147
1148 // If `ty` is a opaque type directly then `super_visit_with` won't invoke
1149 // this function again.
1150 if ty.has_opaque_types() { self.visit_ty(ty) } else { false }
1151 }
1152 _ => ty.super_visit_with(self),
1153 }
1154 }
1155 }
1156
1157 let mut visitor = ProhibitOpaqueTypes { cx: self.cx, ty: None };
1158 ty.visit_with(&mut visitor);
1159 if let Some(ty) = visitor.ty {
1160 self.emit_ffi_unsafe_type_lint(ty, sp, "opaque types have no C equivalent", None);
1161 true
1162 } else {
1163 false
1164 }
1165 }
1166
1167 fn check_type_for_ffi_and_report_errors(
1168 &mut self,
1169 sp: Span,
1170 ty: Ty<'tcx>,
1171 is_static: bool,
1172 is_return_type: bool,
1173 ) {
1174 // We have to check for opaque types before `normalize_erasing_regions`,
1175 // which will replace opaque types with their underlying concrete type.
1176 if self.check_for_opaque_ty(sp, ty) {
1177 // We've already emitted an error due to an opaque type.
1178 return;
1179 }
1180
1181 // it is only OK to use this function because extern fns cannot have
1182 // any generic types right now:
1183 let ty = self.cx.tcx.normalize_erasing_regions(self.cx.param_env, ty);
1184
1185 // C doesn't really support passing arrays by value - the only way to pass an array by value
1186 // is through a struct. So, first test that the top level isn't an array, and then
1187 // recursively check the types inside.
1188 if !is_static && self.check_for_array_ty(sp, ty) {
1189 return;
1190 }
1191
1192 // Don't report FFI errors for unit return types. This check exists here, and not in
1193 // `check_foreign_fn` (where it would make more sense) so that normalization has definitely
1194 // happened.
1195 if is_return_type && ty.is_unit() {
1196 return;
1197 }
1198
1199 match self.check_type_for_ffi(&mut FxHashSet::default(), ty) {
1200 FfiResult::FfiSafe => {}
1201 FfiResult::FfiPhantom(ty) => {
1202 self.emit_ffi_unsafe_type_lint(ty, sp, "composed only of `PhantomData`", None);
1203 }
1204 // If `ty` is a `repr(transparent)` newtype, and the non-zero-sized type is a generic
1205 // argument, which after substitution, is `()`, then this branch can be hit.
1206 FfiResult::FfiUnsafe { ty, .. } if is_return_type && ty.is_unit() => {}
1207 FfiResult::FfiUnsafe { ty, reason, help } => {
1208 self.emit_ffi_unsafe_type_lint(ty, sp, &reason, help.as_deref());
1209 }
1210 }
1211 }
1212
1213 fn check_foreign_fn(&mut self, id: hir::HirId, decl: &hir::FnDecl<'_>) {
1214 let def_id = self.cx.tcx.hir().local_def_id(id);
1215 let sig = self.cx.tcx.fn_sig(def_id);
1216 let sig = self.cx.tcx.erase_late_bound_regions(&sig);
1217
1218 for (input_ty, input_hir) in sig.inputs().iter().zip(decl.inputs) {
1219 self.check_type_for_ffi_and_report_errors(input_hir.span, input_ty, false, false);
1220 }
1221
1222 if let hir::FnRetTy::Return(ref ret_hir) = decl.output {
1223 let ret_ty = sig.output();
1224 self.check_type_for_ffi_and_report_errors(ret_hir.span, ret_ty, false, true);
1225 }
1226 }
1227
1228 fn check_foreign_static(&mut self, id: hir::HirId, span: Span) {
1229 let def_id = self.cx.tcx.hir().local_def_id(id);
1230 let ty = self.cx.tcx.type_of(def_id);
1231 self.check_type_for_ffi_and_report_errors(span, ty, true, false);
1232 }
1233
1234 fn is_internal_abi(&self, abi: SpecAbi) -> bool {
1235 if let SpecAbi::Rust
1236 | SpecAbi::RustCall
1237 | SpecAbi::RustIntrinsic
1238 | SpecAbi::PlatformIntrinsic = abi
1239 {
1240 true
1241 } else {
1242 false
1243 }
1244 }
1245 }
1246
1247 impl<'tcx> LateLintPass<'tcx> for ImproperCTypesDeclarations {
1248 fn check_foreign_item(&mut self, cx: &LateContext<'_>, it: &hir::ForeignItem<'_>) {
1249 let mut vis = ImproperCTypesVisitor { cx, mode: CItemKind::Declaration };
1250 let abi = cx.tcx.hir().get_foreign_abi(it.hir_id);
1251
1252 if !vis.is_internal_abi(abi) {
1253 match it.kind {
1254 hir::ForeignItemKind::Fn(ref decl, _, _) => {
1255 vis.check_foreign_fn(it.hir_id, decl);
1256 }
1257 hir::ForeignItemKind::Static(ref ty, _) => {
1258 vis.check_foreign_static(it.hir_id, ty.span);
1259 }
1260 hir::ForeignItemKind::Type => (),
1261 }
1262 }
1263 }
1264 }
1265
1266 impl<'tcx> LateLintPass<'tcx> for ImproperCTypesDefinitions {
1267 fn check_fn(
1268 &mut self,
1269 cx: &LateContext<'tcx>,
1270 kind: hir::intravisit::FnKind<'tcx>,
1271 decl: &'tcx hir::FnDecl<'_>,
1272 _: &'tcx hir::Body<'_>,
1273 _: Span,
1274 hir_id: hir::HirId,
1275 ) {
1276 use hir::intravisit::FnKind;
1277
1278 let abi = match kind {
1279 FnKind::ItemFn(_, _, header, ..) => header.abi,
1280 FnKind::Method(_, sig, ..) => sig.header.abi,
1281 _ => return,
1282 };
1283
1284 let mut vis = ImproperCTypesVisitor { cx, mode: CItemKind::Definition };
1285 if !vis.is_internal_abi(abi) {
1286 vis.check_foreign_fn(hir_id, decl);
1287 }
1288 }
1289 }
1290
1291 declare_lint_pass!(VariantSizeDifferences => [VARIANT_SIZE_DIFFERENCES]);
1292
1293 impl<'tcx> LateLintPass<'tcx> for VariantSizeDifferences {
1294 fn check_item(&mut self, cx: &LateContext<'_>, it: &hir::Item<'_>) {
1295 if let hir::ItemKind::Enum(ref enum_definition, _) = it.kind {
1296 let item_def_id = cx.tcx.hir().local_def_id(it.hir_id);
1297 let t = cx.tcx.type_of(item_def_id);
1298 let ty = cx.tcx.erase_regions(&t);
1299 let layout = match cx.layout_of(ty) {
1300 Ok(layout) => layout,
1301 Err(
1302 ty::layout::LayoutError::Unknown(_) | ty::layout::LayoutError::SizeOverflow(_),
1303 ) => return,
1304 };
1305 let (variants, tag) = match layout.variants {
1306 Variants::Multiple {
1307 tag_encoding: TagEncoding::Direct,
1308 ref tag,
1309 ref variants,
1310 ..
1311 } => (variants, tag),
1312 _ => return,
1313 };
1314
1315 let tag_size = tag.value.size(&cx.tcx).bytes();
1316
1317 debug!(
1318 "enum `{}` is {} bytes large with layout:\n{:#?}",
1319 t,
1320 layout.size.bytes(),
1321 layout
1322 );
1323
1324 let (largest, slargest, largest_index) = enum_definition
1325 .variants
1326 .iter()
1327 .zip(variants)
1328 .map(|(variant, variant_layout)| {
1329 // Subtract the size of the enum tag.
1330 let bytes = variant_layout.size.bytes().saturating_sub(tag_size);
1331
1332 debug!("- variant `{}` is {} bytes large", variant.ident, bytes);
1333 bytes
1334 })
1335 .enumerate()
1336 .fold((0, 0, 0), |(l, s, li), (idx, size)| {
1337 if size > l {
1338 (size, l, idx)
1339 } else if size > s {
1340 (l, size, li)
1341 } else {
1342 (l, s, li)
1343 }
1344 });
1345
1346 // We only warn if the largest variant is at least thrice as large as
1347 // the second-largest.
1348 if largest > slargest * 3 && slargest > 0 {
1349 cx.struct_span_lint(
1350 VARIANT_SIZE_DIFFERENCES,
1351 enum_definition.variants[largest_index].span,
1352 |lint| {
1353 lint.build(&format!(
1354 "enum variant is more than three times \
1355 larger ({} bytes) than the next largest",
1356 largest
1357 ))
1358 .emit()
1359 },
1360 );
1361 }
1362 }
1363 }
1364 }
backport for Debian buster