1 // Copyright 2012-2014 The Rust Project Developers. See the COPYRIGHT
2 // file at the top-level directory of this distribution and at
3 // http://rust-lang.org/COPYRIGHT.
5 // Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
6 // http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
7 // <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your
8 // option. This file may not be copied, modified, or distributed
9 // except according to those terms.
11 //! Calculation and management of a Strict Version Hash for crates
13 //! # Today's ABI problem
15 //! In today's implementation of rustc, it is incredibly difficult to achieve
16 //! forward binary compatibility without resorting to C-like interfaces. Within
17 //! rust code itself, abi details such as symbol names suffer from a variety of
18 //! unrelated factors to code changing such as the "def id drift" problem. This
19 //! ends up yielding confusing error messages about metadata mismatches and
22 //! The core of this problem is when an upstream dependency changes and
23 //! downstream dependents are not recompiled. This causes compile errors because
24 //! the upstream crate's metadata has changed but the downstream crates are
25 //! still referencing the older crate's metadata.
27 //! This problem exists for many reasons, the primary of which is that rust does
28 //! not currently support forwards ABI compatibility (in place upgrades of a
31 //! # SVH and how it alleviates the problem
33 //! With all of this knowledge on hand, this module contains the implementation
34 //! of a notion of a "Strict Version Hash" for a crate. This is essentially a
35 //! hash of all contents of a crate which can somehow be exposed to downstream
38 //! This hash is currently calculated by just hashing the AST, but this is
39 //! obviously wrong (doc changes should not result in an incompatible ABI).
40 //! Implementation-wise, this is required at this moment in time.
42 //! By encoding this strict version hash into all crate's metadata, stale crates
43 //! can be detected immediately and error'd about by rustc itself.
47 //! Original issue: https://github.com/rust-lang/rust/issues/10207
50 use std::hash::{Hash, SipHasher, Hasher};
52 use rustc_front::visit;
54 #[derive(Clone, PartialEq, Debug)]
60 pub fn new(hash: &str) -> Svh {
61 assert!(hash.len() == 16);
62 Svh { hash: hash.to_string() }
65 pub fn as_str<'a>(&'a self) -> &'a str {
69 pub fn calculate(metadata: &Vec<String>, krate: &hir::Crate) -> Svh {
70 // FIXME (#14132): This is better than it used to be, but it still not
71 // ideal. We now attempt to hash only the relevant portions of the
72 // Crate AST as well as the top-level crate attributes. (However,
73 // the hashing of the crate attributes should be double-checked
74 // to ensure it is not incorporating implementation artifacts into
75 // the hash that are not otherwise visible.)
77 // FIXME: this should use SHA1, not SipHash. SipHash is not built to
79 let mut state = SipHasher::new();
81 for data in metadata {
82 data.hash(&mut state);
86 let mut visit = svh_visitor::make(&mut state);
87 visit::walk_crate(&mut visit, krate);
90 // FIXME (#14132): This hash is still sensitive to e.g. the
91 // spans of the crate Attributes and their underlying
92 // MetaItems; we should make ContentHashable impl for those
93 // types and then use hash_content. But, since all crate
94 // attributes should appear near beginning of the file, it is
95 // not such a big deal to be sensitive to their spans for now.
97 // We hash only the MetaItems instead of the entire Attribute
98 // to avoid hashing the AttrId
99 for attr in &krate.attrs {
100 attr.node.value.hash(&mut state);
103 let hash = state.finish();
105 hash: (0..64).step_by(4).map(|i| hex(hash >> i)).collect()
108 fn hex(b: u64) -> char {
109 let b = (b & 0xf) as u8;
111 0 ... 9 => '0' as u8 + b,
112 _ => 'a' as u8 + b - 10,
119 impl fmt::Display for Svh {
120 fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
125 // FIXME (#14132): Even this SVH computation still has implementation
126 // artifacts: namely, the order of item declaration will affect the
127 // hash computation, but for many kinds of items the order of
128 // declaration should be irrelevant to the ABI.
131 pub use self::SawExprComponent::*;
132 pub use self::SawStmtComponent::*;
133 use self::SawAbiComponent::*;
134 use syntax::ast::{self, NodeId, Ident};
135 use syntax::codemap::Span;
136 use syntax::parse::token;
137 use rustc_front::visit;
138 use rustc_front::visit::{Visitor, FnKind};
139 use rustc_front::hir::*;
140 use rustc_front::hir;
142 use std::hash::{Hash, SipHasher};
144 pub struct StrictVersionHashVisitor<'a> {
145 pub st: &'a mut SipHasher,
148 pub fn make<'a>(st: &'a mut SipHasher) -> StrictVersionHashVisitor<'a> {
149 StrictVersionHashVisitor { st: st }
152 // To off-load the bulk of the hash-computation on #[derive(Hash)],
153 // we define a set of enums corresponding to the content that our
154 // crate visitor will encounter as it traverses the ast.
156 // The important invariant is that all of the Saw*Component enums
157 // do not carry any Spans, Names, or Idents.
159 // Not carrying any Names/Idents is the important fix for problem
160 // noted on PR #13948: using the ident.name as the basis for a
161 // hash leads to unstable SVH, because ident.name is just an index
162 // into intern table (i.e. essentially a random address), not
163 // computed from the name content.
165 // With the below enums, the SVH computation is not sensitive to
166 // artifacts of how rustc was invoked nor of how the source code
167 // was laid out. (Or at least it is *less* sensitive.)
169 // This enum represents the different potential bits of code the
170 // visitor could encounter that could affect the ABI for the crate,
171 // and assigns each a distinct tag to feed into the hash computation.
173 enum SawAbiComponent<'a> {
175 // FIXME (#14132): should we include (some function of)
176 // ident.ctxt as well?
177 SawIdent(token::InternedString),
178 SawStructDef(token::InternedString),
180 SawLifetimeRef(token::InternedString),
181 SawLifetimeDef(token::InternedString),
201 SawExpr(SawExprComponent<'a>),
202 SawStmt(SawStmtComponent),
205 /// SawExprComponent carries all of the information that we want
206 /// to include in the hash that *won't* be covered by the
207 /// subsequent recursive traversal of the expression's
208 /// substructure by the visitor.
210 /// We know every Expr_ variant is covered by a variant because
211 /// `fn saw_expr` maps each to some case below. Ensuring that
212 /// each variant carries an appropriate payload has to be verified
215 /// (However, getting that *exactly* right is not so important
216 /// because the SVH is just a developer convenience; there is no
217 /// guarantee of collision-freedom, hash collisions are just
218 /// (hopefully) unlikely.)
220 pub enum SawExprComponent<'a> {
222 SawExprLoop(Option<token::InternedString>),
223 SawExprField(token::InternedString),
224 SawExprTupField(usize),
225 SawExprBreak(Option<token::InternedString>),
226 SawExprAgain(Option<token::InternedString>),
233 SawExprBinary(hir::BinOp_),
234 SawExprUnary(hir::UnOp),
235 SawExprLit(hir::Lit_),
243 SawExprAssignOp(hir::BinOp_),
246 SawExprPath(Option<usize>),
247 SawExprAddrOf(hir::Mutability),
249 SawExprInlineAsm(&'a hir::InlineAsm),
255 fn saw_expr<'a>(node: &'a Expr_) -> SawExprComponent<'a> {
257 ExprBox(..) => SawExprBox,
258 ExprVec(..) => SawExprVec,
259 ExprCall(..) => SawExprCall,
260 ExprMethodCall(..) => SawExprMethodCall,
261 ExprTup(..) => SawExprTup,
262 ExprBinary(op, _, _) => SawExprBinary(op.node),
263 ExprUnary(op, _) => SawExprUnary(op),
264 ExprLit(ref lit) => SawExprLit(lit.node.clone()),
265 ExprCast(..) => SawExprCast,
266 ExprIf(..) => SawExprIf,
267 ExprWhile(..) => SawExprWhile,
268 ExprLoop(_, id) => SawExprLoop(id.map(|id| id.name.as_str())),
269 ExprMatch(..) => SawExprMatch,
270 ExprClosure(..) => SawExprClosure,
271 ExprBlock(..) => SawExprBlock,
272 ExprAssign(..) => SawExprAssign,
273 ExprAssignOp(op, _, _) => SawExprAssignOp(op.node),
274 ExprField(_, id) => SawExprField(id.node.name.as_str()),
275 ExprTupField(_, id) => SawExprTupField(id.node),
276 ExprIndex(..) => SawExprIndex,
277 ExprRange(..) => SawExprRange,
278 ExprPath(ref qself, _) => SawExprPath(qself.as_ref().map(|q| q.position)),
279 ExprAddrOf(m, _) => SawExprAddrOf(m),
280 ExprBreak(id) => SawExprBreak(id.map(|id| id.node.name.as_str())),
281 ExprAgain(id) => SawExprAgain(id.map(|id| id.node.name.as_str())),
282 ExprRet(..) => SawExprRet,
283 ExprInlineAsm(ref asm) => SawExprInlineAsm(asm),
284 ExprStruct(..) => SawExprStruct,
285 ExprRepeat(..) => SawExprRepeat,
286 ExprParen(..) => SawExprParen,
290 /// SawStmtComponent is analogous to SawExprComponent, but for statements.
292 pub enum SawStmtComponent {
298 fn saw_stmt(node: &Stmt_) -> SawStmtComponent {
300 StmtDecl(..) => SawStmtDecl,
301 StmtExpr(..) => SawStmtExpr,
302 StmtSemi(..) => SawStmtSemi,
306 impl<'a, 'v> Visitor<'v> for StrictVersionHashVisitor<'a> {
307 fn visit_struct_def(&mut self, s: &StructDef, ident: Ident,
308 g: &Generics, _: NodeId) {
309 SawStructDef(ident.name.as_str()).hash(self.st);
310 visit::walk_generics(self, g);
311 visit::walk_struct_def(self, s)
314 fn visit_variant(&mut self, v: &Variant, g: &Generics) {
315 SawVariant.hash(self.st);
316 // walk_variant does not call walk_generics, so do it here.
317 visit::walk_generics(self, g);
318 visit::walk_variant(self, v, g)
321 fn visit_opt_lifetime_ref(&mut self, _: Span, l: &Option<Lifetime>) {
322 SawOptLifetimeRef.hash(self.st);
323 // (This is a strange method in the visitor trait, in that
324 // it does not expose a walk function to do the subroutine
327 Some(ref l) => self.visit_lifetime_ref(l),
332 // All of the remaining methods just record (in the hash
333 // SipHasher) that the visitor saw that particular variant
334 // (with its payload), and continue walking as the default
337 // Some of the implementations have some notes as to how one
338 // might try to make their SVH computation less discerning
339 // (e.g. by incorporating reachability analysis). But
340 // currently all of their implementations are uniform and
343 // (If you edit a method such that it deviates from the
344 // pattern, please move that method up above this comment.)
346 fn visit_ident(&mut self, _: Span, ident: Ident) {
347 SawIdent(ident.name.as_str()).hash(self.st);
350 fn visit_lifetime_ref(&mut self, l: &Lifetime) {
351 SawLifetimeRef(l.name.as_str()).hash(self.st);
354 fn visit_lifetime_def(&mut self, l: &LifetimeDef) {
355 SawLifetimeDef(l.lifetime.name.as_str()).hash(self.st);
358 // We do recursively walk the bodies of functions/methods
359 // (rather than omitting their bodies from the hash) since
360 // monomorphization and cross-crate inlining generally implies
361 // that a change to a crate body will require downstream
362 // crates to be recompiled.
363 fn visit_expr(&mut self, ex: &Expr) {
364 SawExpr(saw_expr(&ex.node)).hash(self.st); visit::walk_expr(self, ex)
367 fn visit_stmt(&mut self, s: &Stmt) {
368 SawStmt(saw_stmt(&s.node)).hash(self.st); visit::walk_stmt(self, s)
371 fn visit_foreign_item(&mut self, i: &ForeignItem) {
372 // FIXME (#14132) ideally we would incorporate privacy (or
373 // perhaps reachability) somewhere here, so foreign items
374 // that do not leak into downstream crates would not be
376 SawForeignItem.hash(self.st); visit::walk_foreign_item(self, i)
379 fn visit_item(&mut self, i: &Item) {
380 // FIXME (#14132) ideally would incorporate reachability
381 // analysis somewhere here, so items that never leak into
382 // downstream crates (e.g. via monomorphisation or
383 // inlining) would not be part of the ABI.
384 SawItem.hash(self.st); visit::walk_item(self, i)
387 fn visit_mod(&mut self, m: &Mod, _s: Span, _n: NodeId) {
388 SawMod.hash(self.st); visit::walk_mod(self, m)
391 fn visit_decl(&mut self, d: &Decl) {
392 SawDecl.hash(self.st); visit::walk_decl(self, d)
395 fn visit_ty(&mut self, t: &Ty) {
396 SawTy.hash(self.st); visit::walk_ty(self, t)
399 fn visit_generics(&mut self, g: &Generics) {
400 SawGenerics.hash(self.st); visit::walk_generics(self, g)
403 fn visit_fn(&mut self, fk: FnKind<'v>, fd: &'v FnDecl,
404 b: &'v Block, s: Span, _: NodeId) {
405 SawFn.hash(self.st); visit::walk_fn(self, fk, fd, b, s)
408 fn visit_trait_item(&mut self, ti: &TraitItem) {
409 SawTraitItem.hash(self.st); visit::walk_trait_item(self, ti)
412 fn visit_impl_item(&mut self, ii: &ImplItem) {
413 SawImplItem.hash(self.st); visit::walk_impl_item(self, ii)
416 fn visit_struct_field(&mut self, s: &StructField) {
417 SawStructField.hash(self.st); visit::walk_struct_field(self, s)
420 fn visit_explicit_self(&mut self, es: &ExplicitSelf) {
421 SawExplicitSelf.hash(self.st); visit::walk_explicit_self(self, es)
424 fn visit_path(&mut self, path: &Path, _: ast::NodeId) {
425 SawPath.hash(self.st); visit::walk_path(self, path)
428 fn visit_block(&mut self, b: &Block) {
429 SawBlock.hash(self.st); visit::walk_block(self, b)
432 fn visit_pat(&mut self, p: &Pat) {
433 SawPat.hash(self.st); visit::walk_pat(self, p)
436 fn visit_local(&mut self, l: &Local) {
437 SawLocal.hash(self.st); visit::walk_local(self, l)
440 fn visit_arm(&mut self, a: &Arm) {
441 SawArm.hash(self.st); visit::walk_arm(self, a)
projects / rust.git / blob