ctest: add tests for field size, offset, and field ptr #4561
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…es, and signededness of aliases.
tgross35
requested changes
Jul 23, 2025
ctest-next/src/template.rs
Outdated
Comment on lines
377
to
394
| #[derive(Clone, Debug)] | ||
| pub(crate) struct TestFieldPtr { | ||
| pub test_name: BoxStr, | ||
| pub id: BoxStr, | ||
| pub field: Field, | ||
| pub c_field: BoxStr, | ||
| pub volatile_keyword: BoxStr, | ||
| pub c_signature: BoxStr, | ||
| } | ||
|
|
||
| #[derive(Clone, Debug)] | ||
| pub(crate) struct TestFieldSizeOffset { | ||
| pub test_name: BoxStr, | ||
| pub id: BoxStr, | ||
| pub field: Field, | ||
| pub c_field: BoxStr, | ||
| pub c_ty: BoxStr, | ||
| } |
There was a problem hiding this comment.
Nit, I think these should go after TestConst since they're used later in the templates. Same for the new field_* functions.
ctest-next/templates/test.c
Outdated
| {{ item.volatile_keyword }}{{ item.c_signature }} { | ||
| return &b->{{ item.c_field }}; | ||
| } | ||
| {%- endfor +%} |
ctest-next/templates/test.c
Outdated
Comment on lines
76
to
77
| // The name of the function remains `ctest_field_ptr__{{ item.id }}__{{ item.field.ident() }}` | ||
| {{ item.volatile_keyword }}{{ item.c_signature }} { |
There was a problem hiding this comment.
Can the args and return type be split to separate fields so this is directly visible rather than a comment? So
{{ item.volatile_keyword }} {{ item.c_ret_ty }} ctest_field_ptr__{{ item.id }}__{{ item.field.ident() }}({{ item.c_args }})There was a problem hiding this comment.
Oh, I see the problem, function pointer syntax is horrid.
I'd suggest eliminating this with a typedef when you're dealing with function pointers:
typedef ret_ty (*some_name)(argty1, argty2);
some_name ctest_field_ptr__{{ item.id }}__{{ item.field.ident() }}(...) { /* ... */ }some_name can be something like ctest_field_ty__{{ item.id }}__{{ item.field.ident() }}
ctest-next/templates/test.rs
Outdated
| check_same(field_ptr as *mut _, | ||
| ctest_field_ptr__{{ item.id }}__{{ item.field.ident() }}(ty_ptr), | ||
| "field type {{ item.field.ident() }} of {{ item.id }}"); | ||
| } |
There was a problem hiding this comment.
This block can be split a bit so we can see what unsafe is handling. Something like:
let field_ptr = &raw const ((*ty_ptr).{{ item.field.ident() }})should get its ownunsafeblock that says it doesn't actually readty_ptr(AIUI requiringunsafefor this op is a limitation of theunsafecheck, can't cause UB)- Getting the size and offset from C should each get their own
unsafeblock assigned to a variable - The
read_unalignedfunction should get its own block - The rest should be able to exist outside of
unsafe
ctest-next/templates/test.rs
Outdated
| fn ctest_field_ptr__{{ item.id }}__{{ item.field.ident() }}(a: *const {{ item.id }}) -> *mut u8; | ||
| } | ||
|
|
||
| unsafe { |
There was a problem hiding this comment.
Similar to the above, everything except let field_ptr = ... and let c_field_ptr = ctest_field_ptr__...(...) doesn't need to be in unsafe
tgross35
reviewed
Jul 24, 2025
ctest-next/templates/test.rs
Outdated
Comment on lines
16
to
17
| #[expect(unused_imports)] | ||
| use std::mem::{MaybeUninit, offset_of}; |
There was a problem hiding this comment.
Shouldn't this be allow rather than expect? Because when there are field tests, it's not actually unused.
tgross35
reviewed
Jul 24, 2025
ctest-next/src/template.rs
Outdated
Comment on lines
198
to
239
| for struct_ in helper.ffi_items.structs() { | ||
| for field in &struct_.fields { | ||
| let should_skip_field_tests = helper | ||
| .generator | ||
| .skips | ||
| .iter() | ||
| .any(|f| f(&MapInput::StructField(struct_, field))); | ||
|
|
||
| if should_skip_field_tests { | ||
| continue; | ||
| } | ||
|
|
||
| let item = TestFieldSizeOffset { | ||
| test_name: field_size_offset_test_ident(struct_.ident(), field.ident()), | ||
| id: struct_.ident().into(), | ||
| c_ty: helper.c_type(struct_)?.into(), | ||
| field: field.clone(), | ||
| c_field: helper | ||
| .c_ident(MapInput::StructField(struct_, field)) | ||
| .into_boxed_str(), | ||
| }; | ||
| self.field_size_offset_tests.push(item.clone()); | ||
| self.test_idents.push(item.test_name); | ||
| } | ||
| } | ||
|
|
||
| for union_ in helper.ffi_items.unions() { | ||
| for field in &union_.fields { | ||
| let should_skip_field_tests = helper | ||
| .generator | ||
| .skips | ||
| .iter() | ||
| .any(|f| f(&MapInput::UnionField(union_, field))); | ||
|
|
||
| if should_skip_field_tests { | ||
| continue; | ||
| } | ||
|
|
||
| let item = TestFieldSizeOffset { | ||
| test_name: field_size_offset_test_ident(union_.ident(), field.ident()), | ||
| id: union_.ident().into(), | ||
| c_ty: helper.c_type(union_)?.into(), | ||
| field: field.clone(), | ||
| c_field: helper | ||
| .c_ident(MapInput::UnionField(union_, field)) | ||
| .into_boxed_str(), | ||
| }; | ||
| self.field_size_offset_tests.push(item.clone()); | ||
| self.test_idents.push(item.test_name); | ||
| } | ||
| } |
There was a problem hiding this comment.
Since structs and unions use the same field types, I think this could be collapsed to a single iterator. Something like:
let should_skip = |map_input| helper
.generator
.skips
.iter()
.any(|f| f(map_input));
let struct_fields = helper.ffi_items.structs().iter()
.flat_map(|st| st.fields().map(|field| (st, field))
.filter(|(st, field)| should_skip(&MapInput::StructField(st, field))
.map(|(st, field)| field);
let union_fields = helper.ffi_items.unions().iter()
.flat_map(|un| un.fields().map(|field| (un, field))
.filter(|(un, field)| should_skip(&MapInput::UnionField(un, field))
.map(|(un, field)| field);
for field in struct_fields.chain(union_fields) {
// ...
}Something similar for populate_field_ptr_tests
ctest-next/templates/test.rs
Outdated
Comment on lines
156
to
167
| let ty_ptr = unsafe { &raw const (*uninit_ty).{{ item.field.ident() }} }; | ||
| let val = unsafe { ty_ptr.read_unaligned() }; | ||
|
|
||
| let ctest_field_offset = unsafe { ctest_offset_of__{{ item.id }}__{{ item.field.ident() }}() }; | ||
| check_same(offset_of!({{ item.id }}, {{ item.field.ident() }}) as u64, ctest_field_offset, | ||
| "field offset {{ item.field.ident() }} of {{ item.id }}"); | ||
|
|
||
| let ctest_field_size = unsafe { ctest_size_of__{{ item.id }}__{{ item.field.ident() }}() }; |
There was a problem hiding this comment.
Safety comments
Suggested change
| let ty_ptr = unsafe { &raw const (*uninit_ty).{{ item.field.ident() }} }; | |
| let val = unsafe { ty_ptr.read_unaligned() }; | |
| let ctest_field_offset = unsafe { ctest_offset_of__{{ item.id }}__{{ item.field.ident() }}() }; | |
| check_same(offset_of!({{ item.id }}, {{ item.field.ident() }}) as u64, ctest_field_offset, | |
| "field offset {{ item.field.ident() }} of {{ item.id }}"); | |
| let ctest_field_size = unsafe { ctest_size_of__{{ item.id }}__{{ item.field.ident() }}() }; | |
| // SAFETY: we assume the field access doesn't wrap | |
| let ty_ptr = unsafe { &raw const (*uninit_ty).{{ item.field.ident() }} }; | |
| // SAFETY: we assume that all zeros is a valid bitpattern for `ty_ptr`, otherwise the | |
| // test should be skipped. | |
| let val = unsafe { ty_ptr.read_unaligned() }; | |
| // SAFETY: FFI call with no preconditions | |
| let ctest_field_offset = unsafe { ctest_offset_of__{{ item.id }}__{{ item.field.ident() }}() }; | |
| check_same(offset_of!({{ item.id }}, {{ item.field.ident() }}) as u64, ctest_field_offset, | |
| "field offset {{ item.field.ident() }} of {{ item.id }}"); | |
| // SAFETY: FFI call with no preconditions | |
| let ctest_field_size = unsafe { ctest_size_of__{{ item.id }}__{{ item.field.ident() }}() }; |
|
It's fine to review the field ptr checks now, splitting it would be harder. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Adds tests for checking if the size and offset of a field is the same in Rust and C, as well as the pointer to that field.
Sources
Checklist
libc-test/semverhave been updated*LASTor*MAXareincluded (see #3131)
cd libc-test && cargo test --target mytarget);especially relevant for platforms that may not be checked in CI