Fix normalization overflow ICEs in monomorphization

[adwinwhite]

Fixes #92004
Fixes #92470
Fixes #95134
Fixes #105275
Fixes #105937
Fixes #117696-2
Fixes #118590
Fixes #122823
Fixes #131342
Fixes #139659

Analysis:

The causes of these issues are similar. They contain generic recursive functions that can be instantiated with different args infinitely at monomorphization stage.
Ideally this should be caught by the check_recursion_limit function. The reality is that normalization can reach recursion limit earlier than monomorphization's check because they calculate depths in different ways.
Since normalization is called everywhere, ICEs appear in different locations.

Fix:

If we abort on overflow with TypingMode::PostAnalysis in the trait solver, it would also catch these errors.
The main challenge is providing good diagnostics for them. So it's quite natural to put the check right before these normalization happening.
I first tried to check the whole MIR body's normalization and references_error. (As elaborate_drop handles normalization failure by returning ty::Error.)
It turns out that checking all Locals seems sufficient.
These types are gonna be normalized anyway. So with cache, these checks shouldn't be expensive.

This fixes these ICEs for both the next and old solver, though I'm not sure the change I made to the old solver is proper. Its overflow handling looks convoluted thus I didn't try to fix it more "upstream".

[jieyouxu]

@bors try @rust-timer queue

[rust-bors]

☀️ Try build successful (CI)
Build commit: fb35892 (fb35892cd06f475414cd254159fed42f93083db6, parent: 05abce5d058db0de3abd10f32f1a442d0f699b30)

[rust-timer]

Finished benchmarking commit (fb35892): comparison URL.

Overall result: ❌✅ regressions and improvements - please read the text below

Benchmarking this pull request means it may be perf-sensitive – we'll automatically label it not fit for rolling up. You can override this, but we strongly advise not to, due to possible changes in compiler perf.

Next Steps: If you can justify the regressions found in this try perf run, please do so in sufficient writing along with @rustbot label: +perf-regression-triaged. If not, please fix the regressions and do another perf run. If its results are neutral or positive, the label will be automatically removed.

@bors rollup=never
@rustbot label: -S-waiting-on-perf +perf-regression

Instruction count

Our most reliable metric. Used to determine the overall result above. However, even this metric can be noisy.

	mean	range	count
Regressions ❌ (primary)	5.9%	[0.3%, 45.5%]	63
Regressions ❌ (secondary)	8.7%	[0.1%, 53.7%]	32
Improvements ✅ (primary)	-0.2%	[-0.3%, -0.1%]	21
Improvements ✅ (secondary)	-1.0%	[-2.9%, -0.1%]	28
All ❌✅ (primary)	4.4%	[-0.3%, 45.5%]	84

Max RSS (memory usage)

Results (primary 9.4%, secondary 6.5%)

A less reliable metric. May be of interest, but not used to determine the overall result above.

	mean	range	count
Regressions ❌ (primary)	9.4%	[1.2%, 31.2%]	57
Regressions ❌ (secondary)	6.5%	[1.4%, 19.0%]	31
Improvements ✅ (primary)	-	-	0
Improvements ✅ (secondary)	-	-	0
All ❌✅ (primary)	9.4%	[1.2%, 31.2%]	57

Cycles

Results (primary 11.3%, secondary 16.9%)

A less reliable metric. May be of interest, but not used to determine the overall result above.

	mean	range	count
Regressions ❌ (primary)	11.3%	[1.7%, 51.8%]	44
Regressions ❌ (secondary)	19.5%	[2.5%, 64.2%]	15
Improvements ✅ (primary)	-	-	0
Improvements ✅ (secondary)	-2.8%	[-3.1%, -2.5%]	2
All ❌✅ (primary)	11.3%	[1.7%, 51.8%]	44

Binary size

This benchmark run did not return any relevant results for this metric.

Bootstrap: 467.236s -> 465.852s (-0.30%)
Artifact size: 388.42 MiB -> 388.49 MiB (0.02%)

[bjorn3]

Suggested change

//@ known-bug: #105937

right? Same elsewhere.

[adwinwhite]

I have to make the check a query in order to cache its result for incremental build.
collect_and_partition_mono_items query is eval always. So optimzed_mir query in instance_mir and normalization query always got called. Even with query cache, loading MIR from disk is not that cheap.
That's why the regressions happened.

[bors]

☔ The latest upstream changes (presumably #145717) made this pull request unmergeable. Please resolve the merge conflicts.

[saethlin]

Why are you instantiating types seen in local_decls instead of the entire body? I'm worried that an error will sneak by this check because it's hidden somewhere else in the MIR body.

[adwinwhite]

I did check the whole body at first. Then I realized that instantiation is not cached and worried that the computational cost is too high if the body is huge, so I tried to scale down the check.

Ofc this is just speculation, I'm not sure about the real cost.

[saethlin]

This is done in a query, which should provide the requisite level of caching. Switch this to check the whole body and I can submit another perf run before merging.

[saethlin]

Just one question ^ then I think this is good

[cjgillot]

Should we move error reporting to the query itself, and make the query return unit?

[adwinwhite]

If we do so, the query would be dependent on starting_item.span which may pollute the cache unnecessarily?

[rustbot]

This PR was rebased onto a different master commit. Here's a range-diff highlighting what actually changed.

Rebasing is a normal part of keeping PRs up to date, so no action is needed—this note is just to help reviewers.

[adwinwhite]

Without the starting span, users can only see the type of the failed instance and have to manually search and check each call to the function to determine whether the call introduces recursion.

One example from test:

fn main() {
    recurse(std::iter::empty::<()>())
}
fn recurse(nums: impl Iterator) {
    if true { return }

    recurse(nums.skip(42).peekable())
    //~^ ERROR: reached the recursion limit while instantiating
}

Users can only see the compiler fails to instantiate peekable but not where. It's not easy to determine the cause if there are many calls to peekable in real codebase.

And sometimes the recursive function is not the same one as the failed instance, as in this example.

[saethlin]

Could you make items_of_instance return a Result then emit the error with the useful span?

[adwinwhite]

Seems like another spurious rustdoc-gui test failure.

[saethlin]

Nice, that looks like what I was imagining. I've restarted your PR CI jobs in the UI, and in the meantime also

@bors try @rust-timer queue

[rust-bors]

☀️ Try build successful (CI)
Build commit: 4df8dd0 (4df8dd07598e2665c580a9cdf769bdb82b5dac7e, parent: 442288534b6cf9ec4899b00c4332433b17760d96)

[rust-timer]

Finished benchmarking commit (4df8dd0): comparison URL.

Overall result: ❌ regressions - please read the text below

Benchmarking this pull request means it may be perf-sensitive – we'll automatically label it not fit for rolling up. You can override this, but we strongly advise not to, due to possible changes in compiler perf.

Next Steps: If you can justify the regressions found in this try perf run, please do so in sufficient writing along with @rustbot label: +perf-regression-triaged. If not, please fix the regressions and do another perf run. If its results are neutral or positive, the label will be automatically removed.

@bors rollup=never
@rustbot label: -S-waiting-on-perf +perf-regression

Instruction count

Our most reliable metric. Used to determine the overall result above. However, even this metric can be noisy.

	mean	range	count
Regressions ❌ (primary)	0.4%	[0.3%, 0.5%]	5
Regressions ❌ (secondary)	2.9%	[0.0%, 18.7%]	7
Improvements ✅ (primary)	-	-	0
Improvements ✅ (secondary)	-1.6%	[-1.6%, -1.6%]	1
All ❌✅ (primary)	0.4%	[0.3%, 0.5%]	5

Max RSS (memory usage)

Results (primary -1.0%, secondary 1.5%)

A less reliable metric. May be of interest, but not used to determine the overall result above.

	mean	range	count
Regressions ❌ (primary)	-	-	0
Regressions ❌ (secondary)	1.5%	[1.5%, 1.5%]	1
Improvements ✅ (primary)	-1.0%	[-1.0%, -1.0%]	1
Improvements ✅ (secondary)	-	-	0
All ❌✅ (primary)	-1.0%	[-1.0%, -1.0%]	1

Cycles

Results (primary 2.4%, secondary -1.1%)

A less reliable metric. May be of interest, but not used to determine the overall result above.

	mean	range	count
Regressions ❌ (primary)	2.4%	[2.4%, 2.4%]	1
Regressions ❌ (secondary)	9.5%	[1.5%, 17.5%]	2
Improvements ✅ (primary)	-	-	0
Improvements ✅ (secondary)	-3.8%	[-4.7%, -2.3%]	8
All ❌✅ (primary)	2.4%	[2.4%, 2.4%]	1

Binary size

This benchmark run did not return any relevant results for this metric.

Bootstrap: 473.161s -> 475.157s (0.42%)
Artifact size: 388.04 MiB -> 388.12 MiB (0.02%)

[saethlin]

@adwinwhite Can you squash the commits down? I would just mash all the commits into one, but if you prefer some kind of logical separation go for it. Then I'll approve this.

[adwinwhite]

Done squashing. I prefer to squash/rebase after the review is complete too. :⁠-⁠)

[saethlin]

The single scary-looking regression is specific to opt incr-full on projection-caching, and this doesn't break projection caching so I don't think it's worth worrying about. Beyond that there are a few tiny regressions which I think are all justified by the fact that this fixes/papers over a systemic source if ICEs.

@rustbot label: +perf-regression-triaged

@bors r+

[bors]

📌 Commit 08f16a9 has been approved by saethlin

It is now in the queue for this repository.

[bors]

⌛ Testing commit 08f16a9 with merge 36e4f5d...

[bors]

☀️ Test successful - checks-actions
Approved by: saethlin
Pushing 36e4f5d to master...

[github-actions]

What is this?

This is an experimental post-merge analysis report that shows differences in test outcomes between the merged PR and its parent PR.

Comparing 2300c2a (parent) -> 36e4f5d (this PR)

Test differences

Show 284 test diffs

Stage 1

• [crashes] tests/crashes/105275.rs: pass -> [missing] (J1)
• [crashes] tests/crashes/105937.rs: pass -> [missing] (J1)
• [crashes] tests/crashes/117696-1.rs: pass -> [missing] (J1)
• [crashes] tests/crashes/117696-2.rs: pass -> [missing] (J1)
• [crashes] tests/crashes/118590.rs: pass -> [missing] (J1)
• [crashes] tests/crashes/122823.rs: pass -> [missing] (J1)
• [crashes] tests/crashes/131342.rs: pass -> [missing] (J1)
• [crashes] tests/crashes/139659.rs: pass -> [missing] (J1)
• [crashes] tests/crashes/92004.rs: pass -> [missing] (J1)
• [crashes] tests/crashes/92470.rs: pass -> [missing] (J1)
• [crashes] tests/crashes/95134.rs: pass -> [missing] (J1)
• [ui] tests/ui/codegen/normalization-overflow/recursion-issue-105275.rs: [missing] -> pass (J1)
• [ui] tests/ui/codegen/normalization-overflow/recursion-issue-105937.rs: [missing] -> pass (J1)
• [ui] tests/ui/codegen/normalization-overflow/recursion-issue-117696-1.rs: [missing] -> pass (J1)
• [ui] tests/ui/codegen/normalization-overflow/recursion-issue-117696-2.rs: [missing] -> pass (J1)
• [ui] tests/ui/codegen/normalization-overflow/recursion-issue-118590.rs: [missing] -> pass (J1)
• [ui] tests/ui/codegen/normalization-overflow/recursion-issue-122823.rs: [missing] -> pass (J1)
• [ui] tests/ui/codegen/normalization-overflow/recursion-issue-131342.rs: [missing] -> pass (J1)
• [ui] tests/ui/codegen/normalization-overflow/recursion-issue-139659.rs: [missing] -> pass (J1)
• [ui] tests/ui/codegen/normalization-overflow/recursion-issue-92004.rs: [missing] -> pass (J1)
• [ui] tests/ui/codegen/normalization-overflow/recursion-issue-92470.rs: [missing] -> pass (J1)
• [ui] tests/ui/codegen/normalization-overflow/recursion-issue-95134.rs: [missing] -> pass (J1)

Stage 2

• [ui] tests/ui/codegen/normalization-overflow/recursion-issue-105275.rs: [missing] -> pass (J0)
• [ui] tests/ui/codegen/normalization-overflow/recursion-issue-105937.rs: [missing] -> pass (J0)
• [ui] tests/ui/codegen/normalization-overflow/recursion-issue-117696-1.rs: [missing] -> pass (J0)
• [ui] tests/ui/codegen/normalization-overflow/recursion-issue-117696-2.rs: [missing] -> pass (J0)
• [ui] tests/ui/codegen/normalization-overflow/recursion-issue-118590.rs: [missing] -> pass (J0)
• [ui] tests/ui/codegen/normalization-overflow/recursion-issue-122823.rs: [missing] -> pass (J0)
• [ui] tests/ui/codegen/normalization-overflow/recursion-issue-131342.rs: [missing] -> pass (J0)
• [ui] tests/ui/codegen/normalization-overflow/recursion-issue-139659.rs: [missing] -> pass (J0)
• [ui] tests/ui/codegen/normalization-overflow/recursion-issue-92004.rs: [missing] -> pass (J0)
• [ui] tests/ui/codegen/normalization-overflow/recursion-issue-92470.rs: [missing] -> pass (J0)
• [ui] tests/ui/codegen/normalization-overflow/recursion-issue-95134.rs: [missing] -> pass (J0)
• [crashes] tests/crashes/105275.rs: pass -> [missing] (J2)
• [crashes] tests/crashes/105937.rs: pass -> [missing] (J2)
• [crashes] tests/crashes/117696-1.rs: pass -> [missing] (J2)
• [crashes] tests/crashes/117696-2.rs: pass -> [missing] (J2)
• [crashes] tests/crashes/118590.rs: pass -> [missing] (J2)
• [crashes] tests/crashes/122823.rs: pass -> [missing] (J2)
• [crashes] tests/crashes/131342.rs: pass -> [missing] (J2)
• [crashes] tests/crashes/139659.rs: pass -> [missing] (J2)
• [crashes] tests/crashes/92004.rs: pass -> [missing] (J2)
• [crashes] tests/crashes/92470.rs: pass -> [missing] (J2)
• [crashes] tests/crashes/95134.rs: pass -> [missing] (J2)

Additionally, 240 doctest diffs were found. These are ignored, as they are noisy.

Job group index

• J0: aarch64-apple, aarch64-gnu, aarch64-gnu-llvm-20-1, aarch64-msvc-1, arm-android, armhf-gnu, dist-i586-gnu-i586-i686-musl, i686-gnu-1, i686-gnu-nopt-1, i686-msvc-1, test-various, x86_64-gnu, x86_64-gnu-debug, x86_64-gnu-llvm-20, x86_64-gnu-llvm-20-2, x86_64-gnu-nopt, x86_64-gnu-stable, x86_64-mingw-1, x86_64-msvc-1
• J1: x86_64-gnu-llvm-20-3
• J2: aarch64-apple, aarch64-gnu, aarch64-gnu-llvm-20-1, aarch64-msvc-1, arm-android, armhf-gnu, dist-i586-gnu-i586-i686-musl, i686-gnu-1, i686-gnu-nopt-1, i686-msvc-1, test-various, x86_64-gnu, x86_64-gnu-llvm-20-2, x86_64-gnu-nopt, x86_64-gnu-stable, x86_64-mingw-1, x86_64-msvc-1

Test dashboard

Run

cargo run --manifest-path src/ci/citool/Cargo.toml -- \
    test-dashboard 36e4f5d1fe1d63953a5bf1758ce2b64172623e2e --output-dir test-dashboard

And then open test-dashboard/index.html in your browser to see an overview of all executed tests.

Job duration changes

1. dist-aarch64-linux: 6026.3s -> 8815.6s (46.3%)
2. dist-aarch64-apple: 6428.6s -> 7513.4s (16.9%)
3. i686-gnu-2: 5424.1s -> 6303.5s (16.2%)
4. pr-check-1: 1408.8s -> 1629.5s (15.7%)
5. x86_64-gnu-tools: 3232.8s -> 3698.3s (14.4%)
6. arm-android: 5393.6s -> 6136.0s (13.8%)
7. aarch64-gnu-llvm-20-1: 3263.0s -> 3686.2s (13.0%)
8. test-various: 4411.2s -> 4944.0s (12.1%)
9. aarch64-gnu-llvm-20-2: 2175.5s -> 2436.5s (12.0%)
10. i686-gnu-nopt-1: 7196.3s -> 8029.6s (11.6%)

How to interpret the job duration changes?

Job durations can vary a lot, based on the actual runner instance
that executed the job, system noise, invalidated caches, etc. The table above is provided
mostly for t-infra members, for simpler debugging of potential CI slow-downs.

[rust-timer]

Finished benchmarking commit (36e4f5d): comparison URL.

Overall result: ❌ regressions - please read the text below

Our benchmarks found a performance regression caused by this PR.
This might be an actual regression, but it can also be just noise.

Next Steps:

• If the regression was expected or you think it can be justified,
  please write a comment with sufficient written justification, and add
  @rustbot label: +perf-regression-triaged to it, to mark the regression as triaged.
• If you think that you know of a way to resolve the regression, try to create
  a new PR with a fix for the regression.
• If you do not understand the regression or you think that it is just noise,
  you can ask the @rust-lang/wg-compiler-performance working group for help (members of this group
  were already notified of this PR).

@rustbot label: +perf-regression
cc @rust-lang/wg-compiler-performance

Instruction count

Our most reliable metric. Used to determine the overall result above. However, even this metric can be noisy.

	mean	range	count
Regressions ❌ (primary)	0.4%	[0.2%, 0.6%]	5
Regressions ❌ (secondary)	9.7%	[0.7%, 18.7%]	2
Improvements ✅ (primary)	-	-	0
Improvements ✅ (secondary)	-	-	0
All ❌✅ (primary)	0.4%	[0.2%, 0.6%]	5

Max RSS (memory usage)

Results (primary -3.5%)

A less reliable metric. May be of interest, but not used to determine the overall result above.

	mean	range	count
Regressions ❌ (primary)	2.3%	[2.3%, 2.3%]	1
Regressions ❌ (secondary)	-	-	0
Improvements ✅ (primary)	-6.5%	[-9.9%, -3.1%]	2
Improvements ✅ (secondary)	-	-	0
All ❌✅ (primary)	-3.5%	[-9.9%, 2.3%]	3

Cycles

Results (secondary 7.5%)

A less reliable metric. May be of interest, but not used to determine the overall result above.

	mean	range	count
Regressions ❌ (primary)	-	-	0
Regressions ❌ (secondary)	7.5%	[2.6%, 16.6%]	3
Improvements ✅ (primary)	-	-	0
Improvements ✅ (secondary)	-	-	0
All ❌✅ (primary)	-	-	0

Binary size

This benchmark run did not return any relevant results for this metric.

Bootstrap: 472.507s -> 473.739s (0.26%)
Artifact size: 388.12 MiB -> 388.11 MiB (-0.00%)

[RalfJung]

The PR description says

I first tried to check the whole MIR body's normalization and references_error. (As elaborate_drop handles normalization failure by returning ty::Error.)
It turns out that checking all Locals seems sufficient.

but this seems to check all types the visitor meets, not just locals?

Even then I wonder if this is enough, e.g. the types of struct fields can require further normalization (that might then overflow) even after the struct type itself has been normalized.