diff options
| author | Matthias Krüger <476013+matthiaskrgr@users.noreply.github.com> | 2025-03-11 19:35:34 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-03-11 19:35:34 +0100 |
| commit | 4feb86684dc1edd32e26170db15b964e2207adc8 (patch) | |
| tree | a1d0ea90a29e636eedda79c371c7a30e2efcc277 /src | |
| parent | 954b88ed2aeeaaa2ccb261097f36379b244fc4ad (diff) | |
| parent | 3846f942300c4fd8f43a8a8a1324ad5e358b9459 (diff) | |
| download | rust-4feb86684dc1edd32e26170db15b964e2207adc8.tar.gz rust-4feb86684dc1edd32e26170db15b964e2207adc8.zip | |
Rollup merge of #138352 - RalfJung:miri-native-calls-exposed, r=oli-obk
miri native_calls: ensure we actually expose *mutable* provenance to the memory FFI can access In native call mode, the interpreter memory itself is accessed directly by external code via pointers created from integers and passed via libffi, so we have to ensure the provenance in Miri itself (on the meta level) is sufficiently exposed. So far we only exposed the provenance for read-only accesses. This may we enough as that may actually be the same provenance as for mutable accesses, but it's hard to be sure, and anyway there's no reason to do such a gambit -- we have this function, `prepare_for_native_call`, which iterates all memory the call can access. let's just also (re-)expose Miri's own allocations there. We expose the read-only provenance for all of them and the mutable provenance for the mutable allocations. r? ``@oli-obk``
Diffstat (limited to 'src')
| -rw-r--r-- | src/tools/miri/src/alloc_addresses/mod.rs | 4 | ||||
| -rw-r--r-- | src/tools/miri/src/shims/native_lib.rs | 2 |
2 files changed, 3 insertions, 3 deletions
diff --git a/src/tools/miri/src/alloc_addresses/mod.rs b/src/tools/miri/src/alloc_addresses/mod.rs index ff3a25e94bd..5d257029a46 100644 --- a/src/tools/miri/src/alloc_addresses/mod.rs +++ b/src/tools/miri/src/alloc_addresses/mod.rs @@ -198,8 +198,8 @@ trait EvalContextExtPriv<'tcx>: crate::MiriInterpCxExt<'tcx> { } AllocKind::Dead => unreachable!(), }; - // Ensure this pointer's provenance is exposed, so that it can be used by FFI code. - return interp_ok(base_ptr.expose_provenance().try_into().unwrap()); + // We don't have to expose this pointer yet, we do that in `prepare_for_native_call`. + return interp_ok(base_ptr.addr().try_into().unwrap()); } // We are not in native lib mode, so we control the addresses ourselves. if let Some((reuse_addr, clock)) = global_state.reuse.take_addr( diff --git a/src/tools/miri/src/shims/native_lib.rs b/src/tools/miri/src/shims/native_lib.rs index c6fcb0355eb..0258a76c3e7 100644 --- a/src/tools/miri/src/shims/native_lib.rs +++ b/src/tools/miri/src/shims/native_lib.rs @@ -266,7 +266,7 @@ fn imm_to_carg<'tcx>(v: &ImmTy<'tcx>, cx: &impl HasDataLayout) -> InterpResult<' CArg::USize(v.to_scalar().to_target_usize(cx)?.try_into().unwrap()), ty::RawPtr(..) => { let s = v.to_scalar().to_pointer(cx)?.addr(); - // This relies on the `expose_provenance` in `addr_from_alloc_id`. + // This relies on the `expose_provenance` in `prepare_for_native_call`. CArg::RawPtr(std::ptr::with_exposed_provenance_mut(s.bytes_usize())) } _ => throw_unsup_format!("unsupported argument type for native call: {}", v.layout.ty), |