From 67b9d7d18468d1f0bddbca3cdc6878f6ef3b5a12 Mon Sep 17 00:00:00 2001 From: Ralf Jung Date: Sat, 23 Mar 2024 11:47:11 +0100 Subject: [PATCH 1/3] rename ptr::from_exposed_addr -> ptr::with_exposed_provenance --- compiler/rustc_hir_typeck/messages.ftl | 2 +- compiler/rustc_lint_defs/src/builtin.rs | 6 ++--- compiler/rustc_middle/src/mir/syntax.rs | 2 +- library/core/src/ptr/const_ptr.rs | 14 +++++------ library/core/src/ptr/mod.rs | 24 +++++++++---------- library/core/src/ptr/mut_ptr.rs | 14 +++++------ .../core_simd/src/simd/ptr/const_ptr.rs | 8 +++---- .../crates/core_simd/src/simd/ptr/mut_ptr.rs | 8 +++---- .../crates/core_simd/tests/pointers.rs | 12 +++++----- library/std/src/os/xous/ffi.rs | 2 +- library/std/src/sys/pal/hermit/thread.rs | 2 +- library/std/src/sys/pal/itron/thread.rs | 2 +- .../std/src/sys/pal/xous/thread_local_key.rs | 2 +- .../std/src/sys/pal/zkvm/thread_local_key.rs | 4 ++-- library/std/src/sys/personality/dwarf/eh.rs | 2 +- src/tools/miri/README.md | 2 +- src/tools/miri/src/alloc_addresses/mod.rs | 6 ++--- src/tools/miri/src/diagnostics.rs | 8 +++---- .../fail/provenance/ptr_int_unexposed.rs | 2 +- .../fail/provenance/strict_provenance_cast.rs | 2 +- .../provenance/strict_provenance_cast.stderr | 6 ++--- .../fail/stacked_borrows/exposed_only_ro.rs | 2 +- src/tools/miri/tests/pass/box.stack.stderr | 6 ++--- .../miri/tests/pass/extern_types.stack.stderr | 6 ++--- .../miri/tests/pass/portable-simd-ptrs.rs | 2 +- .../miri/tests/pass/ptr_int_from_exposed.rs | 8 +++---- .../tests/pass/stacked-borrows/int-to-ptr.rs | 2 +- .../stacked-borrows/issue-miri-2389.stderr | 6 ++--- .../pass/stacked-borrows/unknown-bottom-gc.rs | 2 +- .../lint-strict-provenance-fuzzy-casts.stderr | 2 +- tests/ui/simd/intrinsic/ptr-cast.rs | 4 ++-- 31 files changed, 85 insertions(+), 85 deletions(-) diff --git a/compiler/rustc_hir_typeck/messages.ftl b/compiler/rustc_hir_typeck/messages.ftl index 0ca958302f792..6878d37c9a8c7 100644 --- a/compiler/rustc_hir_typeck/messages.ftl +++ b/compiler/rustc_hir_typeck/messages.ftl @@ -86,7 +86,7 @@ hir_typeck_invalid_callee = expected function, found {$ty} hir_typeck_lossy_provenance_int2ptr = strict provenance disallows casting integer `{$expr_ty}` to pointer `{$cast_ty}` .suggestion = use `.with_addr()` to adjust a valid pointer in the same allocation, to this address - .help = if you can't comply with strict provenance and don't have a pointer with the correct provenance you can use `std::ptr::from_exposed_addr()` instead + .help = if you can't comply with strict provenance and don't have a pointer with the correct provenance you can use `std::ptr::with_exposed_provenance()` instead hir_typeck_lossy_provenance_ptr2int = under strict provenance it is considered bad style to cast pointer `{$expr_ty}` to integer `{$cast_ty}` diff --git a/compiler/rustc_lint_defs/src/builtin.rs b/compiler/rustc_lint_defs/src/builtin.rs index 9f09f46ea5a9c..7e9d35ca6c1a6 100644 --- a/compiler/rustc_lint_defs/src/builtin.rs +++ b/compiler/rustc_lint_defs/src/builtin.rs @@ -2749,7 +2749,7 @@ declare_lint! { /// memory the pointer is allowed to read/write. Casting an integer, which /// doesn't have provenance, to a pointer requires the compiler to assign /// (guess) provenance. The compiler assigns "all exposed valid" (see the - /// docs of [`ptr::from_exposed_addr`] for more information about this + /// docs of [`ptr::with_exposed_provenance`] for more information about this /// "exposing"). This penalizes the optimiser and is not well suited for /// dynamic analysis/dynamic program verification (e.g. Miri or CHERI /// platforms). @@ -2757,11 +2757,11 @@ declare_lint! { /// It is much better to use [`ptr::with_addr`] instead to specify the /// provenance you want. If using this function is not possible because the /// code relies on exposed provenance then there is as an escape hatch - /// [`ptr::from_exposed_addr`]. + /// [`ptr::with_exposed_provenance`]. /// /// [issue #95228]: https://github.com/rust-lang/rust/issues/95228 /// [`ptr::with_addr`]: https://doc.rust-lang.org/core/primitive.pointer.html#method.with_addr - /// [`ptr::from_exposed_addr`]: https://doc.rust-lang.org/core/ptr/fn.from_exposed_addr.html + /// [`ptr::with_exposed_provenance`]: https://doc.rust-lang.org/core/ptr/fn.with_exposed_provenance.html pub FUZZY_PROVENANCE_CASTS, Allow, "a fuzzy integer to pointer cast is used", diff --git a/compiler/rustc_middle/src/mir/syntax.rs b/compiler/rustc_middle/src/mir/syntax.rs index 752f5845afb2e..a9dd59f0f3e3e 100644 --- a/compiler/rustc_middle/src/mir/syntax.rs +++ b/compiler/rustc_middle/src/mir/syntax.rs @@ -1318,7 +1318,7 @@ pub enum CastKind { /// See the docs on `expose_addr` for more details. PointerExposeAddress, /// An address-to-pointer cast that picks up an exposed provenance. - /// See the docs on `from_exposed_addr` for more details. + /// See the docs on `with_exposed_provenance` for more details. PointerFromExposedAddress, /// Pointer related casts that are done by coercions. Note that reference-to-raw-ptr casts are /// translated into `&raw mut/const *r`, i.e., they are not actually casts. diff --git a/library/core/src/ptr/const_ptr.rs b/library/core/src/ptr/const_ptr.rs index 69c61602073ac..e1f47c909e4a0 100644 --- a/library/core/src/ptr/const_ptr.rs +++ b/library/core/src/ptr/const_ptr.rs @@ -165,7 +165,7 @@ impl *const T { #[unstable(feature = "ptr_to_from_bits", issue = "91126")] #[deprecated( since = "1.67.0", - note = "replaced by the `ptr::from_exposed_addr` function, or update \ + note = "replaced by the `ptr::with_exposed_provenance` function, or update \ your code to follow the strict provenance rules using its APIs" )] #[allow(fuzzy_provenance_casts)] // this is an unstable and semi-deprecated cast function @@ -187,7 +187,7 @@ impl *const T { /// /// If using those APIs is not possible because there is no way to preserve a pointer with the /// required provenance, then Strict Provenance might not be for you. Use pointer-integer casts - /// or [`expose_addr`][pointer::expose_addr] and [`from_exposed_addr`][from_exposed_addr] + /// or [`expose_addr`][pointer::expose_addr] and [`with_exposed_provenance`][with_exposed_provenance] /// instead. However, note that this makes your code less portable and less amenable to tools /// that check for compliance with the Rust memory model. /// @@ -211,30 +211,30 @@ impl *const T { } /// Gets the "address" portion of the pointer, and 'exposes' the "provenance" part for future - /// use in [`from_exposed_addr`][]. + /// use in [`with_exposed_provenance`][]. /// /// This is equivalent to `self as usize`, which semantically discards *provenance* and /// *address-space* information. Furthermore, this (like the `as` cast) has the implicit /// side-effect of marking the provenance as 'exposed', so on platforms that support it you can - /// later call [`from_exposed_addr`][] to reconstitute the original pointer including its + /// later call [`with_exposed_provenance`][] to reconstitute the original pointer including its /// provenance. (Reconstructing address space information, if required, is your responsibility.) /// /// Using this method means that code is *not* following [Strict /// Provenance][super#strict-provenance] rules. Supporting - /// [`from_exposed_addr`][] complicates specification and reasoning and may not be supported by + /// [`with_exposed_provenance`][] complicates specification and reasoning and may not be supported by /// tools that help you to stay conformant with the Rust memory model, so it is recommended to /// use [`addr`][pointer::addr] wherever possible. /// /// On most platforms this will produce a value with the same bytes as the original pointer, /// because all the bytes are dedicated to describing the address. Platforms which need to store /// additional information in the pointer may not support this operation, since the 'expose' - /// side-effect which is required for [`from_exposed_addr`][] to work is typically not + /// side-effect which is required for [`with_exposed_provenance`][] to work is typically not /// available. /// /// It is unclear whether this method can be given a satisfying unambiguous specification. This /// API and its claimed semantics are part of [Exposed Provenance][super#exposed-provenance]. /// - /// [`from_exposed_addr`]: from_exposed_addr + /// [`with_exposed_provenance`]: with_exposed_provenance #[must_use] #[inline(always)] #[unstable(feature = "exposed_provenance", issue = "95228")] diff --git a/library/core/src/ptr/mod.rs b/library/core/src/ptr/mod.rs index 1f0204daf7238..09c7d32ad7167 100644 --- a/library/core/src/ptr/mod.rs +++ b/library/core/src/ptr/mod.rs @@ -340,13 +340,13 @@ //! clear where a satisfying unambiguous semantics can be defined for Exposed Provenance. //! Furthermore, Exposed Provenance will not work (well) with tools like [Miri] and [CHERI]. //! -//! Exposed Provenance is provided by the [`expose_addr`] and [`from_exposed_addr`] methods, which +//! Exposed Provenance is provided by the [`expose_addr`] and [`with_exposed_provenance`] methods, which //! are meant to replace `as` casts between pointers and integers. [`expose_addr`] is a lot like //! [`addr`], but additionally adds the provenance of the pointer to a global list of 'exposed' //! provenances. (This list is purely conceptual, it exists for the purpose of specifying Rust but -//! is not materialized in actual executions, except in tools like [Miri].) [`from_exposed_addr`] +//! is not materialized in actual executions, except in tools like [Miri].) [`with_exposed_provenance`] //! can be used to construct a pointer with one of these previously 'exposed' provenances. -//! [`from_exposed_addr`] takes only `addr: usize` as arguments, so unlike in [`with_addr`] there is +//! [`with_exposed_provenance`] takes only `addr: usize` as arguments, so unlike in [`with_addr`] there is //! no indication of what the correct provenance for the returned pointer is -- and that is exactly //! what makes pointer-usize-pointer roundtrips so tricky to rigorously specify! There is no //! algorithm that decides which provenance will be used. You can think of this as "guessing" the @@ -355,10 +355,10 @@ //! there is *no* previously 'exposed' provenance that justifies the way the returned pointer will //! be used, the program has undefined behavior. //! -//! Using [`expose_addr`] or [`from_exposed_addr`] (or the `as` casts) means that code is +//! Using [`expose_addr`] or [`with_exposed_provenance`] (or the `as` casts) means that code is //! *not* following Strict Provenance rules. The goal of the Strict Provenance experiment is to //! determine how far one can get in Rust without the use of [`expose_addr`] and -//! [`from_exposed_addr`], and to encourage code to be written with Strict Provenance APIs only. +//! [`with_exposed_provenance`], and to encourage code to be written with Strict Provenance APIs only. //! Maximizing the amount of such code is a major win for avoiding specification complexity and to //! facilitate adoption of tools like [CHERI] and [Miri] that can be a big help in increasing the //! confidence in (unsafe) Rust code. @@ -375,7 +375,7 @@ //! [`addr`]: pointer::addr //! [`ptr::dangling`]: core::ptr::dangling //! [`expose_addr`]: pointer::expose_addr -//! [`from_exposed_addr`]: from_exposed_addr +//! [`with_exposed_provenance`]: with_exposed_provenance //! [Miri]: https://github.com/rust-lang/miri //! [CHERI]: https://www.cl.cam.ac.uk/research/security/ctsrd/cheri/ //! [Strict Provenance]: https://github.com/rust-lang/rust/issues/95228 @@ -582,7 +582,7 @@ pub const fn null_mut() -> *mut T { /// little more than a usize address in disguise. /// /// This is different from `addr as *const T`, which creates a pointer that picks up a previously -/// exposed provenance. See [`from_exposed_addr`] for more details on that operation. +/// exposed provenance. See [`with_exposed_provenance`] for more details on that operation. /// /// This API and its claimed semantics are part of the Strict Provenance experiment, /// see the [module documentation][crate::ptr] for details. @@ -593,7 +593,7 @@ pub const fn null_mut() -> *mut T { pub const fn without_provenance(addr: usize) -> *const T { // FIXME(strict_provenance_magic): I am magic and should be a compiler intrinsic. // We use transmute rather than a cast so tools like Miri can tell that this - // is *not* the same as from_exposed_addr. + // is *not* the same as with_exposed_provenance. // SAFETY: every valid integer is also a valid pointer (as long as you don't dereference that // pointer). unsafe { mem::transmute(addr) } @@ -626,7 +626,7 @@ pub const fn dangling() -> *const T { /// little more than a usize address in disguise. /// /// This is different from `addr as *mut T`, which creates a pointer that picks up a previously -/// exposed provenance. See [`from_exposed_addr_mut`] for more details on that operation. +/// exposed provenance. See [`with_exposed_provenance_mut`] for more details on that operation. /// /// This API and its claimed semantics are part of the Strict Provenance experiment, /// see the [module documentation][crate::ptr] for details. @@ -637,7 +637,7 @@ pub const fn dangling() -> *const T { pub const fn without_provenance_mut(addr: usize) -> *mut T { // FIXME(strict_provenance_magic): I am magic and should be a compiler intrinsic. // We use transmute rather than a cast so tools like Miri can tell that this - // is *not* the same as from_exposed_addr. + // is *not* the same as with_exposed_provenance. // SAFETY: every valid integer is also a valid pointer (as long as you don't dereference that // pointer). unsafe { mem::transmute(addr) } @@ -700,7 +700,7 @@ pub const fn dangling_mut() -> *mut T { #[unstable(feature = "exposed_provenance", issue = "95228")] #[cfg_attr(miri, track_caller)] // even without panics, this helps for Miri backtraces #[allow(fuzzy_provenance_casts)] // this *is* the explicit provenance API one should use instead -pub fn from_exposed_addr(addr: usize) -> *const T +pub fn with_exposed_provenance(addr: usize) -> *const T where T: Sized, { @@ -740,7 +740,7 @@ where #[unstable(feature = "exposed_provenance", issue = "95228")] #[cfg_attr(miri, track_caller)] // even without panics, this helps for Miri backtraces #[allow(fuzzy_provenance_casts)] // this *is* the explicit provenance API one should use instead -pub fn from_exposed_addr_mut(addr: usize) -> *mut T +pub fn with_exposed_provenance_mut(addr: usize) -> *mut T where T: Sized, { diff --git a/library/core/src/ptr/mut_ptr.rs b/library/core/src/ptr/mut_ptr.rs index 1add9ca231128..cf94281b8bcaf 100644 --- a/library/core/src/ptr/mut_ptr.rs +++ b/library/core/src/ptr/mut_ptr.rs @@ -171,7 +171,7 @@ impl *mut T { #[unstable(feature = "ptr_to_from_bits", issue = "91126")] #[deprecated( since = "1.67.0", - note = "replaced by the `ptr::from_exposed_addr_mut` function, or \ + note = "replaced by the `ptr::with_exposed_provenance_mut` function, or \ update your code to follow the strict provenance rules using its APIs" )] #[allow(fuzzy_provenance_casts)] // this is an unstable and semi-deprecated cast function @@ -194,7 +194,7 @@ impl *mut T { /// /// If using those APIs is not possible because there is no way to preserve a pointer with the /// required provenance, then Strict Provenance might not be for you. Use pointer-integer casts - /// or [`expose_addr`][pointer::expose_addr] and [`from_exposed_addr`][from_exposed_addr] + /// or [`expose_addr`][pointer::expose_addr] and [`with_exposed_provenance`][with_exposed_provenance] /// instead. However, note that this makes your code less portable and less amenable to tools /// that check for compliance with the Rust memory model. /// @@ -218,30 +218,30 @@ impl *mut T { } /// Gets the "address" portion of the pointer, and 'exposes' the "provenance" part for future - /// use in [`from_exposed_addr`][]. + /// use in [`with_exposed_provenance`][]. /// /// This is equivalent to `self as usize`, which semantically discards *provenance* and /// *address-space* information. Furthermore, this (like the `as` cast) has the implicit /// side-effect of marking the provenance as 'exposed', so on platforms that support it you can - /// later call [`from_exposed_addr_mut`][] to reconstitute the original pointer including its + /// later call [`with_exposed_provenance_mut`][] to reconstitute the original pointer including its /// provenance. (Reconstructing address space information, if required, is your responsibility.) /// /// Using this method means that code is *not* following [Strict /// Provenance][super#strict-provenance] rules. Supporting - /// [`from_exposed_addr_mut`][] complicates specification and reasoning and may not be supported + /// [`with_exposed_provenance_mut`][] complicates specification and reasoning and may not be supported /// by tools that help you to stay conformant with the Rust memory model, so it is recommended /// to use [`addr`][pointer::addr] wherever possible. /// /// On most platforms this will produce a value with the same bytes as the original pointer, /// because all the bytes are dedicated to describing the address. Platforms which need to store /// additional information in the pointer may not support this operation, since the 'expose' - /// side-effect which is required for [`from_exposed_addr_mut`][] to work is typically not + /// side-effect which is required for [`with_exposed_provenance_mut`][] to work is typically not /// available. /// /// It is unclear whether this method can be given a satisfying unambiguous specification. This /// API and its claimed semantics are part of [Exposed Provenance][super#exposed-provenance]. /// - /// [`from_exposed_addr_mut`]: from_exposed_addr_mut + /// [`with_exposed_provenance_mut`]: with_exposed_provenance_mut #[must_use] #[inline(always)] #[unstable(feature = "exposed_provenance", issue = "95228")] diff --git a/library/portable-simd/crates/core_simd/src/simd/ptr/const_ptr.rs b/library/portable-simd/crates/core_simd/src/simd/ptr/const_ptr.rs index e217d1c8c87ca..3ec9fccbff954 100644 --- a/library/portable-simd/crates/core_simd/src/simd/ptr/const_ptr.rs +++ b/library/portable-simd/crates/core_simd/src/simd/ptr/const_ptr.rs @@ -51,13 +51,13 @@ pub trait SimdConstPtr: Copy + Sealed { fn with_addr(self, addr: Self::Usize) -> Self; /// Gets the "address" portion of the pointer, and "exposes" the provenance part for future use - /// in [`Self::from_exposed_addr`]. + /// in [`Self::with_exposed_provenance`]. fn expose_addr(self) -> Self::Usize; /// Convert an address back to a pointer, picking up a previously "exposed" provenance. /// - /// Equivalent to calling [`core::ptr::from_exposed_addr`] on each element. - fn from_exposed_addr(addr: Self::Usize) -> Self; + /// Equivalent to calling [`core::ptr::with_exposed_provenance`] on each element. + fn with_exposed_provenance(addr: Self::Usize) -> Self; /// Calculates the offset from a pointer using wrapping arithmetic. /// @@ -137,7 +137,7 @@ where } #[inline] - fn from_exposed_addr(addr: Self::Usize) -> Self { + fn with_exposed_provenance(addr: Self::Usize) -> Self { // Safety: `self` is a pointer vector unsafe { core::intrinsics::simd::simd_from_exposed_addr(addr) } } diff --git a/library/portable-simd/crates/core_simd/src/simd/ptr/mut_ptr.rs b/library/portable-simd/crates/core_simd/src/simd/ptr/mut_ptr.rs index 5cb27af4fdeba..1142839e213b9 100644 --- a/library/portable-simd/crates/core_simd/src/simd/ptr/mut_ptr.rs +++ b/library/portable-simd/crates/core_simd/src/simd/ptr/mut_ptr.rs @@ -48,13 +48,13 @@ pub trait SimdMutPtr: Copy + Sealed { fn with_addr(self, addr: Self::Usize) -> Self; /// Gets the "address" portion of the pointer, and "exposes" the provenance part for future use - /// in [`Self::from_exposed_addr`]. + /// in [`Self::with_exposed_provenance`]. fn expose_addr(self) -> Self::Usize; /// Convert an address back to a pointer, picking up a previously "exposed" provenance. /// - /// Equivalent to calling [`core::ptr::from_exposed_addr_mut`] on each element. - fn from_exposed_addr(addr: Self::Usize) -> Self; + /// Equivalent to calling [`core::ptr::with_exposed_provenance_mut`] on each element. + fn with_exposed_provenance(addr: Self::Usize) -> Self; /// Calculates the offset from a pointer using wrapping arithmetic. /// @@ -134,7 +134,7 @@ where } #[inline] - fn from_exposed_addr(addr: Self::Usize) -> Self { + fn with_exposed_provenance(addr: Self::Usize) -> Self { // Safety: `self` is a pointer vector unsafe { core::intrinsics::simd::simd_from_exposed_addr(addr) } } diff --git a/library/portable-simd/crates/core_simd/tests/pointers.rs b/library/portable-simd/crates/core_simd/tests/pointers.rs index b9f32d16e01d1..5984fdae2f9b4 100644 --- a/library/portable-simd/crates/core_simd/tests/pointers.rs +++ b/library/portable-simd/crates/core_simd/tests/pointers.rs @@ -80,10 +80,10 @@ mod const_ptr { ); } - fn from_exposed_addr() { + fn with_exposed_provenance() { test_helpers::test_unary_elementwise( - &Simd::<*const u32, LANES>::from_exposed_addr, - &core::ptr::from_exposed_addr::, + &Simd::<*const u32, LANES>::with_exposed_provenance, + &core::ptr::with_exposed_provenance::, &|_| true, ); } @@ -103,10 +103,10 @@ mod mut_ptr { ); } - fn from_exposed_addr() { + fn with_exposed_provenance() { test_helpers::test_unary_elementwise( - &Simd::<*mut u32, LANES>::from_exposed_addr, - &core::ptr::from_exposed_addr_mut::, + &Simd::<*mut u32, LANES>::with_exposed_provenance, + &core::ptr::with_exposed_provenance_mut::, &|_| true, ); } diff --git a/library/std/src/os/xous/ffi.rs b/library/std/src/os/xous/ffi.rs index 7fe84db515c34..e9a9f53372026 100644 --- a/library/std/src/os/xous/ffi.rs +++ b/library/std/src/os/xous/ffi.rs @@ -389,7 +389,7 @@ pub(crate) unsafe fn map_memory( let result = a0; if result == SyscallResult::MemoryRange as usize { - let start = core::ptr::from_exposed_addr_mut::(a1); + let start = core::ptr::with_exposed_provenance_mut::(a1); let len = a2 / core::mem::size_of::(); let end = unsafe { start.add(len) }; Ok(unsafe { core::slice::from_raw_parts_mut(start, len) }) diff --git a/library/std/src/sys/pal/hermit/thread.rs b/library/std/src/sys/pal/hermit/thread.rs index cf45b9c23962c..19699aaa66fe0 100644 --- a/library/std/src/sys/pal/hermit/thread.rs +++ b/library/std/src/sys/pal/hermit/thread.rs @@ -47,7 +47,7 @@ impl Thread { extern "C" fn thread_start(main: usize) { unsafe { // Finally, let's run some code. - Box::from_raw(ptr::from_exposed_addr::>(main).cast_mut())(); + Box::from_raw(ptr::with_exposed_provenance::>(main).cast_mut())(); // run all destructors run_dtors(); diff --git a/library/std/src/sys/pal/itron/thread.rs b/library/std/src/sys/pal/itron/thread.rs index 814a102dd09ae..1acd5aafdf4d3 100644 --- a/library/std/src/sys/pal/itron/thread.rs +++ b/library/std/src/sys/pal/itron/thread.rs @@ -98,7 +98,7 @@ impl Thread { }); unsafe extern "C" fn trampoline(exinf: isize) { - let p_inner: *mut ThreadInner = crate::ptr::from_exposed_addr_mut(exinf as usize); + let p_inner: *mut ThreadInner = crate::ptr::with_exposed_provenance_mut(exinf as usize); // Safety: `ThreadInner` is alive at this point let inner = unsafe { &*p_inner }; diff --git a/library/std/src/sys/pal/xous/thread_local_key.rs b/library/std/src/sys/pal/xous/thread_local_key.rs index 2aaf46d0244a7..6c29813c79dfd 100644 --- a/library/std/src/sys/pal/xous/thread_local_key.rs +++ b/library/std/src/sys/pal/xous/thread_local_key.rs @@ -49,7 +49,7 @@ fn tls_ptr_addr() -> *mut *mut u8 { out(reg) tp, ); } - core::ptr::from_exposed_addr_mut::<*mut u8>(tp) + core::ptr::with_exposed_provenance_mut::<*mut u8>(tp) } /// Create an area of memory that's unique per thread. This area will diff --git a/library/std/src/sys/pal/zkvm/thread_local_key.rs b/library/std/src/sys/pal/zkvm/thread_local_key.rs index 3ffe6247344e8..2f67924c61823 100644 --- a/library/std/src/sys/pal/zkvm/thread_local_key.rs +++ b/library/std/src/sys/pal/zkvm/thread_local_key.rs @@ -9,13 +9,13 @@ pub unsafe fn create(_dtor: Option) -> Key { #[inline] pub unsafe fn set(key: Key, value: *mut u8) { - let key: *mut *mut u8 = core::ptr::from_exposed_addr_mut(key); + let key: *mut *mut u8 = core::ptr::with_exposed_provenance_mut(key); *key = value; } #[inline] pub unsafe fn get(key: Key) -> *mut u8 { - let key: *mut *mut u8 = core::ptr::from_exposed_addr_mut(key); + let key: *mut *mut u8 = core::ptr::with_exposed_provenance_mut(key); *key } diff --git a/library/std/src/sys/personality/dwarf/eh.rs b/library/std/src/sys/personality/dwarf/eh.rs index a78084de0faef..3f3615ea3e0a4 100644 --- a/library/std/src/sys/personality/dwarf/eh.rs +++ b/library/std/src/sys/personality/dwarf/eh.rs @@ -125,7 +125,7 @@ pub unsafe fn find_eh_action(lsda: *const u8, context: &EHContext<'_>) -> Result // Can never have null landing pad for sjlj -- that would have // been indicated by a -1 call site index. // FIXME(strict provenance) - let lpad = ptr::from_exposed_addr((cs_lpad + 1) as usize); + let lpad = ptr::with_exposed_provenance((cs_lpad + 1) as usize); return Ok(interpret_cs_action(action_table, cs_action_entry, lpad)); } } diff --git a/src/tools/miri/README.md b/src/tools/miri/README.md index b043805291ea5..7d456ad3a9da0 100644 --- a/src/tools/miri/README.md +++ b/src/tools/miri/README.md @@ -324,7 +324,7 @@ environment variable. We first document the most relevant and most commonly used number of available CPUs is `1`. Note that this flag does not affect how miri handles threads in any way. * `-Zmiri-permissive-provenance` disables the warning for integer-to-pointer casts and - [`ptr::from_exposed_addr`](https://doc.rust-lang.org/nightly/std/ptr/fn.from_exposed_addr.html). + [`ptr::with_exposed_provenance`](https://doc.rust-lang.org/nightly/std/ptr/fn.with_exposed_provenance.html). This will necessarily miss some bugs as those operations are not efficiently and accurately implementable in a sanitizer, but it will only miss bugs that concern memory/pointers which is subject to these operations. diff --git a/src/tools/miri/src/alloc_addresses/mod.rs b/src/tools/miri/src/alloc_addresses/mod.rs index e1714aa9e46b9..6b8e1510a6bf7 100644 --- a/src/tools/miri/src/alloc_addresses/mod.rs +++ b/src/tools/miri/src/alloc_addresses/mod.rs @@ -18,12 +18,12 @@ use reuse_pool::ReusePool; #[derive(Copy, Clone, Debug, PartialEq, Eq)] pub enum ProvenanceMode { - /// We support `expose_addr`/`from_exposed_addr` via "wildcard" provenance. - /// However, we want on `from_exposed_addr` to alert the user of the precision loss. + /// We support `expose_addr`/`with_exposed_provenance` via "wildcard" provenance. + /// However, we want on `with_exposed_provenance` to alert the user of the precision loss. Default, /// Like `Default`, but without the warning. Permissive, - /// We error on `from_exposed_addr`, ensuring no precision loss. + /// We error on `with_exposed_provenance`, ensuring no precision loss. Strict, } diff --git a/src/tools/miri/src/diagnostics.rs b/src/tools/miri/src/diagnostics.rs index 03428b081c569..bddf398d477f4 100644 --- a/src/tools/miri/src/diagnostics.rs +++ b/src/tools/miri/src/diagnostics.rs @@ -65,7 +65,7 @@ impl fmt::Display for TerminationInfo { Int2PtrWithStrictProvenance => write!( f, - "integer-to-pointer casts and `ptr::from_exposed_addr` are not supported with `-Zmiri-strict-provenance`" + "integer-to-pointer casts and `ptr::with_exposed_provenance` are not supported with `-Zmiri-strict-provenance`" ), StackedBorrowsUb { msg, .. } => write!(f, "{msg}"), TreeBorrowsUb { title, .. } => write!(f, "{title}"), @@ -587,7 +587,7 @@ impl<'mir, 'tcx> MiriMachine<'mir, 'tcx> { ( None, format!( - "This program is using integer-to-pointer casts or (equivalently) `ptr::from_exposed_addr`," + "This program is using integer-to-pointer casts or (equivalently) `ptr::with_exposed_provenance`," ), ), ( @@ -597,7 +597,7 @@ impl<'mir, 'tcx> MiriMachine<'mir, 'tcx> { ( None, format!( - "See https://doc.rust-lang.org/nightly/std/ptr/fn.from_exposed_addr.html for more details on that operation." + "See https://doc.rust-lang.org/nightly/std/ptr/fn.with_exposed_provenance.html for more details on that operation." ), ), ( @@ -609,7 +609,7 @@ impl<'mir, 'tcx> MiriMachine<'mir, 'tcx> { ( None, format!( - "You can then pass the `-Zmiri-strict-provenance` flag to Miri, to ensure you are not relying on `from_exposed_addr` semantics." + "You can then pass the `-Zmiri-strict-provenance` flag to Miri, to ensure you are not relying on `with_exposed_provenance` semantics." ), ), ( diff --git a/src/tools/miri/tests/fail/provenance/ptr_int_unexposed.rs b/src/tools/miri/tests/fail/provenance/ptr_int_unexposed.rs index 20fd330699890..f89378fcb3c4c 100644 --- a/src/tools/miri/tests/fail/provenance/ptr_int_unexposed.rs +++ b/src/tools/miri/tests/fail/provenance/ptr_int_unexposed.rs @@ -7,6 +7,6 @@ fn main() { let x_usize: usize = x_ptr.addr(); // Cast back an address that did *not* get exposed. - let ptr = std::ptr::from_exposed_addr::(x_usize); + let ptr = std::ptr::with_exposed_provenance::(x_usize); assert_eq!(unsafe { *ptr }, 3); //~ ERROR: is a dangling pointer } diff --git a/src/tools/miri/tests/fail/provenance/strict_provenance_cast.rs b/src/tools/miri/tests/fail/provenance/strict_provenance_cast.rs index 106cf4d804b41..d7b54f640f653 100644 --- a/src/tools/miri/tests/fail/provenance/strict_provenance_cast.rs +++ b/src/tools/miri/tests/fail/provenance/strict_provenance_cast.rs @@ -3,5 +3,5 @@ fn main() { let addr = &0 as *const i32 as usize; - let _ptr = std::ptr::from_exposed_addr::(addr); //~ ERROR: integer-to-pointer casts and `ptr::from_exposed_addr` are not supported + let _ptr = std::ptr::with_exposed_provenance::(addr); //~ ERROR: integer-to-pointer casts and `ptr::with_exposed_provenance` are not supported } diff --git a/src/tools/miri/tests/fail/provenance/strict_provenance_cast.stderr b/src/tools/miri/tests/fail/provenance/strict_provenance_cast.stderr index a110ed4ebb218..8c61b66ac4693 100644 --- a/src/tools/miri/tests/fail/provenance/strict_provenance_cast.stderr +++ b/src/tools/miri/tests/fail/provenance/strict_provenance_cast.stderr @@ -1,8 +1,8 @@ -error: unsupported operation: integer-to-pointer casts and `ptr::from_exposed_addr` are not supported with `-Zmiri-strict-provenance` +error: unsupported operation: integer-to-pointer casts and `ptr::with_exposed_provenance` are not supported with `-Zmiri-strict-provenance` --> $DIR/strict_provenance_cast.rs:LL:CC | -LL | let _ptr = std::ptr::from_exposed_addr::(addr); - | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ integer-to-pointer casts and `ptr::from_exposed_addr` are not supported with `-Zmiri-strict-provenance` +LL | let _ptr = std::ptr::with_exposed_provenance::(addr); + | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ integer-to-pointer casts and `ptr::with_exposed_provenance` are not supported with `-Zmiri-strict-provenance` | = help: use Strict Provenance APIs (https://doc.rust-lang.org/nightly/std/ptr/index.html#strict-provenance, https://crates.io/crates/sptr) instead = note: BACKTRACE: diff --git a/src/tools/miri/tests/fail/stacked_borrows/exposed_only_ro.rs b/src/tools/miri/tests/fail/stacked_borrows/exposed_only_ro.rs index b0e4cceb98f36..aa05649d550c7 100644 --- a/src/tools/miri/tests/fail/stacked_borrows/exposed_only_ro.rs +++ b/src/tools/miri/tests/fail/stacked_borrows/exposed_only_ro.rs @@ -7,6 +7,6 @@ fn main() { let mut x = 0; let _fool = &mut x as *mut i32; // this would have fooled the old untagged pointer logic let addr = (&x as *const i32).expose_addr(); - let ptr = std::ptr::from_exposed_addr_mut::(addr); + let ptr = std::ptr::with_exposed_provenance_mut::(addr); unsafe { *ptr = 0 }; //~ ERROR: /write access using .* no exposed tags have suitable permission in the borrow stack/ } diff --git a/src/tools/miri/tests/pass/box.stack.stderr b/src/tools/miri/tests/pass/box.stack.stderr index f6e208cea9a82..1a4d52ee3146f 100644 --- a/src/tools/miri/tests/pass/box.stack.stderr +++ b/src/tools/miri/tests/pass/box.stack.stderr @@ -4,11 +4,11 @@ warning: integer-to-pointer cast LL | let r2 = ((r as usize) + 0) as *mut i32; | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ integer-to-pointer cast | - = help: This program is using integer-to-pointer casts or (equivalently) `ptr::from_exposed_addr`, + = help: This program is using integer-to-pointer casts or (equivalently) `ptr::with_exposed_provenance`, = help: which means that Miri might miss pointer bugs in this program. - = help: See https://doc.rust-lang.org/nightly/std/ptr/fn.from_exposed_addr.html for more details on that operation. + = help: See https://doc.rust-lang.org/nightly/std/ptr/fn.with_exposed_provenance.html for more details on that operation. = help: To ensure that Miri does not miss bugs in your program, use Strict Provenance APIs (https://doc.rust-lang.org/nightly/std/ptr/index.html#strict-provenance, https://crates.io/crates/sptr) instead. - = help: You can then pass the `-Zmiri-strict-provenance` flag to Miri, to ensure you are not relying on `from_exposed_addr` semantics. + = help: You can then pass the `-Zmiri-strict-provenance` flag to Miri, to ensure you are not relying on `with_exposed_provenance` semantics. = help: Alternatively, the `-Zmiri-permissive-provenance` flag disables this warning. = note: BACKTRACE: = note: inside `into_raw` at $DIR/box.rs:LL:CC diff --git a/src/tools/miri/tests/pass/extern_types.stack.stderr b/src/tools/miri/tests/pass/extern_types.stack.stderr index 2e18f69305896..275d718129b4e 100644 --- a/src/tools/miri/tests/pass/extern_types.stack.stderr +++ b/src/tools/miri/tests/pass/extern_types.stack.stderr @@ -4,11 +4,11 @@ warning: integer-to-pointer cast LL | let x: &Foo = unsafe { &*(16 as *const Foo) }; | ^^^^^^^^^^^^^^^^^^ integer-to-pointer cast | - = help: This program is using integer-to-pointer casts or (equivalently) `ptr::from_exposed_addr`, + = help: This program is using integer-to-pointer casts or (equivalently) `ptr::with_exposed_provenance`, = help: which means that Miri might miss pointer bugs in this program. - = help: See https://doc.rust-lang.org/nightly/std/ptr/fn.from_exposed_addr.html for more details on that operation. + = help: See https://doc.rust-lang.org/nightly/std/ptr/fn.with_exposed_provenance.html for more details on that operation. = help: To ensure that Miri does not miss bugs in your program, use Strict Provenance APIs (https://doc.rust-lang.org/nightly/std/ptr/index.html#strict-provenance, https://crates.io/crates/sptr) instead. - = help: You can then pass the `-Zmiri-strict-provenance` flag to Miri, to ensure you are not relying on `from_exposed_addr` semantics. + = help: You can then pass the `-Zmiri-strict-provenance` flag to Miri, to ensure you are not relying on `with_exposed_provenance` semantics. = help: Alternatively, the `-Zmiri-permissive-provenance` flag disables this warning. = note: BACKTRACE: = note: inside `main` at $DIR/extern_types.rs:LL:CC diff --git a/src/tools/miri/tests/pass/portable-simd-ptrs.rs b/src/tools/miri/tests/pass/portable-simd-ptrs.rs index 70ba5636c600e..3b2d221bd8ea9 100644 --- a/src/tools/miri/tests/pass/portable-simd-ptrs.rs +++ b/src/tools/miri/tests/pass/portable-simd-ptrs.rs @@ -8,5 +8,5 @@ fn main() { // Pointer casts let _val: Simd<*const u8, 4> = Simd::<*const i32, 4>::splat(ptr::null()).cast(); let addrs = Simd::<*const i32, 4>::splat(ptr::null()).expose_addr(); - let _ptrs = Simd::<*const i32, 4>::from_exposed_addr(addrs); + let _ptrs = Simd::<*const i32, 4>::with_exposed_provenance(addrs); } diff --git a/src/tools/miri/tests/pass/ptr_int_from_exposed.rs b/src/tools/miri/tests/pass/ptr_int_from_exposed.rs index d8d57679e6b36..8555de986f067 100644 --- a/src/tools/miri/tests/pass/ptr_int_from_exposed.rs +++ b/src/tools/miri/tests/pass/ptr_int_from_exposed.rs @@ -12,7 +12,7 @@ fn ptr_roundtrip_out_of_bounds() { let x_usize = x_ptr.wrapping_offset(128).expose_addr(); - let ptr = ptr::from_exposed_addr::(x_usize).wrapping_offset(-128); + let ptr = ptr::with_exposed_provenance::(x_usize).wrapping_offset(-128); assert_eq!(unsafe { *ptr }, 3); } @@ -27,7 +27,7 @@ fn ptr_roundtrip_confusion() { let x_usize = x_ptr.expose_addr(); let y_usize = y_ptr.expose_addr(); - let ptr = ptr::from_exposed_addr::(y_usize); + let ptr = ptr::with_exposed_provenance::(y_usize); let ptr = ptr.with_addr(x_usize); assert_eq!(unsafe { *ptr }, 0); } @@ -39,7 +39,7 @@ fn ptr_roundtrip_imperfect() { let x_usize = x_ptr.expose_addr() + 128; - let ptr = ptr::from_exposed_addr::(x_usize).wrapping_offset(-128); + let ptr = ptr::with_exposed_provenance::(x_usize).wrapping_offset(-128); assert_eq!(unsafe { *ptr }, 3); } @@ -51,7 +51,7 @@ fn ptr_roundtrip_null() { let null = x_null_ptr.expose_addr(); assert_eq!(null, 0); - let x_null_ptr_copy = ptr::from_exposed_addr::(null); // just a roundtrip, so has provenance of x (angelically) + let x_null_ptr_copy = ptr::with_exposed_provenance::(null); // just a roundtrip, so has provenance of x (angelically) let x_ptr_copy = x_null_ptr_copy.with_addr(x_ptr.addr()); // addr of x and provenance of x assert_eq!(unsafe { *x_ptr_copy }, 42); } diff --git a/src/tools/miri/tests/pass/stacked-borrows/int-to-ptr.rs b/src/tools/miri/tests/pass/stacked-borrows/int-to-ptr.rs index e467356dd04ba..5622bf186545b 100644 --- a/src/tools/miri/tests/pass/stacked-borrows/int-to-ptr.rs +++ b/src/tools/miri/tests/pass/stacked-borrows/int-to-ptr.rs @@ -39,7 +39,7 @@ fn example(variant: bool) { // 4 is the "obvious" choice (topmost tag, what we used to do with untagged pointers). // And indeed if `variant == true` it is the only possible choice. // But if `variant == false` then 2 is the only possible choice! - let x_wildcard = ptr::from_exposed_addr_mut::(x_raw2_addr); + let x_wildcard = ptr::with_exposed_provenance_mut::(x_raw2_addr); if variant { // If we picked 2, this will invalidate 3. diff --git a/src/tools/miri/tests/pass/stacked-borrows/issue-miri-2389.stderr b/src/tools/miri/tests/pass/stacked-borrows/issue-miri-2389.stderr index f3ba052ae5130..7cbfad3942b32 100644 --- a/src/tools/miri/tests/pass/stacked-borrows/issue-miri-2389.stderr +++ b/src/tools/miri/tests/pass/stacked-borrows/issue-miri-2389.stderr @@ -4,11 +4,11 @@ warning: integer-to-pointer cast LL | let wildcard = &root0 as *const Cell as usize as *const Cell; | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ integer-to-pointer cast | - = help: This program is using integer-to-pointer casts or (equivalently) `ptr::from_exposed_addr`, + = help: This program is using integer-to-pointer casts or (equivalently) `ptr::with_exposed_provenance`, = help: which means that Miri might miss pointer bugs in this program. - = help: See https://doc.rust-lang.org/nightly/std/ptr/fn.from_exposed_addr.html for more details on that operation. + = help: See https://doc.rust-lang.org/nightly/std/ptr/fn.with_exposed_provenance.html for more details on that operation. = help: To ensure that Miri does not miss bugs in your program, use Strict Provenance APIs (https://doc.rust-lang.org/nightly/std/ptr/index.html#strict-provenance, https://crates.io/crates/sptr) instead. - = help: You can then pass the `-Zmiri-strict-provenance` flag to Miri, to ensure you are not relying on `from_exposed_addr` semantics. + = help: You can then pass the `-Zmiri-strict-provenance` flag to Miri, to ensure you are not relying on `with_exposed_provenance` semantics. = help: Alternatively, the `-Zmiri-permissive-provenance` flag disables this warning. = note: BACKTRACE: = note: inside `main` at $DIR/issue-miri-2389.rs:LL:CC diff --git a/src/tools/miri/tests/pass/stacked-borrows/unknown-bottom-gc.rs b/src/tools/miri/tests/pass/stacked-borrows/unknown-bottom-gc.rs index 5bb4e879c3e44..6e177a6e4abb3 100644 --- a/src/tools/miri/tests/pass/stacked-borrows/unknown-bottom-gc.rs +++ b/src/tools/miri/tests/pass/stacked-borrows/unknown-bottom-gc.rs @@ -9,7 +9,7 @@ fn main() { // Expose the allocation and use the exposed pointer, creating an unknown bottom unsafe { - let p: *mut u8 = ptr::from_exposed_addr::(ptr.expose_addr()) as *mut u8; + let p: *mut u8 = ptr::with_exposed_provenance::(ptr.expose_addr()) as *mut u8; *p = 1; } diff --git a/tests/ui/lint/lint-strict-provenance-fuzzy-casts.stderr b/tests/ui/lint/lint-strict-provenance-fuzzy-casts.stderr index 0b12897427586..24f2500abf82c 100644 --- a/tests/ui/lint/lint-strict-provenance-fuzzy-casts.stderr +++ b/tests/ui/lint/lint-strict-provenance-fuzzy-casts.stderr @@ -4,7 +4,7 @@ error: strict provenance disallows casting integer `usize` to pointer `*const u8 LL | let dangling = 16_usize as *const u8; | ^^^^^^^^^^^^^^^^^^^^^ | - = help: if you can't comply with strict provenance and don't have a pointer with the correct provenance you can use `std::ptr::from_exposed_addr()` instead + = help: if you can't comply with strict provenance and don't have a pointer with the correct provenance you can use `std::ptr::with_exposed_provenance()` instead note: the lint level is defined here --> $DIR/lint-strict-provenance-fuzzy-casts.rs:2:9 | diff --git a/tests/ui/simd/intrinsic/ptr-cast.rs b/tests/ui/simd/intrinsic/ptr-cast.rs index 83d86baf334a7..40c782c153eb0 100644 --- a/tests/ui/simd/intrinsic/ptr-cast.rs +++ b/tests/ui/simd/intrinsic/ptr-cast.rs @@ -24,10 +24,10 @@ fn main() { let exposed_addr: V = simd_expose_addr(const_ptrs); - let from_exposed_addr: V<*mut i8> = simd_from_exposed_addr(exposed_addr); + let with_exposed_provenance: V<*mut i8> = simd_from_exposed_addr(exposed_addr); assert!(const_ptrs.0 == [ptr as *const u8, core::ptr::null()]); assert!(exposed_addr.0 == [ptr as usize, 0]); - assert!(from_exposed_addr.0 == ptrs.0); + assert!(with_exposed_provenance.0 == ptrs.0); } } From 038e7c6c38b9e1713fb258c783441bb0102b8492 Mon Sep 17 00:00:00 2001 From: Ralf Jung Date: Sat, 23 Mar 2024 12:21:20 +0100 Subject: [PATCH 2/3] rename MIR int2ptr casts to match library name --- compiler/rustc_borrowck/src/type_check/mod.rs | 4 ++-- compiler/rustc_codegen_cranelift/src/base.rs | 2 +- compiler/rustc_codegen_ssa/src/mir/rvalue.rs | 2 +- compiler/rustc_const_eval/src/interpret/cast.rs | 2 +- compiler/rustc_const_eval/src/transform/check_consts/check.rs | 2 +- compiler/rustc_const_eval/src/transform/validate.rs | 2 +- compiler/rustc_middle/src/mir/statement.rs | 2 +- compiler/rustc_middle/src/mir/syntax.rs | 2 +- compiler/rustc_middle/src/ty/cast.rs | 2 +- compiler/rustc_smir/src/rustc_smir/convert/mir.rs | 2 +- compiler/stable_mir/src/mir/body.rs | 2 +- src/tools/clippy/clippy_utils/src/qualify_min_const_fn.rs | 2 +- .../building/custom/as_cast.int_to_ptr.built.after.mir | 2 +- tests/mir-opt/const_prop/reify_fn_ptr.main.GVN.diff | 2 +- tests/mir-opt/const_prop/reify_fn_ptr.rs | 2 +- 15 files changed, 16 insertions(+), 16 deletions(-) diff --git a/compiler/rustc_borrowck/src/type_check/mod.rs b/compiler/rustc_borrowck/src/type_check/mod.rs index 700b5e13dec90..60596ca58d889 100644 --- a/compiler/rustc_borrowck/src/type_check/mod.rs +++ b/compiler/rustc_borrowck/src/type_check/mod.rs @@ -2263,7 +2263,7 @@ impl<'a, 'tcx> TypeChecker<'a, 'tcx> { } } - CastKind::PointerFromExposedAddress => { + CastKind::PointerWithExposedProvenance => { let ty_from = op.ty(body, tcx); let cast_ty_from = CastTy::from_ty(ty_from); let cast_ty_to = CastTy::from_ty(*ty); @@ -2273,7 +2273,7 @@ impl<'a, 'tcx> TypeChecker<'a, 'tcx> { span_mirbug!( self, rvalue, - "Invalid PointerFromExposedAddress cast {:?} -> {:?}", + "Invalid PointerWithExposedProvenance cast {:?} -> {:?}", ty_from, ty ) diff --git a/compiler/rustc_codegen_cranelift/src/base.rs b/compiler/rustc_codegen_cranelift/src/base.rs index 047dc56a32ead..e7823013260b6 100644 --- a/compiler/rustc_codegen_cranelift/src/base.rs +++ b/compiler/rustc_codegen_cranelift/src/base.rs @@ -642,7 +642,7 @@ fn codegen_stmt<'tcx>( | CastKind::FnPtrToPtr | CastKind::PtrToPtr | CastKind::PointerExposeAddress - | CastKind::PointerFromExposedAddress, + | CastKind::PointerWithExposedProvenance, ref operand, to_ty, ) => { diff --git a/compiler/rustc_codegen_ssa/src/mir/rvalue.rs b/compiler/rustc_codegen_ssa/src/mir/rvalue.rs index 15f2e0e56d86d..af6ea596a218f 100644 --- a/compiler/rustc_codegen_ssa/src/mir/rvalue.rs +++ b/compiler/rustc_codegen_ssa/src/mir/rvalue.rs @@ -508,7 +508,7 @@ impl<'a, 'tcx, Bx: BuilderMethods<'a, 'tcx>> FunctionCx<'a, 'tcx, Bx> { // Since int2ptr can have arbitrary integer types as input (so we have to do // sign extension and all that), it is currently best handled in the same code // path as the other integer-to-X casts. - | mir::CastKind::PointerFromExposedAddress => { + | mir::CastKind::PointerWithExposedProvenance => { assert!(bx.cx().is_backend_immediate(cast)); let ll_t_out = bx.cx().immediate_backend_type(cast); if operand.layout.abi.is_uninhabited() { diff --git a/compiler/rustc_const_eval/src/interpret/cast.rs b/compiler/rustc_const_eval/src/interpret/cast.rs index bbf11f169f989..3b2b54eb83965 100644 --- a/compiler/rustc_const_eval/src/interpret/cast.rs +++ b/compiler/rustc_const_eval/src/interpret/cast.rs @@ -40,7 +40,7 @@ impl<'mir, 'tcx: 'mir, M: Machine<'mir, 'tcx>> InterpCx<'mir, 'tcx, M> { self.write_immediate(*res, dest)?; } - CastKind::PointerFromExposedAddress => { + CastKind::PointerWithExposedProvenance => { let src = self.read_immediate(src)?; let res = self.pointer_from_exposed_address_cast(&src, cast_layout)?; self.write_immediate(*res, dest)?; diff --git a/compiler/rustc_const_eval/src/transform/check_consts/check.rs b/compiler/rustc_const_eval/src/transform/check_consts/check.rs index a93e8138aa412..51dd556bbb961 100644 --- a/compiler/rustc_const_eval/src/transform/check_consts/check.rs +++ b/compiler/rustc_const_eval/src/transform/check_consts/check.rs @@ -547,7 +547,7 @@ impl<'tcx> Visitor<'tcx> for Checker<'_, 'tcx> { Rvalue::Cast(CastKind::PointerExposeAddress, _, _) => { self.check_op(ops::RawPtrToIntCast); } - Rvalue::Cast(CastKind::PointerFromExposedAddress, _, _) => { + Rvalue::Cast(CastKind::PointerWithExposedProvenance, _, _) => { // Since no pointer can ever get exposed (rejected above), this is easy to support. } diff --git a/compiler/rustc_const_eval/src/transform/validate.rs b/compiler/rustc_const_eval/src/transform/validate.rs index 4bc49f906070d..bff8db66f6838 100644 --- a/compiler/rustc_const_eval/src/transform/validate.rs +++ b/compiler/rustc_const_eval/src/transform/validate.rs @@ -1057,7 +1057,7 @@ impl<'a, 'tcx> Visitor<'tcx> for TypeChecker<'a, 'tcx> { // FIXME(dyn-star): make sure nothing needs to be done here. } // FIXME: Add Checks for these - CastKind::PointerFromExposedAddress + CastKind::PointerWithExposedProvenance | CastKind::PointerExposeAddress | CastKind::PointerCoercion(_) => {} CastKind::IntToInt | CastKind::IntToFloat => { diff --git a/compiler/rustc_middle/src/mir/statement.rs b/compiler/rustc_middle/src/mir/statement.rs index f929a5cec2533..947764307e498 100644 --- a/compiler/rustc_middle/src/mir/statement.rs +++ b/compiler/rustc_middle/src/mir/statement.rs @@ -426,7 +426,7 @@ impl<'tcx> Rvalue<'tcx> { | CastKind::FnPtrToPtr | CastKind::PtrToPtr | CastKind::PointerCoercion(_) - | CastKind::PointerFromExposedAddress + | CastKind::PointerWithExposedProvenance | CastKind::DynStar | CastKind::Transmute, _, diff --git a/compiler/rustc_middle/src/mir/syntax.rs b/compiler/rustc_middle/src/mir/syntax.rs index a9dd59f0f3e3e..a9689d08ddcf9 100644 --- a/compiler/rustc_middle/src/mir/syntax.rs +++ b/compiler/rustc_middle/src/mir/syntax.rs @@ -1319,7 +1319,7 @@ pub enum CastKind { PointerExposeAddress, /// An address-to-pointer cast that picks up an exposed provenance. /// See the docs on `with_exposed_provenance` for more details. - PointerFromExposedAddress, + PointerWithExposedProvenance, /// Pointer related casts that are done by coercions. Note that reference-to-raw-ptr casts are /// translated into `&raw mut/const *r`, i.e., they are not actually casts. PointerCoercion(PointerCoercion), diff --git a/compiler/rustc_middle/src/ty/cast.rs b/compiler/rustc_middle/src/ty/cast.rs index 50d629120ab5e..9bdc679d4e5b3 100644 --- a/compiler/rustc_middle/src/ty/cast.rs +++ b/compiler/rustc_middle/src/ty/cast.rs @@ -85,7 +85,7 @@ pub fn mir_cast_kind<'tcx>(from_ty: Ty<'tcx>, cast_ty: Ty<'tcx>) -> mir::CastKin (Some(CastTy::Ptr(_) | CastTy::FnPtr), Some(CastTy::Int(_))) => { mir::CastKind::PointerExposeAddress } - (Some(CastTy::Int(_)), Some(CastTy::Ptr(_))) => mir::CastKind::PointerFromExposedAddress, + (Some(CastTy::Int(_)), Some(CastTy::Ptr(_))) => mir::CastKind::PointerWithExposedProvenance, (_, Some(CastTy::DynStar)) => mir::CastKind::DynStar, (Some(CastTy::Int(_)), Some(CastTy::Int(_))) => mir::CastKind::IntToInt, (Some(CastTy::FnPtr), Some(CastTy::Ptr(_))) => mir::CastKind::FnPtrToPtr, diff --git a/compiler/rustc_smir/src/rustc_smir/convert/mir.rs b/compiler/rustc_smir/src/rustc_smir/convert/mir.rs index c0876adf90509..571de5f4fbfa7 100644 --- a/compiler/rustc_smir/src/rustc_smir/convert/mir.rs +++ b/compiler/rustc_smir/src/rustc_smir/convert/mir.rs @@ -274,7 +274,7 @@ impl<'tcx> Stable<'tcx> for mir::CastKind { use rustc_middle::mir::CastKind::*; match self { PointerExposeAddress => stable_mir::mir::CastKind::PointerExposeAddress, - PointerFromExposedAddress => stable_mir::mir::CastKind::PointerFromExposedAddress, + PointerWithExposedProvenance => stable_mir::mir::CastKind::PointerWithExposedProvenance, PointerCoercion(c) => stable_mir::mir::CastKind::PointerCoercion(c.stable(tables)), DynStar => stable_mir::mir::CastKind::DynStar, IntToInt => stable_mir::mir::CastKind::IntToInt, diff --git a/compiler/stable_mir/src/mir/body.rs b/compiler/stable_mir/src/mir/body.rs index e4a012d8c4774..86c2543aea315 100644 --- a/compiler/stable_mir/src/mir/body.rs +++ b/compiler/stable_mir/src/mir/body.rs @@ -968,7 +968,7 @@ pub enum PointerCoercion { #[derive(Copy, Clone, Debug, Eq, PartialEq)] pub enum CastKind { PointerExposeAddress, - PointerFromExposedAddress, + PointerWithExposedProvenance, PointerCoercion(PointerCoercion), DynStar, IntToInt, diff --git a/src/tools/clippy/clippy_utils/src/qualify_min_const_fn.rs b/src/tools/clippy/clippy_utils/src/qualify_min_const_fn.rs index dadb0d662ce8f..0c4260037f23c 100644 --- a/src/tools/clippy/clippy_utils/src/qualify_min_const_fn.rs +++ b/src/tools/clippy/clippy_utils/src/qualify_min_const_fn.rs @@ -112,7 +112,7 @@ fn check_rvalue<'tcx>( Rvalue::Repeat(operand, _) | Rvalue::Use(operand) | Rvalue::Cast( - CastKind::PointerFromExposedAddress + CastKind::PointerWithExposedProvenance | CastKind::IntToInt | CastKind::FloatToInt | CastKind::IntToFloat diff --git a/tests/mir-opt/building/custom/as_cast.int_to_ptr.built.after.mir b/tests/mir-opt/building/custom/as_cast.int_to_ptr.built.after.mir index 0dc46d61effb7..faff79e8c5786 100644 --- a/tests/mir-opt/building/custom/as_cast.int_to_ptr.built.after.mir +++ b/tests/mir-opt/building/custom/as_cast.int_to_ptr.built.after.mir @@ -4,7 +4,7 @@ fn int_to_ptr(_1: usize) -> *const i32 { let mut _0: *const i32; bb0: { - _0 = _1 as *const i32 (PointerFromExposedAddress); + _0 = _1 as *const i32 (PointerWithExposedProvenance); return; } } diff --git a/tests/mir-opt/const_prop/reify_fn_ptr.main.GVN.diff b/tests/mir-opt/const_prop/reify_fn_ptr.main.GVN.diff index cde0cb32f7563..2f76e74a3f878 100644 --- a/tests/mir-opt/const_prop/reify_fn_ptr.main.GVN.diff +++ b/tests/mir-opt/const_prop/reify_fn_ptr.main.GVN.diff @@ -16,7 +16,7 @@ _3 = main as fn() (PointerCoercion(ReifyFnPointer)); _2 = move _3 as usize (PointerExposeAddress); StorageDead(_3); - _1 = move _2 as *const fn() (PointerFromExposedAddress); + _1 = move _2 as *const fn() (PointerWithExposedProvenance); StorageDead(_2); StorageDead(_1); _0 = const (); diff --git a/tests/mir-opt/const_prop/reify_fn_ptr.rs b/tests/mir-opt/const_prop/reify_fn_ptr.rs index ad73b08421955..4e897d2276803 100644 --- a/tests/mir-opt/const_prop/reify_fn_ptr.rs +++ b/tests/mir-opt/const_prop/reify_fn_ptr.rs @@ -5,6 +5,6 @@ fn main() { // CHECK-LABEL: fn main( // CHECK: [[ptr:_.*]] = main as fn() (PointerCoercion(ReifyFnPointer)); // CHECK: [[addr:_.*]] = move [[ptr]] as usize (PointerExposeAddress); - // CHECK: [[back:_.*]] = move [[addr]] as *const fn() (PointerFromExposedAddress); + // CHECK: [[back:_.*]] = move [[addr]] as *const fn() (PointerWithExposedProvenance); let _ = main as usize as *const fn(); } From f2cff5ebb9ebc9712eec88dd5ec578f76efb33bc Mon Sep 17 00:00:00 2001 From: Ralf Jung Date: Sat, 23 Mar 2024 23:00:53 +0100 Subject: [PATCH 3/3] also rename the SIMD intrinsic --- compiler/rustc_codegen_cranelift/src/intrinsics/simd.rs | 2 +- compiler/rustc_codegen_llvm/src/intrinsic.rs | 2 +- compiler/rustc_const_eval/src/interpret/cast.rs | 4 ++-- compiler/rustc_hir_analysis/src/check/intrinsic.rs | 2 +- compiler/rustc_span/src/symbol.rs | 2 +- library/core/src/intrinsics/simd.rs | 7 +++++++ .../crates/core_simd/src/simd/ptr/const_ptr.rs | 2 +- .../portable-simd/crates/core_simd/src/simd/ptr/mut_ptr.rs | 2 +- src/tools/miri/src/shims/intrinsics/simd.rs | 6 +++--- tests/ui/simd/intrinsic/ptr-cast.rs | 4 ++-- 10 files changed, 20 insertions(+), 13 deletions(-) diff --git a/compiler/rustc_codegen_cranelift/src/intrinsics/simd.rs b/compiler/rustc_codegen_cranelift/src/intrinsics/simd.rs index 4d55a95aa9db7..783ad5d1dd1fc 100644 --- a/compiler/rustc_codegen_cranelift/src/intrinsics/simd.rs +++ b/compiler/rustc_codegen_cranelift/src/intrinsics/simd.rs @@ -965,7 +965,7 @@ pub(super) fn codegen_simd_intrinsic_call<'tcx>( }); } - sym::simd_expose_addr | sym::simd_from_exposed_addr | sym::simd_cast_ptr => { + sym::simd_expose_addr | sym::simd_with_exposed_provenance | sym::simd_cast_ptr => { intrinsic_args!(fx, args => (arg); intrinsic); ret.write_cvalue_transmute(fx, arg); } diff --git a/compiler/rustc_codegen_llvm/src/intrinsic.rs b/compiler/rustc_codegen_llvm/src/intrinsic.rs index 2409b2e78d736..c7067093c581d 100644 --- a/compiler/rustc_codegen_llvm/src/intrinsic.rs +++ b/compiler/rustc_codegen_llvm/src/intrinsic.rs @@ -2133,7 +2133,7 @@ fn generic_simd_intrinsic<'ll, 'tcx>( return Ok(bx.ptrtoint(args[0].immediate(), llret_ty)); } - if name == sym::simd_from_exposed_addr { + if name == sym::simd_with_exposed_provenance { let (out_len, out_elem) = require_simd!(ret_ty, SimdReturn); require!( in_len == out_len, diff --git a/compiler/rustc_const_eval/src/interpret/cast.rs b/compiler/rustc_const_eval/src/interpret/cast.rs index 3b2b54eb83965..e0d45f1fe1146 100644 --- a/compiler/rustc_const_eval/src/interpret/cast.rs +++ b/compiler/rustc_const_eval/src/interpret/cast.rs @@ -42,7 +42,7 @@ impl<'mir, 'tcx: 'mir, M: Machine<'mir, 'tcx>> InterpCx<'mir, 'tcx, M> { CastKind::PointerWithExposedProvenance => { let src = self.read_immediate(src)?; - let res = self.pointer_from_exposed_address_cast(&src, cast_layout)?; + let res = self.pointer_with_exposed_provenance_cast(&src, cast_layout)?; self.write_immediate(*res, dest)?; } @@ -242,7 +242,7 @@ impl<'mir, 'tcx: 'mir, M: Machine<'mir, 'tcx>> InterpCx<'mir, 'tcx, M> { Ok(ImmTy::from_scalar(self.cast_from_int_like(scalar, src.layout, cast_to.ty)?, cast_to)) } - pub fn pointer_from_exposed_address_cast( + pub fn pointer_with_exposed_provenance_cast( &self, src: &ImmTy<'tcx, M::Provenance>, cast_to: TyAndLayout<'tcx>, diff --git a/compiler/rustc_hir_analysis/src/check/intrinsic.rs b/compiler/rustc_hir_analysis/src/check/intrinsic.rs index 0b526a8c97753..fc551693dd143 100644 --- a/compiler/rustc_hir_analysis/src/check/intrinsic.rs +++ b/compiler/rustc_hir_analysis/src/check/intrinsic.rs @@ -623,7 +623,7 @@ pub fn check_intrinsic_type( | sym::simd_as | sym::simd_cast_ptr | sym::simd_expose_addr - | sym::simd_from_exposed_addr => (2, 0, vec![param(0)], param(1)), + | sym::simd_with_exposed_provenance => (2, 0, vec![param(0)], param(1)), sym::simd_bitmask => (2, 0, vec![param(0)], param(1)), sym::simd_select | sym::simd_select_bitmask => { (2, 0, vec![param(0), param(1), param(1)], param(1)) diff --git a/compiler/rustc_span/src/symbol.rs b/compiler/rustc_span/src/symbol.rs index b6c07e8737fc2..34743d53133ac 100644 --- a/compiler/rustc_span/src/symbol.rs +++ b/compiler/rustc_span/src/symbol.rs @@ -1649,7 +1649,6 @@ symbols! { simd_fmin, simd_fpow, simd_fpowi, - simd_from_exposed_addr, simd_fsin, simd_fsqrt, simd_gather, @@ -1688,6 +1687,7 @@ symbols! { simd_shuffle_generic, simd_sub, simd_trunc, + simd_with_exposed_provenance, simd_xor, since, sinf128, diff --git a/library/core/src/intrinsics/simd.rs b/library/core/src/intrinsics/simd.rs index b69f4f853b990..f28ba84f7e956 100644 --- a/library/core/src/intrinsics/simd.rs +++ b/library/core/src/intrinsics/simd.rs @@ -549,6 +549,10 @@ extern "rust-intrinsic" { /// /// `U` must be a vector of pointers, with the same length as `T`. #[rustc_nounwind] + #[cfg(not(bootstrap))] + pub fn simd_with_exposed_provenance(addr: T) -> U; + #[rustc_nounwind] + #[cfg(bootstrap)] pub fn simd_from_exposed_addr(addr: T) -> U; /// Swap bytes of each element. @@ -655,3 +659,6 @@ extern "rust-intrinsic" { #[rustc_nounwind] pub fn simd_flog(a: T) -> T; } + +#[cfg(bootstrap)] +pub use simd_from_exposed_addr as simd_with_exposed_provenance; diff --git a/library/portable-simd/crates/core_simd/src/simd/ptr/const_ptr.rs b/library/portable-simd/crates/core_simd/src/simd/ptr/const_ptr.rs index 3ec9fccbff954..4d2fe999ca6fe 100644 --- a/library/portable-simd/crates/core_simd/src/simd/ptr/const_ptr.rs +++ b/library/portable-simd/crates/core_simd/src/simd/ptr/const_ptr.rs @@ -139,7 +139,7 @@ where #[inline] fn with_exposed_provenance(addr: Self::Usize) -> Self { // Safety: `self` is a pointer vector - unsafe { core::intrinsics::simd::simd_from_exposed_addr(addr) } + unsafe { core::intrinsics::simd::simd_with_exposed_provenance(addr) } } #[inline] diff --git a/library/portable-simd/crates/core_simd/src/simd/ptr/mut_ptr.rs b/library/portable-simd/crates/core_simd/src/simd/ptr/mut_ptr.rs index 1142839e213b9..b3437b9c49966 100644 --- a/library/portable-simd/crates/core_simd/src/simd/ptr/mut_ptr.rs +++ b/library/portable-simd/crates/core_simd/src/simd/ptr/mut_ptr.rs @@ -136,7 +136,7 @@ where #[inline] fn with_exposed_provenance(addr: Self::Usize) -> Self { // Safety: `self` is a pointer vector - unsafe { core::intrinsics::simd::simd_from_exposed_addr(addr) } + unsafe { core::intrinsics::simd::simd_with_exposed_provenance(addr) } } #[inline] diff --git a/src/tools/miri/src/shims/intrinsics/simd.rs b/src/tools/miri/src/shims/intrinsics/simd.rs index c97a052f51715..d10444b70ef9e 100644 --- a/src/tools/miri/src/shims/intrinsics/simd.rs +++ b/src/tools/miri/src/shims/intrinsics/simd.rs @@ -484,7 +484,7 @@ pub trait EvalContextExt<'mir, 'tcx: 'mir>: crate::MiriInterpCxExt<'mir, 'tcx> { dest.transmute(this.machine.layouts.uint(dest.layout.size).unwrap(), this)?; this.write_int(res, &dest)?; } - "cast" | "as" | "cast_ptr" | "expose_addr" | "from_exposed_addr" => { + "cast" | "as" | "cast_ptr" | "expose_addr" | "with_exposed_provenance" => { let [op] = check_arg_count(args)?; let (op, op_len) = this.operand_to_simd(op)?; let (dest, dest_len) = this.mplace_to_simd(dest)?; @@ -495,7 +495,7 @@ pub trait EvalContextExt<'mir, 'tcx: 'mir>: crate::MiriInterpCxExt<'mir, 'tcx> { let safe_cast = intrinsic_name == "as"; let ptr_cast = intrinsic_name == "cast_ptr"; let expose_cast = intrinsic_name == "expose_addr"; - let from_exposed_cast = intrinsic_name == "from_exposed_addr"; + let from_exposed_cast = intrinsic_name == "with_exposed_provenance"; for i in 0..dest_len { let op = this.read_immediate(&this.project_index(&op, i)?)?; @@ -529,7 +529,7 @@ pub trait EvalContextExt<'mir, 'tcx: 'mir>: crate::MiriInterpCxExt<'mir, 'tcx> { (ty::RawPtr(..), ty::Int(_) | ty::Uint(_)) if expose_cast => this.pointer_expose_address_cast(&op, dest.layout)?, (ty::Int(_) | ty::Uint(_), ty::RawPtr(..)) if from_exposed_cast => - this.pointer_from_exposed_address_cast(&op, dest.layout)?, + this.pointer_with_exposed_provenance_cast(&op, dest.layout)?, // Error otherwise _ => throw_unsup_format!( diff --git a/tests/ui/simd/intrinsic/ptr-cast.rs b/tests/ui/simd/intrinsic/ptr-cast.rs index 40c782c153eb0..628203462414a 100644 --- a/tests/ui/simd/intrinsic/ptr-cast.rs +++ b/tests/ui/simd/intrinsic/ptr-cast.rs @@ -5,7 +5,7 @@ extern "rust-intrinsic" { fn simd_cast_ptr(x: T) -> U; fn simd_expose_addr(x: T) -> U; - fn simd_from_exposed_addr(x: T) -> U; + fn simd_with_exposed_provenance(x: T) -> U; } #[derive(Copy, Clone)] @@ -24,7 +24,7 @@ fn main() { let exposed_addr: V = simd_expose_addr(const_ptrs); - let with_exposed_provenance: V<*mut i8> = simd_from_exposed_addr(exposed_addr); + let with_exposed_provenance: V<*mut i8> = simd_with_exposed_provenance(exposed_addr); assert!(const_ptrs.0 == [ptr as *const u8, core::ptr::null()]); assert!(exposed_addr.0 == [ptr as usize, 0]);