support c-variadic functions in rustc_const_eval

[folkertdev]

tracking issue: #44930

The new GlobalAlloc::VaList is used to create an AllocId that represents the variable argument list of a frame. The allocation itself does not store any data, all we need is the unique identifier.

The actual variable argument list is stored in Memory, and keyed by the AllocId. The Frame also stores this AllocId, so that when a frame is popped, it can deallocate the variable arguments.

At "runtime" a VaList value stores a pointer to the global allocation in its first bytes. The provenance on this pointer can be used to retrieve its AllocId, and the offset of the pointer is used to store the index of the next argument to read from the variable argument list.

Miri does not yet support va_arg, but I think that can be done separetely?

r? @RalfJung
cc @workingjubilee

[rust-bors]

☔ The latest upstream changes made this pull request unmergeable. Please resolve the merge conflicts.

[rustbot]

This PR changes rustc_public

cc @oli-obk, @celinval, @ouz-a, @makai410

Some changes occurred to the CTFE machinery

cc @RalfJung, @oli-obk, @lcnr

Some changes occurred in compiler/rustc_codegen_cranelift

cc @bjorn3

Some changes occurred to the CTFE / Miri interpreter

cc @rust-lang/miri

Some changes occurred to the CTFE / Miri interpreter

cc @rust-lang/miri, @RalfJung, @oli-obk, @lcnr

The Miri subtree was changed

cc @rust-lang/miri

Some changes occurred to the intrinsics. Make sure the CTFE / Miri interpreter
gets adapted for the changes, if necessary.

cc @rust-lang/miri, @RalfJung, @oli-obk, @lcnr

Some changes occurred in compiler/rustc_codegen_gcc

cc @antoyo, @GuillaumeGomez

[rust-bors]

☔ The latest upstream changes (presumably #146923) made this pull request unmergeable. Please resolve the merge conflicts.

[folkertdev]

This'll need another rebase once the va_copy/va_end PR merges. I'm mostly wondering

• whether things are in roughly the right place now
• if the tests cover what you'd expect

View changes since this review

[folkertdev]

this code looks kind of rough/unpolished, I'm probably just missing some convenient helpers.

[folkertdev]

I believe this is what we discussed? A copy actually is fine, but using the copy and then the original (or vice versa) is UB.

[RalfJung]

Suggested change

	drop(copy);
	mem::forget(copy);

Does it still catch the UB if you avoid the double-drop?

[folkertdev]

It does, the copy.arg<i32>() deallocates the original allocation, so when the original gets dropped it's referencing a non-existent allocation and that gets reported. I'll add an additional test for it.

[RalfJung]

The test that I expected would call va_arg on op again here, before dropping it. The va_arg should be UB because the iterator was already advanced via the copy.

[folkertdev]

I've also added a test now that first reads from the copy, and then from the original.

[rustbot]

This PR was rebased onto a different main commit. Here's a range-diff highlighting what actually changed.

Rebasing is a normal part of keeping PRs up to date, so no action is needed—this note is just to help reviewers.

[RalfJung]

Oh I see, you have a separate map here to give "meaning" to a VaList allocation... that's the part I missed earlier.

If you have that... why do you even need the new variant in GlobalAlloc? I know I told you to add that, but I also didn't expect a va_list_map field. I like the idea with the field, but it's not clear to me that we need both the field and the new kind of GlobalAlloc.

[folkertdev]

An allocation is still needed to make the pointer. None of the other variants fit nicely I think, but maybe I'm just missing something?

[RalfJung]

A GlobalAlloc is only needed for global allocations, as the name suggests.

[folkertdev]

So, how should I get an AllocId then? something like this?

                    let (alloc_id, _, _) = {
                        let f = self.layout_of(self.tcx.types.unit).unwrap();
                        let mplace = MPlaceTy::fake_alloc_zst(f);
                        let ptr = mplace.ptr();
                        self.ptr_get_alloc_id(ptr, 0)?
                    };

this specifically causes

pointer not dereferenceable: pointer must point to some allocation, but got 0x1[noalloc] which is a dangling pointer (it has no provenance)

[folkertdev]

Other approaches frustratingly create a Pointer instead of a Pointer:<M::Provemance>...

[RalfJung]

Your new va_list_map works basically like the existing extra_fn_ptr_map, so you can copy what we do for that:

rust/compiler/rustc_const_eval/src/interpret/memory.rs

Lines 221 to 222 in 7ec34de

	let id = self.tcx.reserve_alloc_id();
	let old = self.memory.extra_fn_ptr_map.insert(id, extra);

[RalfJung]

Also, please keep va_list_map private to this file and have methods similar to the existing special allocation kinds.

[folkertdev]

With the above, you still get a Pointer<CmseProvenance>. Other code uses global_root_pointer to turn that into a Pointer<M::Provenance>, but that fails when the pointer is not actually a global allocation. Function pointers would still use

pub enum GlobalAlloc<'tcx> {
    /// The alloc ID is used as a function pointer.
    Function { instance: Instance<'tcx> },
    // ...
}

I think?

[folkertdev]

ah, I found the assert that needs to change, nvm.

[RalfJung]

You will have to add a new variant to this enum and take that into account in Miri.

[RalfJung]

@rustbot author
Just so it is explicit when this is ready for review again :)

(I haven't yet had a chance to look at the code in detail, but given the larger structural issues it's probably better tog et those right before I do the detailed review.)

[rustbot]

Reminder, once the PR becomes ready for a review, use @rustbot ready.