miri FnAbi Compatability check

Links to #3842

Feb 09 '25 19:02 geetanshjuneja

I have made changes only in a single place to make sure that this what we want.

Feb 09 '25 19:02 geetanshjuneja

The right approach has to be somewhat similar to what happens for regular function calls in Miri. Basically, we need a helper function that takes a list of types (the expected argument types) and a return type, and then somehow checks that against the FnAbi that is passed around in the Miri shim handling. This likely involved constructing our own FnAbi to compare, and I have no idea how to do that...

For non variadic fn's can't we just simply create FnAbi struct using the types available in docs. The issue only comes for variadic fn's as we dont know the types of the extra args.

Feb 13 '25 13:02 geetanshjuneja

Yes we "just" have to do that but it is not necessarily so easy. :) But we can probably construct a fn ptr type corresponding to the desired signature, and then use fn_abi_of_fn_ptr.

Feb 13 '25 14:02 RalfJung

Yes we "just" have to do that but it is not necessarily so easy. :)

Why can't we directly instantiate an object of FnAbi struct? Also are you talking about this fn_abi_of_fn_ptr ?

Feb 13 '25 15:02 geetanshjuneja

Why can't we instantiate an object of FnAbi struct?

That involves computing a PassMode, and we most definitely do not want to compute those ourselves. We want to use the logic in the Rust compiler for computing those.

Also are you talking about this fn_abi_of_fn_ptr ?

Yes. It can be invoked in Miri via this.fn_abi_of_fn_ptr (where this is an InterpCx).

Feb 13 '25 15:02 RalfJung

To resolve I was thinking of implementing the following things:

Create a fn check_fn_abi which would take a list of input types , an output type and Fnabi that is passed in the miri shim handling. This fn would create a FnSig using the args. Now we will create expected FnAbi using this fn sig and compare it with the input Fnsig. If it doesn't matches throw ub. Now Transmute can be called safely inside shim.

Feb 13 '25 17:02 geetanshjuneja

That sounds like a good plan. There are methods defined in https://github.com/rust-lang/rust/blob/master/compiler/rustc_const_eval/src/interpret/call.rs that are probably useful but have to be made pub before they can be called from Miri.

Feb 13 '25 19:02 RalfJung

There are methods defined in https://github.com/rust-lang/rust/blob/master/compiler/rustc_const_eval/src/interpret/call.rs that are probably useful but have to be made pub before they can be called from Miri.

Are you talking about check_argument_compatmethod here? If yes now then I think we can compare the two FnAbi by iterating over the args of the two abis by calling check_argument_compat method.

Also inputs_and_output field of FnSig requires list as RawList<(), T> so I need to convert given input and output arg slice into RawList<(), T> using from_arena method?

Feb 14 '25 04:02 geetanshjuneja

Are you talking about check_argument_compatmethod here?

Yes.

Also inputs_and_output field of FnSig requires list as RawList<(), T> so I need to convert given input and output arg slice into RawList<(), T> using from_arena method?

You can use these methods: https://doc.rust-lang.org/nightly/nightly-rustc/rustc_middle/ty/?search=mk_type_list.

Feb 14 '25 07:02 RalfJung

I am mostly done with the code now I just need check_argument_compat to be public.

Feb 14 '25 17:02 geetanshjuneja

Okay, please make a PR against the rustc repo to make that function public then. :)

Feb 14 '25 17:02 RalfJung

:umbrella: The latest upstream changes (possibly aec4fff9a88f594ce64f65abe93cc4bc5fc33561) made this pull request unmergeable. Please resolve the merge conflicts.

Feb 16 '25 08:02 rustbot

Please don't do rustup in the middle of a regular PR. I did a regular rustup, so if you rebase your PR should pick that up. :)

Feb 16 '25 18:02 RalfJung

@rustbot author Please post @rustbot ready when the PR is ready for the next round of review.

Feb 16 '25 18:02 RalfJung

@rustbot ready

Feb 17 '25 05:02 geetanshjuneja

Please also add a test.

Feb 18 '25 10:02 RalfJung

@rustbot ready

Feb 18 '25 18:02 geetanshjuneja

@RalfJung plz review I have made the required changes.

Feb 21 '25 08:02 geetanshjuneja

Hey, have some patience. I do this mostly in my free time. You're in the queue, and I will get to your PR eventually. Other people have been patiently waiting a lot more than 3 days.

Feb 21 '25 08:02 RalfJung

Also do I need to add a test for return type mismatch?

Mar 11 '25 09:03 geetanshjuneja

@rustbot author

Mar 11 '25 18:03 RalfJung

@rustbot ready

Mar 11 '25 18:03 geetanshjuneja

Also do I need to add a test for return type mismatch?

Yes please do.

Mar 12 '25 07:03 RalfJung

This looks great, thanks! Please squash the commits, then we can land this. Please use the --keep-base flag when squashing so that the force-push diff is easier to review. Then write @rustbot ready after you pushed the squashed PR.

@rustbot author

Mar 12 '25 15:03 RalfJung

Hmm on my macOS c_char is i8

Mar 12 '25 17:03 geetanshjuneja

Just use c_short instead of c_char.

Mar 12 '25 17:03 RalfJung

Thanks for the PR and the patience. :)

Mar 12 '25 17:03 RalfJung

So the next step would be to use check_shim_abi for non variadic shims? If yes I can work on that as well

Mar 12 '25 18:03 geetanshjuneja

Yeah the next step is to use this for all the existing shims. Please don't do them all in one PR. :) Pick one file, e.g. src/shims/foreign_items.rs, and make a PR just for that. In the first pass, skip any that cause some extra complications.

Mar 12 '25 18:03 RalfJung