analyze: assign fresh PointerIds to Ref and AddressOf rvalues #1028

spernsteiner · 2023-09-25T23:55:32Z

Given code like this:

let p: *mut S = ...;
let q: *mut i32 = &mut (*p).field;

Currently, we produce two PointerIds, one on p and one on q. The rvalue &mut (*p).field has the same PointerId as p, on the assumption that it must always have the same permissions as p itself.

In the pointee analysis, p and &mut (*p).field will usually have different pointee sets ({S} and {i32} respectively). But we'd like to use PointerIds to identify pointers in the pointee analysis, rather than inventing a whole new labeling system. This requires that p and &mut (*p).field have different PointerIds (though in the dataflow analysis, we will add a constraint relating their permissions, so that analysis will still produce identical results).

Actually adding PointerIds for the necessary rvalues is fairly trivial (see b57fa64). The majority of this PR consists of rewriter improvements to let it handle the new PointerIds. In particular, it can now apply rewrites to MIR code arising from expr adjustments. For example:

let arr: [u8; 3] = [0; 3];
let p: *const u8 = arr.as_ptr();

This produces the following MIR:

/*1*/   _1 = [const 0_u8; 3];
/*2*/   _4 = &_1;
/*3*/   _3 = move _4 as &[u8] (PointerCoercion(Unsize));
/*4*/   _2 = core::slice::<impl [u8]>::as_ptr(move _3) -> [return: bb1, unwind continue];

MIR line 1 is the initialization of arr. Line 2 applies a borrow adjustment to arr, line 3 applies an unsizing adjustment, and line 4 actually calls as_ptr. The MIR code produced is as if the programmer had written (&arr as &[u8]).as_ptr() rather than arr.as_ptr(). Previously, if the rewrite::expr::mir_op module tried to introduce rewrites on lines 2 or 3, it would result in an error; with this PR, those rewrites are correctly lifted to HIR (after materializing the adjustments so there is a place in the source code to apply those rewrites).

… subexprs

… the receiver expr

…justment

…ef over Rewrite::AddrOf

spernsteiner · 2023-09-26T17:18:48Z

c2rust-analyze/tests/filecheck/cell.rs

+    // FIXME: The initializers for `r1` and `r2` are rewritten incorrectly.  Neither `s` nor the
+    // `r` field have `Cell` type, and an `&mut T -> &Cell<T>` rewrite is not applied.
+    // XXXXX: let r1: &core::cell::Cell<(R)> = &((*s).r);
    let r1: *mut R = &mut (*s).r;


The previous rewrite of this code was already broken, so I figured it was okay that the new code also breaks here.

aneksteind · 2023-09-28T17:39:21Z

c2rust-analyze/src/rewrite/expr/convert.rs

@@ -166,22 +168,41 @@ impl<'tcx> Visitor<'tcx> for ConvertVisitor<'tcx> {
            }
        };

+        let expr_rws = take_prefix_while(&mut mir_rws, |x: &DistRewrite| {


what invariant does this assume about the ordering of MIR rewrites? what if MirOriginDesc::Expr is the second rewrite in the list, or they aren't all contiguous and a prefix of mir_rws? A comment on this and why a prefix is the correct subsequence to grab would be helpful

Added a comment: 7c17a85

c2rust-analyze/src/rewrite/expr/unlower.rs

…mp_info

…_desc

…xample

spernsteiner · 2023-10-09T23:55:32Z

Addressed all comments so far

spernsteiner added 8 commits September 25, 2023 14:41

analyze: rewrite::convert: stricter handling of Rewrite::Identity and…

1df6c90

… subexprs

analyze: rewrite::distribute: include MirOriginDesc in output

af21133

analyze: rewrite::unlower: associate method receiver adjustments with…

086321d

… the receiver expr

analyze: rewrite::convert: allow applying rewrites after each expr ad…

b38f6cc

…justment

analyze: rewrite::convert: allow applying mir_op::RewriteKind::RawToR…

d1365de

…ef over Rewrite::AddrOf

analyze: rewrite::unlower: include expr adjustments in the unlower map

7ea6610

analyze: label Ref and AddressOf rvalues with fresh PointerIds

b57fa64

analyze: add adjust_unsize test case

c096a7f

spernsteiner requested a review from aneksteind September 25, 2023 23:55

spernsteiner commented Sep 26, 2023

View reviewed changes