Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

(c2rust-analyze) Add known_fns! for declaring the permissions on ptrs in known (i.e. libc) UnknownDef fns #978

Merged
merged 10 commits into from
Jul 7, 2023
Merged

(c2rust-analyze) Add known_fns! for declaring the permissions on ptrs in known (i.e. libc) UnknownDef fns #978

merged 10 commits into from
Jul 7, 2023

Conversation

kkysen
Copy link
Contributor

@kkysen kkysen commented Jul 5, 2023
edited
Loading

I wrote this as a macro_rules! macro so that we can write the pointer permission annotations inline with what the normal extern declaration would look like. The macro checks that the declaration matches libc's (or wherever it could be from) and that there are the correct number of PermissionSets on each type corresponding to the number of pointers directly in that type (i.e., the number of *).

The syntax for this is an optional : [PERM1a | PERM1b, PERM2a | PERM2b | PERM2c] after each type in a fn signature, where the order of the PermissionSets corresponds to the pointers in the type in left-to-right order. For example:

known_fns! {
    mod libc {

        #[cfg(target_os = "linux")]
        fn __errno_location() -> *mut c_int: [READ | WRITE];

        #[cfg(target_os = "macos")]
        fn __error() -> *mut c_int: [READ | WRITE];

        fn _exit(
            status: c_int,
        ) -> !;

        fn abort() -> !;

        fn abs(
            i: c_int,
        ) -> c_int;

        fn accept(
            socket: c_int,
            address: *mut sockaddr: [WRITE],
            address_len: *mut socklen_t: [READ | WRITE],
        ) -> c_int;

        fn read(
            fd: c_int,
            buf: *mut c_void: [WRITE | OFFSET_ADD],
            count: size_t,
        ) -> ssize_t;

        fn write(
            fd: c_int,
            buf: *const c_void: [READ | OFFSET_ADD],
            count: size_t,
        ) -> ssize_t;

        fn strtol(
            s: *const c_char: [READ | OFFSET_ADD],
            endp: *mut *mut c_char: [WRITE, WRITE | OFFSET_ADD],
            base: c_int,
        ) -> c_long;

    }
};

I'm still working on the integration of these KnownFns into fn_sigs as LFnSigs, but I wanted to open a separate PR for how they are declared in the first place.

@kkysen
(c2rust-analyze) Add PermissionSet::union_all as a const fn for…
dafc665 
… use in known (`libc`) `fn` permission annotations.
@kkysen
(c2rust-analyze) Add perms_annotation! for PermissionSet annota…
e347d28 
…tions on known (`libc`) `fn`s' ptrs.
@kkysen
(c2rust-analyze) Add const_slice! to make 'static slices at `co…
8290ec5 
…nst`-time so we don't need to `Box` `const`-known data.
@kkysen
(c2rust-analyze) Add struct KnownFnTy and known_fn_ty! to repre…
2bd8fca 
…sent an permission-annotated type on a known `fn`.
@kkysen
(c2rust-analyze) Add const fn KnownFnTy::checked checking that th…
31734f0 
…e number of perms match the number of ptrs in a type.
@kkysen
(c2rust-analyze) Add more known_fn_ty! tests.
fd7de16
@kkysen
(c2rust-analyze) Add known_fns for declaring the permissions of k…
fdbbcf9 
…nown (`libc`) `fn`s while also checking these definitions match `libc`'s.
spernsteiner
spernsteiner approved these changes Jul 5, 2023
View reviewed changes
Copy link
Collaborator

@spernsteiner spernsteiner left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me. It's a bit unfortunate that the annotations have to be written out-of-line (*mut *mut T: [A, B] rather than *mut {A} *mut {B} T or similar), but parsing the latter with macro_rules would be a real pain. This should work fine for the libc use case, where the types can't get too complex.

c2rust-analyze/src/context.rs Show resolved Hide resolved
c2rust-analyze/src/known_fn.rs Show resolved Hide resolved
c2rust-analyze/src/known_fn.rs Outdated Show resolved Hide resolved
@kkysen
Copy link
Contributor Author

kkysen commented Jul 5, 2023

It's a bit unfortunate that the annotations have to be written out-of-line (*mut *mut T: [A, B] rather than *mut {A} *mut {B} T or similar), but parsing the latter with macro_rules would be a real pain.

Yeah, I agree that would be ideal, but that would be quite complex to parse and it'd probably mess up other nice-to-have stuff like syntax highlighting.

@kkysen kkysen force-pushed the kkysen/analyze-known-fns-decl branch from cb5e3b2 to 5a64de9 Compare July 6, 2023 04:44
@kkysen
(c2rust-analyze) Allow #[] attributes on each known_fns! fn s…
24ce959 
…o platform specific things can be represented, such as Linux's `__errno_location` and macOS' `__error`.
@kkysen kkysen force-pushed the kkysen/analyze-known-fns-decl branch from 5a64de9 to 24ce959 Compare July 6, 2023 08:43
@kkysen kkysen merged commit c02f2c2 into master Jul 7, 2023
9 checks passed
@kkysen kkysen deleted the kkysen/analyze-known-fns-decl branch July 7, 2023 10:52
@kkysen kkysen mentioned this pull request Jul 17, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@spernsteiner spernsteiner spernsteiner approved these changes

@aneksteind aneksteind Awaiting requested review from aneksteind

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@kkysen @spernsteiner