alexcrichton opened issue #9026:
This started out as https://github.com/bytecodealliance/wasmtime/issues/9015 but I'm evolving this now to be about Pulley specifically. Current thinking is that Pulley will not be compatible with
-Zmiri-strict-provenance
, but changes are necessary to make it compatible with-Zmiri-permissive-provenance
. I believe the concrete of changes are:
- The
ptr: *mut u8
field ofXRegValUnion
must be replaced with ausize
value- The
new_ptr
constructor will useexpose_provenance
and load/store usize- The
get_ptr
accessor will usewith_exposed_provenance
with theusize
field- When entering the interpreter Wasmtime will be require to call
expose_provenance
on any pointers that Pulley may access. This notably affects theVMContext
field and any transitive pointers that it contains. This can probably be done during the construction ofVMContext
itself.Right now
expose_provenance
andwith_exposed_provenance
are unstable so I don't believe that this is actionable at this time, but I wanted to write this down for later.cc @fitzgen
alexcrichton commented on issue #9026:
Ralf also pointed to https://github.com/rust-lang/unsafe-code-guidelines/issues/497 which has some interesting discussion and I believe reaches a similar conclusion.
fitzgen commented on issue #9026:
Ralf also pointed to rust-lang/unsafe-code-guidelines#497 which has some interesting discussion and I believe reaches a similar conclusion.
This comment from Ralf, in particular, seems to summarize our recent discussions: https://github.com/rust-lang/unsafe-code-guidelines/issues/497#issuecomment-2003100550
Last updated: Dec 23 2024 at 12:05 UTC