Add pread and pwrite shims

newpavlov · newpavlov · commit 5c57c82a7436 · 2024-07-19T17:56:04.000+03:00
diff --git a/src/shims/unix/fd.rs b/src/shims/unix/fd.rs
@@ -36,6 +36,30 @@ pub trait FileDescription: std::fmt::Debug + Any {
         throw_unsup_format!("cannot write to {}", self.name());
     }
 
+    /// Reads as much as possible into the given buffer from a given offset,
+    /// and returns the number of bytes read.
+    fn pread<'tcx>(
+        &mut self,
+        _communicate_allowed: bool,
+        _bytes: &mut [u8],
+        _offset: u64,
+        _ecx: &mut MiriInterpCx<'tcx>,
+    ) -> InterpResult<'tcx, io::Result<usize>> {
+        throw_unsup_format!("cannot pread from {}", self.name());
+    }
+
+    /// Writes as much as possible from the given buffer starting at a given offset,
+    /// and returns the number of bytes written.
+    fn pwrite<'tcx>(
+        &mut self,
+        _communicate_allowed: bool,
+        _bytes: &[u8],
+        _offset: u64,
+        _ecx: &mut MiriInterpCx<'tcx>,
+    ) -> InterpResult<'tcx, io::Result<usize>> {
+        throw_unsup_format!("cannot pwrite to {}", self.name());
+    }
+
     /// Seeks to the given offset (which can be relative to the beginning, end, or current position).
     /// Returns the new position from the start of the stream.
     fn seek<'tcx>(
@@ -463,4 +487,116 @@ pub trait EvalContextExt<'tcx>: crate::MiriInterpCxExt<'tcx> {
 
         this.try_unwrap_io_result(result)
     }
+
+    fn pread(
+        &mut self,
+        fd: i32,
+        buf: Pointer,
+        count: u64,
+        offset: i128,
+    ) -> InterpResult<'tcx, i64> {
+        let this = self.eval_context_mut();
+
+        // Isolation check is done via `FileDescriptor` trait.
+
+        trace!("Reading from FD {}, size {}, offset {}", fd, count, offset);
+
+        // Check that the *entire* buffer is actually valid memory.
+        this.check_ptr_access(buf, Size::from_bytes(count), CheckInAllocMsg::MemoryAccessTest)?;
+
+        // We cap the number of read bytes to the largest value that we are able to fit in both the
+        // host's and target's `isize`. This saves us from having to handle overflows later.
+        let count = count
+            .min(u64::try_from(this.target_isize_max()).unwrap())
+            .min(u64::try_from(isize::MAX).unwrap());
+        let communicate = this.machine.communicate();
+
+        // We temporarily dup the FD to be able to retain mutable access to `this`.
+        let Some(file_descriptor) = this.machine.fds.dup(fd) else {
+            trace!("pread: FD not found");
+            return this.fd_not_found();
+        };
+
+        trace!("pread: FD mapped to {:?}", file_descriptor);
+        // We want to read at most `count` bytes. We are sure that `count` is not negative
+        // because it was a target's `usize`. Also we are sure that its smaller than
+        // `usize::MAX` because it is bounded by the host's `isize`.
+        let mut bytes = vec![0; usize::try_from(count).unwrap()];
+        let offset = match offset.try_into() {
+            Ok(offset) => offset,
+            Err(_) => {
+                let einval = this.eval_libc("EINVAL");
+                this.set_last_error(einval)?;
+                return Ok(-1);
+            }
+        };
+        // `File::pread` never returns a value larger than `count`,
+        // so this cannot fail.
+        let result = file_descriptor
+            .borrow_mut()
+            .pread(communicate, &mut bytes, offset, this)?
+            .map(|c| i64::try_from(c).unwrap());
+        drop(file_descriptor);
+
+        match result {
+            Ok(read_bytes) => {
+                // If reading to `bytes` did not fail, we write those bytes to the buffer.
+                // Crucially, if fewer than `bytes.len()` bytes were read, only write
+                // that much into the output buffer!
+                this.write_bytes_ptr(
+                    buf,
+                    bytes[..usize::try_from(read_bytes).unwrap()].iter().copied(),
+                )?;
+                Ok(read_bytes)
+            }
+            Err(e) => {
+                this.set_last_error_from_io_error(e)?;
+                Ok(-1)
+            }
+        }
+    }
+
+    fn pwrite(
+        &mut self,
+        fd: i32,
+        buf: Pointer,
+        count: u64,
+        offset: i128,
+    ) -> InterpResult<'tcx, i64> {
+        let this = self.eval_context_mut();
+
+        // Isolation check is done via `FileDescriptor` trait.
+
+        // Check that the *entire* buffer is actually valid memory.
+        this.check_ptr_access(buf, Size::from_bytes(count), CheckInAllocMsg::MemoryAccessTest)?;
+
+        // We cap the number of written bytes to the largest value that we are able to fit in both the
+        // host's and target's `isize`. This saves us from having to handle overflows later.
+        let count = count
+            .min(u64::try_from(this.target_isize_max()).unwrap())
+            .min(u64::try_from(isize::MAX).unwrap());
+        let communicate = this.machine.communicate();
+
+        let bytes = this.read_bytes_ptr_strip_provenance(buf, Size::from_bytes(count))?.to_owned();
+        let offset = match offset.try_into() {
+            Ok(offset) => offset,
+            Err(_) => {
+                let einval = this.eval_libc("EINVAL");
+                this.set_last_error(einval)?;
+                return Ok(-1);
+            }
+        };
+        // We temporarily dup the FD to be able to retain mutable access to `this`.
+        let Some(file_descriptor) = this.machine.fds.dup(fd) else {
+            return this.fd_not_found();
+        };
+
+        let result = file_descriptor
+            .borrow_mut()
+            .pwrite(communicate, &bytes, offset, this)?
+            .map(|c| i64::try_from(c).unwrap());
+        drop(file_descriptor);
+
+        this.try_unwrap_io_result(result)
+    }
 }
diff --git a/src/shims/unix/foreign_items.rs b/src/shims/unix/foreign_items.rs
@@ -105,6 +105,46 @@ pub trait EvalContextExt<'tcx>: crate::MiriInterpCxExt<'tcx> {
                 // Now, `result` is the value we return back to the program.
                 this.write_scalar(Scalar::from_target_isize(result, this), dest)?;
             }
+            "pread" => {
+                let [fd, buf, count, offset] = this.check_shim(abi, Abi::C { unwind: false }, link_name, args)?;
+                let fd = this.read_scalar(fd)?.to_i32()?;
+                let buf = this.read_pointer(buf)?;
+                let count = this.read_target_usize(count)?;
+                let offset = this.read_scalar(offset)?.to_int(this.libc_ty_layout("off_t").size)?;
+                let result = this.pread(fd, buf, count, offset)?;
+                this.write_scalar(Scalar::from_target_isize(result, this), dest)?;
+            }
+            "pwrite" => {
+                let [fd, buf, n, offset] = this.check_shim(abi, Abi::C { unwind: false }, link_name, args)?;
+                let fd = this.read_scalar(fd)?.to_i32()?;
+                let buf = this.read_pointer(buf)?;
+                let count = this.read_target_usize(n)?;
+                let offset = this.read_scalar(offset)?.to_int(this.libc_ty_layout("off_t").size)?;
+                trace!("Called pwrite({:?}, {:?}, {:?}, {:?})", fd, buf, count, offset);
+                let result = this.pwrite(fd, buf, count, offset)?;
+                // Now, `result` is the value we return back to the program.
+                this.write_scalar(Scalar::from_target_isize(result, this), dest)?;
+            }
+            "pread64" => {
+                let [fd, buf, count, offset] = this.check_shim(abi, Abi::C { unwind: false }, link_name, args)?;
+                let fd = this.read_scalar(fd)?.to_i32()?;
+                let buf = this.read_pointer(buf)?;
+                let count = this.read_target_usize(count)?;
+                let offset = this.read_scalar(offset)?.to_int(this.libc_ty_layout("off64_t").size)?;
+                let result = this.pread(fd, buf, count, offset)?;
+                this.write_scalar(Scalar::from_target_isize(result, this), dest)?;
+            }
+            "pwrite64" => {
+                let [fd, buf, n, offset] = this.check_shim(abi, Abi::C { unwind: false }, link_name, args)?;
+                let fd = this.read_scalar(fd)?.to_i32()?;
+                let buf = this.read_pointer(buf)?;
+                let count = this.read_target_usize(n)?;
+                let offset = this.read_scalar(offset)?.to_int(this.libc_ty_layout("off64_t").size)?;
+                trace!("Called pwrite64({:?}, {:?}, {:?}, {:?})", fd, buf, count, offset);
+                let result = this.pwrite(fd, buf, count, offset)?;
+                // Now, `result` is the value we return back to the program.
+                this.write_scalar(Scalar::from_target_isize(result, this), dest)?;
+            }
             "close" => {
                 let [fd] = this.check_shim(abi, Abi::C { unwind: false }, link_name, args)?;
                 let result = this.close(fd)?;
diff --git a/src/shims/unix/fs.rs b/src/shims/unix/fs.rs
@@ -49,6 +49,65 @@ impl FileDescription for FileHandle {
         Ok(self.file.write(bytes))
     }
 
+    fn pread<'tcx>(
+        &mut self,
+        communicate_allowed: bool,
+        bytes: &mut [u8],
+        offset: u64,
+        _ecx: &mut MiriInterpCx<'tcx>,
+    ) -> InterpResult<'tcx, io::Result<usize>> {
+        assert!(communicate_allowed, "isolation should have prevented even opening a file");
+        #[cfg(unix)]
+        {
+            use std::os::unix::fs::FileExt;
+            Ok(self.file.read_at(bytes, offset))
+        }
+        // Emulate pread using seek + read + seek to restore cursor position.
+        // Correctness of this emulation relies on sequential nature of Miri execution.
+        #[cfg(not(unix))]
+        {
+            let mut f = || {
+                use io::{Seek, SeekFrom};
+                let cursor_pos = self.file.stream_position()?;
+                self.file.seek(SeekFrom::Start(offset))?;
+                let n = self.file.read(bytes)?;
+                self.file.seek(SeekFrom::Start(cursor_pos))?;
+                Ok(n)
+            };
+            Ok(f())
+        }
+    }
+
+    #[cfg(unix)]
+    fn pwrite<'tcx>(
+        &mut self,
+        communicate_allowed: bool,
+        bytes: &[u8],
+        offset: u64,
+        _ecx: &mut MiriInterpCx<'tcx>,
+    ) -> InterpResult<'tcx, io::Result<usize>> {
+        assert!(communicate_allowed, "isolation should have prevented even opening a file");
+        #[cfg(unix)]
+        {
+            use std::os::unix::fs::FileExt;
+            Ok(self.file.write_at(bytes, offset))
+        }
+        // Emulate pwrite using seek + write + seek to restore cursor position.
+        // Correctness of this emulation relies on sequential nature of Miri execution.
+        #[cfg(not(unix))]
+        {
+            let mut f = || {
+                use io::{Seek, SeekFrom};
+                let cursor_pos = self.file.stream_position()?;
+                self.file.seek(SeekFrom::Start(offset))?;
+                let n = self.file.write(bytes)?;
+                self.file.seek(SeekFrom::Start(cursor_pos))?;
+                Ok(n)
+            };
+            Ok(f())
+        }
+    }
+
     fn seek<'tcx>(
         &mut self,
         communicate_allowed: bool,
diff --git a/tests/pass-dep/tempfile.rs b/tests/pass-dep/tempfile.rs
@@ -9,6 +9,7 @@ mod utils;
 fn main() {
     test_tempfile();
     test_tempfile_in();
+    test_tempfile_ext().unwrap();
 }
 
 fn test_tempfile() {
@@ -19,3 +20,24 @@ fn test_tempfile_in() {
     let dir_path = utils::tmp();
     tempfile::tempfile_in(dir_path).unwrap();
 }
+
+fn test_tempfile_ext() -> std::io::Result<()> {
+    use std::io::Write;
+    use std::os::unix::fs::FileExt;
+
+    let mut f = tempfile::tempfile()?;
+    f.write_all(b"hello world")?;
+    let mut buf = [0u8; 3];
+    f.read_exact_at(&mut buf, 2)?;
+    assert_eq!(&buf, b"llo");
+    f.read_exact_at(&mut buf, 6)?;
+    assert_eq!(&buf, b"wor");
+
+    f.write_all_at(b" mo", 6)?;
+
+    let mut buf = [0u8; 11];
+    f.read_exact_at(&mut buf, 0)?;
+    assert_eq!(&buf, b"hello  mold");
+
+    Ok(())
+}
