review

nia-e · nia-e · commit 33a63823165c · 2025-07-09T18:11:08.000+02:00
diff --git a/compiler/rustc_middle/src/mir/interpret/allocation.rs b/compiler/rustc_middle/src/mir/interpret/allocation.rs
@@ -791,30 +791,16 @@ impl<Prov: Provenance, Extra, Bytes: AllocBytes> Allocation<Prov, Extra, Bytes>
 
     /// Write "uninit" to the given memory range.
     pub fn write_uninit(&mut self, cx: &impl HasDataLayout, range: AllocRange) -> AllocResult {
+        self.bytes[range.start.bytes_usize()..range.end().bytes_usize()].fill(0);
         self.mark_init(range, false);
         self.provenance.clear(range, cx)?;
         Ok(())
     }
 
-    /// Initialize all previously uninitialized bytes in the entire allocation, but
-    /// do not actually mark them as init. Before calling this, make sure all
-    /// provenance in this allocation is exposed!
-    pub fn prepare_for_native_access(&mut self) {
-        let full_range = AllocRange { start: Size::ZERO, size: Size::from_bytes(self.len()) };
-        // Overwrite uninitialized bytes with 0, to ensure we don't leak whatever their value happens to be.
-        for chunk in self.init_mask.range_as_init_chunks(full_range) {
-            if !chunk.is_init() {
-                let uninit_bytes = &mut self.bytes
-                    [chunk.range().start.bytes_usize()..chunk.range().end.bytes_usize()];
-                uninit_bytes.fill(0);
-            }
-        }
-    }
-
     /// Mark all bytes in the given range as initialised and reset the provenance
     /// to wildcards. This entirely breaks the normal mechanisms for tracking
     /// initialisation and is only provided for Miri operating in native-lib
-    /// mode. UB will be missed if the underlying bytes were not actually initialized.
+    /// mode. UB will be missed if the underlying bytes were not actually written to.
     ///
     /// If `range` is `None`, defaults to performing this on the whole allocation.
     pub fn process_native_write(&mut self, cx: &impl HasDataLayout, range: Option<AllocRange>) {
diff --git a/compiler/rustc_middle/src/mir/interpret/allocation/provenance_map.rs b/compiler/rustc_middle/src/mir/interpret/allocation/provenance_map.rs
@@ -213,7 +213,8 @@ impl<Prov: Provenance> ProvenanceMap<Prov> {
     }
 
     /// Overwrites all provenance in the given range with wildcard provenance.
-    /// Pointers partially overwritten will have their provenances
+    /// Pointers partially overwritten will have their provenances preserved
+    /// bytewise on their remaining bytes.
     ///
     /// Provided for usage in Miri and panics otherwise.
     pub fn write_wildcards(&mut self, cx: &impl HasDataLayout, range: AllocRange) {
@@ -223,25 +224,27 @@ impl<Prov: Provenance> ProvenanceMap<Prov> {
         );
         let wildcard = Prov::WILDCARD.unwrap();
 
-        // Get pointer provenances that overlap with the range, then remove them.
+        let bytes = self.bytes.get_or_insert_with(Box::default);
+
+        // Remove pointer provenances that overlap with the range, then readd the edge ones bytewise.
         let ptr_range = Self::adjusted_range_ptrs(range, cx);
-        let removed = ptr_range.filter_map(|i| self.ptrs.remove(&i).map(|p| (i, p)));
+        let ptrs = self.ptrs.range(ptr_range.clone());
+        if let Some((offset, prov)) = ptrs.first() {
+            for byte_ofs in *offset..range.start {
+                bytes.insert(byte_ofs, *prov);
+            }
+        }
+        if let Some((offset, prov)) = ptrs.last() {
+            for byte_ofs in range.end()..*offset + cx.data_layout().pointer_size() {
+                bytes.insert(byte_ofs, *prov);
+            }
+        }
+        self.ptrs.remove_range(ptr_range);
+
         // Overwrite bytewise provenance.
-        let bytes = self.bytes.get_or_insert_with(Box::default);
         for offset in range.start..range.end() {
             bytes.insert(offset, wildcard);
         }
-        // Now readd pointer provenances that were only partly overwritten. Always
-        // check both the start and end to allow for a write to happen in the middle
-        // of a pointer.
-        for (rm_ofs, prov) in removed {
-            for head_ofs in rm_ofs..range.start {
-                bytes.insert(head_ofs, prov);
-            }
-            for tail_ofs in range.end()..rm_ofs + cx.data_layout().pointer_size() {
-                bytes.insert(tail_ofs, prov);
-            }
-        }
     }
 }
 
diff --git a/src/tools/miri/src/shims/native_lib/mod.rs b/src/tools/miri/src/shims/native_lib/mod.rs
@@ -252,7 +252,6 @@ pub trait EvalContextExt<'tcx>: crate::MiriInterpCxExt<'tcx> {
             // Prepare for possible write from native code if mutable.
             if info.mutbl.is_mut() {
                 let (alloc, cx) = this.get_alloc_raw_mut(alloc_id)?;
-                alloc.prepare_for_native_access();
                 alloc.process_native_write(&cx.tcx, None);
                 // Also expose *mutable* provenance for the interpreter-level allocation.
                 std::hint::black_box(alloc.get_bytes_unchecked_raw_mut().expose_provenance());
