implement ptr.addr() via transmute

[RalfJung]

As per the discussion in rust-lang/unsafe-code-guidelines#286, the semantics for ptr-to-int transmutes that we are going with for now is to make them strip provenance without exposing it. That's exactly what ptr.addr() does! So we can implement ptr.addr() via transmute. This also means that once #97684 lands, Miri can distinguish ptr.addr() from ptr.expose_addr(), and the following code will correctly be called out as having UB (if permissive provenance mode is enabled, which will become the default once the implementation is complete):

fn main() {
    let x: i32 = 3;
    let x_ptr = &x as *const i32;

    let x_usize: usize = x_ptr.addr();
    // Cast back an address that did *not* get exposed.
    let ptr = std::ptr::from_exposed_addr::<i32>(x_usize);
    assert_eq!(unsafe { *ptr }, 3); //~ ERROR Undefined Behavior: dereferencing pointer failed
}

This completes the Miri implementation of the new distinctions introduced by strict provenance. :)

Cc @Gankra -- for now I left in your FIXME(strict_provenance_magic) saying these should be intrinsics, but I do not necessarily agree that they should be. Or if we have an intrinsic, I think it should behave exactly like the transmute does, which makes one wonder why the intrinsic should be needed.

[rust-highfive]

Hey! It looks like you've submitted a new PR for the library teams!

If this PR contains changes to any rust-lang/rust public library APIs then please comment with r? rust-lang/libs-api @rustbot label +T-libs-api -T-libs to request review from a libs-api team reviewer. If you're unsure where your change falls no worries, just leave it as is and the reviewer will take a look and make a decision to forward on if necessary.

Examples of T-libs-api changes:

• Stabilizing library features
• Introducing insta-stable changes such as new implementations of existing stable traits on existing stable types
• Introducing new or changing existing unstable library APIs (excluding permanently unstable features / features without a tracking issue)
• Changing public documentation in ways that create new stability guarantees
• Changing observable runtime behavior of library APIs

[rust-highfive]

r? @thomcc

(rust-highfive has picked a reviewer for you, use r? to override)

[thomcc]

Seems reasonable. I'm going to mark it as rollup=never out of an over-abundance of caution around the difference between a transmute and a cast in terms of performance, since this is a pretty fundamental thing that gets done in a lot of code (or maybe not as much as I think?)

@bors r+ rollup=never

[bors]

📌 Commit 4291332 has been approved by thomcc

[bors]

⌛ Testing commit 4291332 with merge 760237f...

[bors]

☀️ Test successful - checks-actions
Approved by: thomcc
Pushing 760237f to master...

[rust-highfive]

📣 Toolstate changed by #97710!

Tested on commit 760237f.
Direct link to PR: #97710

💔 miri on linux: test-pass → test-fail (cc @RalfJung @eddyb @oli-obk).

[rust-timer]

Finished benchmarking commit (760237f): comparison url.

Instruction count

This benchmark run did not return any relevant results for this metric.

Max RSS (memory usage)

Results

• Primary benchmarks: 🎉 relevant improvements found
• Secondary benchmarks: 🎉 relevant improvement found

	mean1	max	count2
Regressions 😿 (primary)	N/A	N/A	0
Regressions 😿 (secondary)	N/A	N/A	0
Improvements 🎉 (primary)	-1.6%	-3.1%	2
Improvements 🎉 (secondary)	-4.4%	-4.4%	1
All 😿🎉 (primary)	-1.6%	-3.1%	2

Cycles

Results

• Primary benchmarks: 🎉 relevant improvement found
• Secondary benchmarks: mixed results

	mean1	max	count2
Regressions 😿 (primary)	N/A	N/A	0
Regressions 😿 (secondary)	4.1%	4.1%	1
Improvements 🎉 (primary)	-2.0%	-2.0%	1
Improvements 🎉 (secondary)	-3.5%	-3.5%	1
All 😿🎉 (primary)	-2.0%	-2.0%	1

If you disagree with this performance assessment, please file an issue in rust-lang/rustc-perf.

@rustbot label: -perf-regression

Footnotes

1. the arithmetic mean of the percent change ↩ ↩²

2. number of relevant changes ↩ ↩²