Is this correct? I think it's UB, but maybe if the user intentionally sets #[allow(improper_ctypes)] we might just want to report this as unsupported instead of UB?

Yeah, reporting this as "unsupported" is better.

Can you explain what this means in a self-contained way, rather than referencing other concepts the reader is unlikely to know?

Also, it's odd to lead with this being a "type" when it is called "arg".

The prefixes "C" and "Ffi" don't do a great job reflecting "owned" and borrowed.

So what about OwnedArg and BorrowedArg? The "downcast" function (also an odd name, what does it downcast?) can then be called borrow.

CPrimitive could be called ScalarArg as that seems to match what we use it for.

Also, please generally define types bottom-up and with increasing complexity/subtlety, to simplify reading the file in order:

• ScalarArg
• OwnedArg
• BorrowedArg

This doesn't have to be a struct, right? It can be any type that FfiType can represent, which includes basic integers.

I'll change the name, presumably the next PR idea which you brought up on Zulip would make this enum redundant anyway

Yeah, reporting this as "unsupported" is better.

The file these tests are in is called "scalar_arguments". Do these arguments you are passing here ,ook like scalars to you? :)

Please make a new file for aggregate arguments.

Yes, that would be okay. But let's leave it to a future PR, since a repr(transparent) wrapper around e.g. i32 should also be supported and that'll be a bit more interesting -- it's going to be an Immediate.

The same snippet will be needed in the struct case, so please make this a helper function.

Here you are doing the equivalent of casting a pointer to an integer and back. Please don't. You can get the alloc ID from the pointer directly.

Specifically, please use ptr_get_alloc_id. That also gives you the offset inside the allocation.

However, you'll need to first separately handle the zero-sized case. mplace.ptr() might not point to an Allocation if the type has size 0.

Are ZSTs allowed over FFI? I was under the impression that there's no way to represent them in C so I figured just erroring here makes sense

I guess erroring is fine but that still require a separate check to print a non-obscure error.

Round-tripping through a Vec seems odd?

Fair, I guess it's pretty easily avoidable

Have a look at https://github.com/rust-lang/rust/blob/ece1397e3ff40e7f8a411981844a8214659da970/compiler/rustc_const_eval/src/interpret/place.rs#L716-L732 for how to determine the offset of the 2nd field.

You should not be doing your own endianess handling. write_target_uint can do that for you.

This comment is entirely in the wrong place now... previously it referred to a std::ptr::with_exposed_provenance_mut, now it stopped making any sense. Please ask before just taking random guesses as to where to put such comments.

Is it wrong? If either scalar is a pointer, the code under the comment exposes provenance only in the AM; then later when visit_reachable_allocs is called it'll do alloc.get_bytes_unchecked_raw().expose_provenance() on the allocation said pointer points to. Unless I misunderstood the meaning of that comment, that's what it referred to in the first place

It's correct that the code below only exposes the ptr in the AM. But the claim that this act somehow relies on the ptr also being exposed in the "host" makes no sense. That referred to the with_exposed_provenance_mut, which as per its documentation requires a prior call to expose_provenance, and the comment was explaining where that expose_provenance happened.

The new code side-steps the with_exposed_provenance_mut, making it less clear where to put the comment. But this here is definitely the wrong spot.

In particular, I got rid of some unsafe code here.