Support for passing const Miri pointers to C

[emarteca]

Supporting for passing const Miri pointers to C.

Fork of rustc required

This relies on the alignment of the bytes of Allocations to match the align parameter, and for the address of these bytes to be accessible to Miri: you need to run this with the version of rustc in this PR for it to work.

Main changes to Miri

This support builds on previous support for calling C functions with integer arguments, in this PR to Miri.
All the changes in that PR are contained here.

The changes to Miri since integer function support are mostly to intptrcast:

• Move the generation of a new (fake) address to it's own function, get_next_fake_addr.
  We still need this functionality for cases where an alloc_id doesn't have a corresponding base address, or if we're running Miri in non-FFI mode and want to keep the same behaviour as before.
• If we are in FFI mode and there is a base address accessible through ecx (via this function, in the fork of rustc), then we use this as the base address of the allocation (linked code)
• Since we're now using the real addresses as the base_addr, using a Vec as the data structure for global_state.int_to_ptr_map is not efficient anymore, since it no longer is guaranteed to be sorted by just adding new addresses to the end of the list.
  So we changed the data structure to a BTreeMap, which is always sorted and provides efficient insertion.
  This change mostly shows up here in the code.
  Note: even though in non-FFI mode we use the original fake address functionality, we keep the BTreeMap.

We also changed ffi_support, adding representations for the pointer types.

This section of our design doc has more details on our design and implementation of passing Miri pointers to C.
This doc also explains how we plan to support passing Miri mut pointers to C, and what we've done for adding support for passing C pointers back to Miri.

Testing

We added a test that calls a C function that double dereferences a C pointer and returns the value.

Specific code:
C function:

int double_deref(const int **p) {
  return **p;
}

Rust code calling the C function:

extern "C" {
    fn double_deref(x: *const *const i32) -> i32;
}
fn main() {
    unsafe {
        let base: i32 = 42;
        let base_p: *const i32 = &base as *const i32;
        let base_pp: *const *const i32 = &base_p as *const *const i32;
        assert_eq!(double_deref(base_pp), 42);
    }
}

Note: There are some tests in Miri’s test suite that fail if they’re executed using the real bytes of the Allocation as the address. All of the failures are because of allocation alignment assumptions being violated, and we don’t think they correspond to bugs in our implementation.
This was found when we were testing – the version of Miri we pushed only uses the real bytes for the address if we’re executing in the FFI mode, and so none of these tests are affected.
This is all explained, and the failing tests are listed out, in this section of our design doc.

[RalfJung]

I don't know when I will have time for a proper review (and anyway we should land the other one first^^), but just one note on terminology: I don't think "fake" addresses is a good term. They are no more fake than any other part of Miri; they are the real address that these allocations have inside the Abstract Machine.

If you need to distinguish them, something like 'machine_address' or so would be a lot better.

[RalfJung]

I haven't seen activity on this PR or the rustc one (rust-lang/rust#100467) in a while so I am going to close this. @emarteca (or anyone else who is interested) feel free to pick this up again in the future if/when you have time!