Implement runtime checking for dynamic_bounds_cast #256
Comments
|
Correct the name of the operator: it is dynamic_bounds_cast. |
dtarditi
changed the title
|
I think that it works as follows
|
|
@wonsubkim I can't say how code generation works for the casting itself, but I can help you with finding the code you need to call. You want to call This method will do all the calculation for you. You can see it being used a lot in |
|
Thanks for your suggestion. I think that dynamic_bounds_cast code generation consists of two parts
For code generation of dynamic check, I refer to EmitDynamicBoundsCheck but it will be little bit different since it requires inferred source bounds not PtrAddr DynamicBounds is bounds generated by bounds cast operator, I think that dynamic_bounds_cast is same as explicit type casting except for generating bounds information. |
+ implement emission of dynamic checking for bounds_cast it does two things as follows: it generates codes for explicit type casting since subexpression can be non-pointer type, it SHOULD take care about it it also generates dynamic_check for bounds casting by using both bounds of cast and bounds of subexpression : bounds (castlb, castub), bounds of cast operation : bounds(lb, ub), bounds of subexpression of cast operation -> emits non-null check for subexpression (dynamic_check(base != NULL)) -> emits dynamic check (dynamic_check(lb <= castlb && castub <= ub) + add inferred bounds of subexpression since code generation requires source bounds when inferring bounds of subexpression, it also binds inferred source bounds to cast operation
+ modify code generation for bounds cast operation
let bounds cast operation be bounds_cast<T>(E)
CastBounds - bounds(castlb, castub)
SubExprBounds - bounds(lb, ub)
code generation for bounds cast operation is as follows:
Dynamic_check(E == NULL || (lb <= castlb && castub <= ub))
if E is NULL(0), it skips code generation runtime dynamic check
Otherwise, it emits dynamic check
+ add dynamic_check blocks with two conditions being ORed
EmitDynamicCheckBlocks(cond1, cond2)
if (cond1) { success }
else {
fall-through
if (cond2) { success }
else { fail }
}
+ add enum value for CastBounds & SubExprBounds
SubExprs[CASTBOUNDS, SUBEXPRBOUNDS] is added
CastBounds is inferred/expanded bounds for cast operation
SubExprBounds is inferred/expanded bounds for subexpression of bounds cast operation
In bounds inferrence, it sets cast bounds & subexpr bounds in inferrence step
+ rename function, parameters
) + dynamic_bounds_cast operation SHOULD always succeed if runtime value of subexpression of cast is NULL(0) it finally emits dynamic_check(E == NULL || (lb <= castlb && castub <= ub)) it checks if subexpression value is NULL if subexpression value is not NULL, then it emits range bounds check code Otherwise(E == NULL), it skips range bounds check range bounds check is generated only if E is not NULL generated code is as follows: if (E == NULL) { success_block: } else { fallthrough_block: if (lb <= castlb && castub <= ub) { success_block: } else { fail_block: trap(); llvm_unreachable(); } } To check this code, we have checked generated llvm IR code for test code & modified test code
|
This work is complete, except for handling requirements related to relative alignment. That is covered by feature #330. |
) The existing syntax of the *_bound_cast operators is confusing. The kind of bounds being specified is not explicit. It depends on the number of arguments to the operator. It is clearer to just use a bounds expression to describe the bounds. That involves a little more typing, but it is easier to understand and allows programmers to use all the different variants of bounds expressions. Add examples of using dynamic_bounds_cast and assume_bounds_cast for clarity.
Uh oh!
There was an error while loading. Please reload this page.
The dynamic_bounds_cast operator requires runtime checks of bounds. I think this runtime checking should be inserted during the lowering to clang IR.
The text was updated successfully, but these errors were encountered: