Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Missing ASL feature: runtime checks #32

Open
7 of 11 tasks
alastairreid opened this issue Feb 10, 2025 · 1 comment
Open
7 of 11 tasks

Missing ASL feature: runtime checks #32

alastairreid opened this issue Feb 10, 2025 · 1 comment

Comments

@alastairreid
Copy link

alastairreid commented Feb 10, 2025
edited
Loading

Motivation

We are increasingly running into areas where the ASL specs contain runtime bugs that are not being detected by testing.
In particular, a slice assignment such as "x[i] = '1';" should generate a compile time or runtime error if "i" is too big but, instead, the write is often silently ignored.

The full range of runtime checks required is

  • Array indexing
  • All four variants of bitslice indexing
  • Checked type conversions such as "r as {0..255}"
  • Division by zero
  • Shift distances must be in the range 0..N (or 0..N-1?) todo: what about rotations?
  • Exact division operator (not done yet because exact division checks break specs that still expect DIX to mean inexact division)

There is no need for the following runtime checks because typechecking will catch these

  • Initialization of a constrained integer variable(e.g., "var/let x : integer {0..255} = y;"
  • Assignment to a constrained integer (e.g., "var x : integer {0..255}; .... x = y;"
  • Returning a constrained integer
  • Passing a constrained integer as function argument

Plan

  • Extend ASLi with an internal "let-expression" representation "__let x : = __in ". This can be used to avoid evaluating index expressions twice (which would matter if they had side effects)
  • Extend ASLi with an internal "assert-expression" representation "__assert __in ". This can be used to insert runtime checks.
  • Extend ASLi's typechecker to insert runtime checks as it typechecks code. (Putting this in the typechecker adds complexity to an already complex pass - but it is the place where type information is most readily available.)
  • Check that optimizations are able to delete most of the runtime checks using range analysis, exploiting constraint information, etc.
    • Not done yet: constprop does not perform range analysis
  • Add ability to generate compile-time warnings to help us track down places where runtime checks are required - maybe constraint information needs to be tightened up in those places?
    • Not done yet: without optimizations to remove most of the checks, this would be far too noisy
@alastairreid alastairreid mentioned this issue Dec 19, 2024
Open
5 tasks
@alastairreid
Copy link
Author

Change #39 adds support for inserting runtime checks.
On by default, use --noruntime-checks to disable.

At the moment, these are not optimized away very well.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@alastairreid