[Vm-dev] VM Maker: VMMaker.oscog-eem.1496.mcz

commits at source.squeak.org commits at source.squeak.org
Tue Oct 20 23:04:44 UTC 2015 

Eliot Miranda uploaded a new version of VMMaker to project VM Maker:
http://source.squeak.org/VMMaker/VMMaker.oscog-eem.1496.mcz

==================== Summary ====================

Name: VMMaker.oscog-eem.1496
Author: eem
Time: 20 October 2015, 4:02:56.214 pm
UUID: f6c0ecb8-51de-4da5-aa23-5f96baa84178
Ancestors: VMMaker.oscog-rmacnak.1495

One last waafer-thin tweak to bounds checking in the Alien plugins Monsieur Creosote?  Use a form immune to integer overflow.  Document the design decision.

=============== Diff against VMMaker.oscog-rmacnak.1495 ===============

Item was changed:
  ----- Method: IA32ABIPlugin>>index:length:inRange: (in category 'private-support') -----
  index: byteIndex length: length inRange: rcvr
+ 	"Answer if the indices byteIndex to byteIndex + length - 1 are valid zero-relative indices into the rcvr.
+ 	 Beware!!  There be dragons here.  The form below (byteIndex <= (dataSize abs - length)) is used
+ 	 because byteIndex + length could overflow, whereas (dataSize abs - length) can't.  We *don't* use the
+ 	 obvious optimization
+ 		^dataSize = 0 or: [byteIndex asUnsignedInteger <= (dataSize abs - length)]
+ 	 because with C's Usual Arithmetic Conversions
+ 		5. Otherwise, both operands are converted to the unsigned integer type corresponding to the type of the operand with signed integer type.
+ 	 means that the comparison will be unsigned, and if length > dataSize abs then dataSize abs - length is large and positive."
- 	"Answer if the indices byteIndex to byteIndex + length - 1 are valid zero-relative indices into the rcvr."
  	| dataSize |
  	<inline: true>
  	dataSize := self sizeField: rcvr.
+ 	^dataSize = 0 or: [byteIndex >= 0 and: [byteIndex <= (dataSize abs - length)]]!
- 	^dataSize = 0 or: [byteIndex >= 0 and: [(byteIndex + length) <= dataSize abs]]!

Item was changed:
  ----- Method: NewsqueakIA32ABIPlugin>>index:length:inRange: (in category 'private-support') -----
  index: byteIndex length: length inRange: rcvr
+ 	"Answer if the indices byteIndex to byteIndex + length - 1 are valid zero-relative indices into the rcvr.
+ 	 Beware!!  There be dragons here.  The form below (byteIndex <= (dataSize abs - length)) is used
+ 	 because byteIndex + length could overflow, whereas (dataSize abs - length) can't.  We *don't* use the
+ 	 obvious optimization
+ 		^dataSize = 0 or: [byteIndex asUnsignedInteger <= (dataSize abs - length)]
+ 	 because with C's Usual Arithmetic Conversions
+ 		5. Otherwise, both operands are converted to the unsigned integer type corresponding to the type of the operand with signed integer type.
+ 	 means that the comparison will be unsigned, and if length > dataSize abs then dataSize abs - length is large and positive."
- 	"Answer if the indices byteIndex to byteIndex + length - 1 are valid zero-relative indices into the rcvr."
  	| dataSize |
  	<inline: true>
  	dataSize := self sizeField: rcvr.
+ 	^dataSize = 0 or: [byteIndex >= 0 and: [byteIndex <= (dataSize abs - length)]]!
- 	^dataSize = 0 or: [byteIndex >= 0 and: [(byteIndex + length) <= dataSize abs]]!

More information about the Vm-dev mailing list