search

google / rune

Rune is a programming language developed to test ideas for improving security and efficiency.
Apache License 2.0
1.91k stars 46 forks source link

invalid trunc should throw #12

Closed rurban closed 1 year ago

rurban commented 1 year ago

errortests/trunc.rn fails with a var (and also a constant)

variable should add a runtime truncation check:

%2 = trunc i64 %1 to i16, !dbg !208
; missing %1 vs %2 check

constant may throw directly at compile-time:

println "%x16" % <u16>0xdeadbeef =>
%1 = trunc i64 3735928559 to i16, !dbg !205
diff --git llvm/genllvm.c llvm/genllvm.c
index a9fff61..245cb0d 100644
--- llvm/genllvm.c
+++ llvm/genllvm.c
@@ -1490,6 +1490,8 @@ static llElement resizeSmallInteger(llElement element, uint32 newWidth, bool isS
   char *operation;
   if (newWidth < oldWidth) {
     operation = "trunc";
+    //TODO if constant throw error if truncation looses info.
+    //     else if not constant add code to check at run-time.
   } else {
     deDatatypeType type = deDatatypeGetType(oldDatatype);
     if (type == DE_TYPE_INT) {

See also: https://cwe.mitre.org/data/definitions/197.html

waywardgeek commented 1 year ago

Yeah, we just haven't gotten to this yet, which is why we left trunk.rn failing, to remind us. There are intrinsics in LLVM IR for catching overflows, and it isn't a huge task to upgrade genllvm.c to use them. We just haven't, yet.

waywardgeek commented 1 year ago

We finally fixed this, so I'll close this issue.