mir_slice_value and mir_slice_range_value
#1948
Conversation
| -- | ||
| -- To make it easier to recurse on the 'TypeShape's for the slice's | ||
| -- reference and length types, we provide the 'sliceShapeParts' function. | ||
| SliceShape :: M.Ty |
There was a problem hiding this comment.
Note the new addition of SliceShape, which is distinct from TupleShape.
| -- | A slice-related MIR 'SetupValue'. | ||
| data MirSetupSlice | ||
| = MirSetupSliceRaw (MS.SetupValue MIR) (MS.SetupValue MIR) | ||
| -- ^ A \"raw\" slice constructed directly from a pointer and a length. | ||
| -- Currently, this is only used by @crucible-mir-comp@. SAWScript offers no | ||
| -- way to use this, although we may consider doing so in the future. | ||
| | MirSetupSlice (MS.SetupValue MIR) | ||
| -- ^ A slice of a reference to a contiguous sequence 'SetupValue'. | ||
| -- Currently, this only supports references to arrays. | ||
| | MirSetupSliceRange (MS.SetupValue MIR) Int Int | ||
| -- ^ A slice of a reference to a contiguous sequence 'SetupValue', where the | ||
| -- slice only covers the range specified by the given start and end values | ||
| -- (the first and second 'Int', respectively). Currently, this only | ||
| -- supports references to arrays, and it only supports concrete ranges. |
There was a problem hiding this comment.
An important new data type that classifies all of the different ways one can construct slice values in SAW/crucible-mir-comp.
| MirSetupSliceRaw{} -> | ||
| panic "typeOfSetupValue" ["MirSetupSliceRaw not yet implemented"] |
There was a problem hiding this comment.
MirSetupSliceRaw is only used in crucible-mir-comp at the moment, so I didn't bother implemented support for it in SAW.
| MirSetupSlice arrRef -> do | ||
| SetupSliceFromArray _elemTpr sliceShp refVal len <- | ||
| resolveSetupSliceFromArray bak arrRef | ||
| lenVal <- usizeBvLit sym len | ||
| pure $ MIRVal sliceShp (Ctx.Empty Ctx.:> RV refVal Ctx.:> RV lenVal) | ||
| MirSetupSliceRange arrRef start end -> do | ||
| unless (start <= end) $ | ||
| fail $ "slice index starts at " ++ show start | ||
| ++ " but ends at " ++ show end | ||
| SetupSliceFromArray elemTpr sliceShp refVal0 len <- | ||
| resolveSetupSliceFromArray bak arrRef | ||
| unless (end < len) $ | ||
| fail $ "range end index " ++ show end | ||
| ++ " out of range for slice of length " ++ show len | ||
| startBV <- usizeBvLit sym start | ||
| refVal1 <- Mir.mirRef_offsetIO bak iTypes elemTpr refVal0 startBV | ||
| lenVal <- usizeBvLit sym $ end - start | ||
| pure $ MIRVal sliceShp (Ctx.Empty Ctx.:> RV refVal1 Ctx.:> RV lenVal) |
There was a problem hiding this comment.
This is where the magic happens, such as interfacing with the crucible-mir memory model and checking the start/end values of slice ranges.
| @@ -2648,6 +2650,77 @@ construct compound values: | |||
| * `mir_tuple_value : [MIRValue] -> MIRValue` construct a tuple with the given | |||
| list of values as elements. | |||
|
|
|||
| ### MIR slices | |||
|
Thinking about this some more, there are a couple of unresolved questions in this PR:
|
|
Thinking about this some more:
|
RyanGlScott
force-pushed
the
T1859-mir-slices
branch
from
ab0b82e to
9fa9f7f
Compare
|
I've implemented the ideas in #1948 (comment), so this is now ready for review. |
|
I've realized that |
|
In general, it might be nice to have a way to cast |
|
Ah, I like that idea better. A casting function would also be handy if you wanted to take an immutable slice of a |
|
I've opened #1954 to track this idea. This idea can be implemented separately and applies to more things than just slices, so I don't think we need to hold up this PR while we wait for that. |
RyanGlScott
force-pushed
the
T1859-mir-slices
branch
from
9fa9f7f to
091a94e
Compare
There was a problem hiding this comment.
Looks generally good, except for some confusion around half-open vs inclusive ranges in mir_slice_range_value. It should use half-open for consistency with Rust, where arr[start..end] is much more common than the inclusive version arr[start..=end].
I'm not entirely clear on why we need a separate SliceShape when it's a strict subset of StructShape, but it doesn't seem like it was much trouble to introduce this distinction.
This adds `mir_slice_value` and `mir_slice_range_value` functions to the MIR backend, which allow writing specifications involving slice arguments. Currently, only slices to array references are supported, although we may expand the scope of these commands in the future. Some interesting parts of the implementation: 1. The `TypeShape` for slices is _ever_-so-slightly different from the `TypeShape` for tuples (`TupleShape`), so I added a new `SliceShape` `TypeShape` to tell them apart. 2. There is a `MirSetupSliceRaw` constructor that is _only_ used for `crucible-mir-comp` purposes at the moment. In the future, we may want to expose a SAWScript command that uses this to allow users to directly construct a slice from a pointer and a length. 3. `mir_alloc` now explicitly disallows allocating slice references, so passing `mir_slice` or `mir_str` as an argument will throw an error. This checks off one box in #1859.
RyanGlScott
force-pushed
the
T1859-mir-slices
branch
from
091a94e to
813b844
Compare
RyanGlScott
added
the
PR: ready to merge
This adds
mir_slice_valueandmir_slice_range_valuefunctions to the MIR backend, which allow writing specifications involving slice arguments. Currently, only slices to array references are supported, although we may expand the scope of these commands in the future.Some interesting parts of the implementation:
The
TypeShapefor slices is ever-so-slightly different from theTypeShapefor tuples (TupleShape), so I added a newSliceShapeTypeShapeto tell them apart.There is a
MirSetupSliceRawconstructor that is only used forcrucible-mir-comppurposes at the moment. In the future, we may want to expose a SAWScript command that uses this to allow users to directly construct a slice from a pointer and a length.mir_allocnow explicitly disallows allocating slice references, so passingmir_sliceormir_stras an argument will throw an error.This checks off one box in #1859.