stack-allocation: fail early when merging slices

Fixes #54
jasmin-lang · Mar 1, 2023 · 8737be6 · 8737be6
1 parent 2acc170
commit 8737be6
Show file tree

Hide file tree

Showing 4 changed files with 28 additions and 1 deletion.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -76,6 +76,10 @@
   ([PR #326](https://github.com/jasmin-lang/jasmin/pull/326);
   fixes [#325](https://github.com/jasmin-lang/jasmin/issues/325)).
 
+- Stack-allocation ensures that array slices are in bounds
+  ([PR #363](https://github.com/jasmin-lang/jasmin/pull/363);
+  fixes [#54](https://github.com/jasmin-lang/jasmin/issues/54)).
+
 ## Other changes
 
 - Explicit if-then-else in flag combinations is no longer supported

diff --git a/compiler/src/alias.ml b/compiler/src/alias.ml
@@ -132,8 +132,12 @@ let merge_slices params a s1 s2 =
   else
     let s1, s2 = if c < 0 then s1, s2 else s2, s1 in
     let x = s1.in_var in
+    let y = s2.in_var in
     let lo = fst s2.range - fst s1.range in
-    Mv.add x { s2 with range = lo, lo + size_of x.v_ty } a
+    let hi = lo + size_of x.v_ty in
+    if lo < 0 || size_of y.v_ty < hi
+    then hierror_no_loc "merging slices %a and %a may introduce invalid accesses; consider declaring variable %a smaller" pp_slice s1 pp_slice s2 pp_var x;
+    Mv.add x { s2 with range = lo, hi } a
 
 (* Precondition: both maps are normalized *)
 let merge params a1 a2 =

diff --git a/compiler/tests/fail/stack_allocation/bug_54.jazz b/compiler/tests/fail/stack_allocation/bug_54.jazz
@@ -0,0 +1,9 @@
+export
+fn main () -> reg u64 {
+  reg u64 res;
+  stack u64[3] a, b;
+  b[1] = 42;
+  a[0:2] = b[1:2];
+  res = a[0];
+  return res;
+}
diff --git a/compiler/tests/success/bug_54.jazz b/compiler/tests/success/bug_54.jazz
@@ -0,0 +1,10 @@
+export
+fn main () -> reg u8 {
+  reg u8 res;
+  stack u8[3] a;
+  stack u8[4] b;
+  b[1] = 42;
+  a[0:2] = b[1:2];
+  res = a[0];
+  return res;
+}