Mu - 313index-bounds-check.subx

https://github.com/akkartik/mu/blob/main/313index-bounds-check.subx
 1 # Helper to check an array's bounds, and to abort if they're violated.
 2 # Really only intended to be called from code generated by mu.subx.
 3 
 4 == code
 5 
 6 __check-mu-array-bounds:  # index: int, elem-size: int, arr-size: int, function-name: (addr array byte), array-name: (addr array byte)
 7     # . prologue
 8     55/push-ebp
 9     89/<- %ebp 4/r32/esp
10     # . save registers
11     50/push-eax
12     51/push-ecx
13     52/push-edx
14     # . not bothering saving ebx; it's only clobbered if we're going to abort
15     # ecx = arr-size
16     8b/-> *(ebp+0x10) 1/r32/ecx
17     # var overflow/edx: int = 0
18     ba/copy-to-edx 0/imm32
19     # var offset/eax: int = index * elem-size
20     8b/-> *(ebp+8) 0/r32/eax
21     f7 4/subop/multiply-eax-with *(ebp+0xc)
22     # check for overflow
23     81 7/subop/compare %edx 0/imm32
24     0f 85/jump-if-!= __check-mu-array-bounds:overflow/disp32
25     # check bounds
26     39/compare %eax 1/r32/ecx
27     0f 82/jump-if-unsigned< $__check-mu-array-bounds:end/disp32  # negative index should always abort
28     # abort if necessary
29     (write-buffered Stderr "fn ")
30     (write-buffered Stderr *(ebp+0x14))
31     (write-buffered Stderr ": offset ")
32     (write-int32-hex-buffered Stderr %eax)
33     (write-buffered Stderr " is too large for array '")
34     (write-buffered Stderr *(ebp+0x18))
35     (write-buffered Stderr "'\n")
36     (flush Stderr)
37     # exit(1)
38     bb/copy-to-ebx 1/imm32
39     e8/call syscall_exit/disp32
40 $__check-mu-array-bounds:end:
41     # . restore registers
42     5a/pop-to-edx
43     59/pop-to-ecx
44     58/pop-to-eax
45     # . epilogue
46     89/<- %esp 5/r32/ebp
47     5d/pop-to-ebp
48     c3/return
49 
50 __check-mu-array-bounds:overflow:
51     # "fn " function-name ": offset to array '" array-name "' overflowed 32 bits\n"
52     (write-buffered Stderr "fn ")
53     (write-buffered Stderr *(ebp+0x14))
54     (write-buffered Stderr ": offset to array '")
55     (write-buffered Stderr *(ebp+0x18))
56     (write-buffered Stderr "' overflowed 32 bits\n")
57     (flush Stderr)
58     # exit(1)
59     bb/copy-to-ebx 1/imm32
60     e8/call syscall_exit/disp32
61 
62 # potential alternative
63 
64 #? __bounds-check:  # msg: (addr array byte)
65 #?   (write-buffered Stderr "abort: array bounds exceeded in fn ")
66 #?   8b/-> *(esp+4) 0/r32/eax  # we're going to abort, so just clobber away
67 #?   (write-buffered Stderr %eax)
68 #?   (write-buffered Stderr Newline)
69 #?   # exit(1)
70 #?   bb/copy-to-ebx 1/imm32
71 #?   e8/call syscall_exit/disp32
72 
73 # to be called as follows:
74 #   var/reg <- index arr/rega: (addr array T), idx/regi: int
75 #     | if size-of(T) is 1, 2, 4 or 8
76 #         => # temporarily save array size to reg to check bounds
77 #            "8b/-> *" rega " " reg "/r32"
78 #            "c1/shift 5/subop/right %" reg " " log2(size-of(T)) "/imm32"
79 #            "3b/compare " reg "/r32 *" rega
80 #            "68/push \"" function "\"/imm32"  # pass function name to error message
81 #            "0f 8d/jump-if->= __bounds_check/disp32"
82 #            "81 0/subop/add %esp 4/imm32"  # drop function name
83 #            # actually save the index addr in reg
84 #            "8d/copy-address *(" rega "+" regi "<<" log2(size-of(T)) "+4) " reg "/r32"