[LLVMdev] Is LLVM expressive enough to represent asynchronous exceptions?

Duncan Sands baldrick at free.fr
Tue Jun 14 02:11:20 PDT 2011 

Hi John,

On 13/06/11 23:27, John McCall wrote:
> On Jun 13, 2011, at 2:12 PM, Andrew Trick wrote:
>> Although I believe asynchronous signals are also best handled by the runtime. They can be converted into cooperative exceptions. I have to say I can't see the value in resuming from an interrupt at literally any instruction address.
>
> For what it's worth, SEH (which inspires a lot of this) allows blocks of code to be protected from interruption.
>
> But yes, I am not inclined to support asynchronous exceptions from signals.

gcc Ada turns signals into exceptions.  As far as I know it does this
completely asynchronously, and the fact that LLVM doesn't support this
is rather bad as far as Ada is concerned.  That said, the Ada front-end
doesn't rely on this for things like dividing by zero: it precedes all
code that does division by a bunch of checks that test that nothing can
go wrong (like dividing by zero) and explicitly raises a "synchronous"
exception if one of the checks fail.  In particular it does not rely on
-ftrapv to catch integer overflow (which must raise an exception); I hear
that this is because -ftrapv does not work reliably.  I'm assuming that it
explicitly checks for division by zero because relying on signals does not
work reliably, e.g. Ada semantics are not always preserved by the optimizers
if you do this; but I'm not sure.  So when does Ada use signals?  Essentially
never!  I.e. an Ada program only gets hit by a signal if something very bad
went wrong, that the compiler couldn't catch by inserting explicit checks.
This almost always means memory corruption: for example a double free or a
use after free can result in the program being hit by a signal, which then
gets turned into an exception.  Since the Ada language treats these kinds of
things as "unbounded errors" (i.e. the nasal demon sort), there are no special
semantics to preserve, so relying on signals is presumably fine.  Things like
dividing by zero are "bounded errors" (i.e. the consequences of this kind of
error are carefully circumscribed), which is presumably why the compiler is
very careful that Ada semantics are preserved in these cases.

Ciao, Duncan.

More information about the llvm-dev mailing list