[LLVMdev] Using the unused "version" field in the bitcode wrapper (redux)
Robinson, Paul
Paul_Robinson at playstation.sony.com
Tue Nov 25 11:59:32 PST 2014
The fundamental problem is that IR has never been treated as "user input" before. It has always been an ephemeral format, and if some component comes along and sees something it doesn't recognize, that is ipso facto a compiler bug, not a user input error, and it's perfectly okay to crash on a compiler bug. Changing that fundamental assumption would be pretty pervasive.
I will say that the bitcode reader itself is pretty good about identifying bitcode it doesn't recognize; it's the components deeper inside LLVM that are more worrisome.
--paulr
From: Reid Kleckner [mailto:rnk at google.com]
Sent: Tuesday, November 25, 2014 11:43 AM
To: Sean Silva
Cc: Robinson, Paul; Bruce Hoult; llvmdev at cs.uiuc.edu; Yung, Douglas
Subject: Re: [LLVMdev] Using the unused "version" field in the bitcode wrapper (redux)
On Mon, Nov 24, 2014 at 9:41 PM, Sean Silva <chisophugis at gmail.com<mailto:chisophugis at gmail.com>> wrote:
I fail to see why all that re-engineering effort IS "required" to support the use-cases we've provided, and why future-proofing a large body of software that quite honestly was never designed for it and has genuinely very few reasons why it should be.
If we're going to support bitcode as a long-term storage format, everything that pulls information out of bitcode MUST be future-proofed. Doing it piece by piece is a LOT of engineering effort to make LLVM user-friendly in this way; it was never intended to have that degree of self-defense.
I don't understand what you mean by "future-proofed" in this context. If you mean "never crash on bad user input", then your point doesn't make sense to me. LLVM is engineered to never crash on bad user input in the same sense that it is engineered to correctly compile code; neither is allowed, and if either happens it is a bug.
This is true, but we can say from experience that there are a lot of these kinds of bugs and it will take a lot of effort to fix them all. Personally, I think this worth doing. We should be using the new diagnostic handler on the LLVMContext, and most of LLVM should have a way of returning without exploding.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20141125/333ad809/attachment.html>
More information about the llvm-dev
mailing list