[cfe-dev] [RFC] Handling implementation limits

Finkel, Hal J. via cfe-dev cfe-dev at lists.llvm.org
Thu Jan 2 10:23:32 PST 2020


On 1/2/20 10:40 AM, Keane, Erich via cfe-dev wrote:
While I definitely want us to try to document our implimits, I WILL say that we want to make sure we’re not publishing inaccurate numbers.  Some of the limits are much harder than just testing.  For example, template depth CAN be limited by -ftemplate-depth, however we end up running out of stack space or memory with some fairly simple templates that way even before 1024.

If we publish these, I’d be wary that it would become expected that we could do template depth of 1024 (rather than that being a theoretical limit).


I agree with this, but I also feel like this is not a huge problem in practice. Everything that the compiler does is subject to the availability of resources (and other permissions/capabilities). These limits being discussed impose additional restrictions, and so limit the capabilities of the compiler even if resources are available, and so long as we provide the general disclaimer, I think that we can proceed without considering resource constraints specifically.

As far as rationale documentation goes, however, it would certainly make sense to note which limits are "practically unlimited", in the sense that you're likely to run out of resources far before you hit that particular threshold.

 -Hal


One other concern I have is a more specific one, BitFieldBits, which limits the size by setting a bitfield size itself (in CGRecordLayout). The current size is chosen in a way that seems to intentionally make a size of CGBitFieldInfo not have padding.  Any time we create one of these we need to make sure that we document the reason for the size, so that we have an understanding of why it was set that size.

Finally, I believe we should diagnose on all of the implimits that we come across as well.  BitFieldBits is very important one to do semantic analysis diagnosis on, particularly if we’re going to document it.

From: cfe-dev <cfe-dev-bounces at lists.llvm.org><mailto:cfe-dev-bounces at lists.llvm.org> On Behalf Of via cfe-dev
Sent: Thursday, January 2, 2020 8:29 AM
To: Mark de Wever <koraq at xs4all.nl><mailto:koraq at xs4all.nl>
Cc: aaron.ballman at gmail.com<mailto:aaron.ballman at gmail.com>; richard at metafoo.co.uk<mailto:richard at metafoo.co.uk>; cfe-dev <cfe-dev at lists.llvm.org><mailto:cfe-dev at lists.llvm.org>
Subject: Re: [cfe-dev] [RFC] Handling implementation limits

This is a very good idea as documenting these limits will be very helpful for anyone who is using Clang within a MISRA coding environment, where these limits need to be known when configuring static analysis tools.

Chris Tapp, MISRA C++ Chairman

On 1 Jan 2020, at 16:16, Mark de Wever via cfe-dev <cfe-dev at lists.llvm.org<mailto:cfe-dev at lists.llvm.org>> wrote:

This RFC asks the community for its interest in centralizing Clang's
implementation limits and how you feel about the proposed approach.

Abstract
========

At the moment the implementation limits of the Clang compiler are hidden
in magic numbers in the code. These numbers sometimes differ between the
frontend and the backend. They are not always properly guarded by compiler
warnings, instead they trigger assertion failures.

This proposal suggests a TableGen based solution to better maintain these
limits. This solution will be able to generate a header and documentation
of these limits. The latter is required by the C++ standard [implimits].


The problem
===========

The proposal tries to solve 2 issues:
* Implementation limits are not always clear and duplicated in the source.
* Document C++ Implementation quantities  is required by the C++ standard
 [implimits].


Unclear limits
--------------

The compiler has several limitations often 'hidden' as the width of a
bit-field in a structure. This makes it hard to find these limits. Not
only for our users but also for developers. While looking at a proper
limit for the maximum width of a bit-field in the frontend I discovered
it didn't matter what the frontend picked, the backend already had a
limit [D71142]. To fix this issue the frontend and backend should have
the same limit. To avoid duplicating the value it should be in a header
available to the frontend and backend.

Since the values are often stored in a bit-field there is no standard way
to get the maximum value. This means the limit needs a small helper
function to get the value, for example [D63975] uses
`getMaxFunctionScopeDepth()`.


Standard conformance
--------------------

This is rather simple the C++ standard Annex B states:
  Because computers are finite, C++ implementations are inevitably
  limited in the size of the programs they can successfully process.
  Every implementation shall document those limitations where known.

Currently this documentation is not available.


The proposed solution
=====================

In order to solve this issue I created a proof-of-concept solution
[D72053]. It contains a new file
clang/include/clang/Basic/ImplementationQuantities.td with two TableGen
generators which create:
* An inc file with a set of constants containing the limits. This file
 $BUILD_DIR/tools/clang/include/clang/Basic/ImplementationQuantities.inc
 is included in the header
 clang/include/clang/Basic/ImplementationQuantities.h.
* The document clang/docs/ImplementationQuantities.rst
 This document documents the limits of Clang. These limits include, but
 are not limited to the quantities in [implimits].

The quantity limit has the following possible types:
* The quantity is limited by the number of bits in a bit-field. TableGen
 generates two constants:
 * FieldNameBits, the number of bits in the bit-field.
 * MaxFieldName, the maximum value of the bit-field. (This assumes all
   bit-fields can be stored in an unsigned.)
* The quantity is limited by a value. TableGen generates one constant:
 * MaxFieldName, the maximum value of the field.
* The quantity's limit is determined by a compiler flag. TableGen
 generates one constant:
 * FieldNameDefault, the default value of the compiler flag.
* The quantity's limit cannot be expressed in a number. For example it
 depends on the stack size or available memory of the system. In this
 case TableGen generates no constant, only documentation.

For all types documentation is generated. The documentation shows the
description of the limit and the limit implemented in Clang. If the
recommended value is not 0 it is a value described in the C++ Standard. In
this case the recommended value is shown in the documentation.


Questions
=========

* If this proposal is accepted how to we make sure the document is updated
 before releasing a new version of clang?
* The compiler flag limits are also documented in the UserManual. This means
 these limits are still duplicated. Do we want to let the UserManual also be
 generated and use the values here or just keep the duplication?


Bikeshed
========

I picked IQ for the namespace of the quantities since it's short and not
often used in the codebase so it's easy greppable.


[implimits] http://eel.is/c++draft/implimits
[D63975] https://reviews.llvm.org/D63975
[D71142] https://reviews.llvm.org/D71142
[D72053] https://reviews.llvm.org/D72053


Kind regards,
Mark de Wever
_______________________________________________
cfe-dev mailing list
cfe-dev at lists.llvm.org<mailto:cfe-dev at lists.llvm.org>
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev




_______________________________________________
cfe-dev mailing list
cfe-dev at lists.llvm.org<mailto:cfe-dev at lists.llvm.org>
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev


--
Hal Finkel
Lead, Compiler Technology and Programming Languages
Leadership Computing Facility
Argonne National Laboratory
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20200102/00cb78ae/attachment-0001.html>


More information about the cfe-dev mailing list