Re: Subverting 'Access for Sub-programs

[adam@irvine.com]

In article <wccu2qdnidg.fsf@world.std.com>,
  Robert A Duff <bobduff@world.std.com> wrote:

> There was one proposal that involved run-time checks (see my other
> posting),

Note: I haven't looked at this yet.

> but I'm not sure it matches the kinds of run-time checks
> you're thinking of.  I don't think anybody ever proposed a feature
> where
> you could form a pointer to a (possibly-nested) subprogram, and then
> check the validity of this pointer at the call site.  Such a feature
> would be difficult to implement efficiently.

After I wrote the above post, I actually did think of a simple way
that this type of runtime check could be implemented efficiently.
Suppose you have a subprogram P that contains nested subprograms Q1,
Q2, etc.  If Q1'ACCESS is used, the compiler allocates a global counter
for P (Q1's parent); the access value for Q1'ACCESS would contain the
address of P's global counter, and the current value of the counter.
When P exits, it increments the global counter just before returning.
Now, any access-subprogram type that has this property will have a
counter address (possibly null) and a current counter value; so when
dereferencing, the program would look up the pointed-to counter and see
if its value matches the value stored in the access-subprogram type.  If
not, the dereference is illegal.  (A null counter address would indicate
a global subprogram, or perhaps any subprogram that is statically not
deeper than the type, so that the check would be unnecessary.)

P's counter would also have to be incremented when its execution is
abandoned due to an exception; this may add a little complication in
some implementations, but not too much.  Tasking probably complicates
things.

                                -- Adam



Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.