Out of curiosity, does this idiom work in fil-c?

https://github.com/protocolbuffers/protobuf/blob/cb873c8987d...

      // This somewhat silly looking add-and-subtract behavior provides provenance
      // from the original input buffer's pointer. After optimization it produces
      // the same assembly as just casting `(uintptr_t)ptr+input_delta`
      // https://godbolt.org/z/zosG88oPn
      size_t position =
      (uintptr_t)ptr + e->input_delta - (uintptr_t)e->buffer_start;
      return e->buffer_start + position;

It does use the implementation defined behavior that a char pointer + 1 casted to uintptr is the same as casting to uintptr then adding 1.

▲ pizlonator 5 days ago | parent [-]

Yeah that should just work

Code that strives to preserve provenance works in Fil-C

▲

charleslmunger 5 days ago | parent [-]

Very cool. Hardware asan did not catch the pointer provenance bug in the previous implementation of that code because it relies on tag bits, and the produced pointer was bit-identical to the intended one. It sounds like fil-c would have caught it because the pointer capabilities are stored elsewhere.

▲

kragen 5 days ago | parent [-]

What hardware do you need for hardware Asan? I'm so out of the loop that I haven't heard of it before.

▲

saagarjha 5 days ago | parent [-]

TBI: https://clang.llvm.org/docs/HardwareAssistedAddressSanitizer...

	▲	kragen 5 days ago \| parent [-]
		Thanks!