RFC: range attribute


User-supplied range information would be useful for both static analyzers and optimizers. For static analyzers, the information can be used to reduce false positives if the developer knows the physical limit of some variables. For the backend, the information can provide more precise value ranges for optimizations.

How about a new range attribute that allows developers to annotate range information?

Here's a prototype implementation that adds the range attribute to clang and emits range metadata.

  Comparing llvm-mirror:master...xiw:range · llvm-mirror/clang · GitHub

Here's an example.

  struct A {
      int x;
      int y __attribute__((range(100, 200)));

  int z __attribute__((range(250, 500)));

  int foo(struct A *a)
      return a->y + z;

// CHECK: load i32* %y, align 4, !range !0
// CHECK: load i32* @z, align 4, !range !1

// CHECK: !0 = metadata !{i32 100, i32 201}
// CHECK: !1 = metadata !{i32 250, i32 501}

One bummer is that !range can only be attached to load instructions, and thus the patch doesn't support range attributes on function return values (or parameters). Maybe we can generate some module metadata instead?

- xi

Richard Smith spoke about detecting integer overflow/underflow in his own RFC for catching as much undefined behavior as possible; I believe this would interact with this proposal since getting out of the range should probably be seen as overlfowing/underflowing.

I added him so he does not miss this.

– Matthieu.