• clemensh's avatar
    [base] Define CHECK comparison for signed vs. unsigned · db0c86fa
    clemensh authored
    The current CHECK/DCHECK implementation fails statically if a signed
    value is compared against an unsigned value. The common solution is to
    cast on each caller, which is tedious and error-prone (might hide bugs).
    This CL implements signed vs. unsigned comparisons by executing up to
    two comparisons. For example, if i is int32_t and u is uint_32_t, a
    DCHECK_LE(i, u) would create the check
    i <= 0 || static_cast<uint32_t>(i) <= u.
    For checks against constants, at least one of the checks can be removed
    by compiler optimizations.
    
    The tradeoff we have to make is to sometimes silently execute an
    additional comparison. And we increase code complexity of course, even
    though the usage is just as easy (or even easier) as before.
    
    The compile time impact seems to be minimal:
    I ran 3 full compilations for Optdebug on my local machine, one time on
    the current ToT, one time with this CL plus http://crrev.com/2524093002.
    Before: 143.72 +- 1.21 seconds
    Now: 144.18 +- 0.67 seconds
    
    In order to check that the new comparisons are working, I refactored
    some DCHECKs in wasm to use the new magic, and added unit test cases.
    
    R=ishell@chromium.org, titzer@chromium.org
    CC=ahaas@chromium.org, bmeurer@chromium.org
    
    Committed: https://crrev.com/5925074a9dab5a8577766545b91b62f2c531d3dc
    Review-Url: https://codereview.chromium.org/2526783002
    Cr-Original-Commit-Position: refs/heads/master@{#41275}
    Cr-Commit-Position: refs/heads/master@{#41411}
    db0c86fa
wasm-module.h 18.9 KB