Memory-safety annotation for inline assembly.

[ekpyron]

We can also properly make inline assembly StructurallyDocumented, etc, but then we need to double-check that existing natspec-style comments don't cause any errors to keep this fully non-breaking.

[chriseth]

Can you also define what exactly memory safety means?

[ekpyron]

Can you also define what exactly memory safety means?

Sure, this needs extensive documentation before I undraft it :-).
Mainly pushed it already to see if it works for the external test runs. For trident it does - but ENS still fails, I'm just trying to figure out whether that's because it pulls in dependencies with assembly that I didn't patch or because of something else.

[ekpyron]

Eventually we should also add better reports for all of this...
Ideally, I'd report an info message whenever any variables are moved to memory and if compilation fails due to stack too deep, but could not run stack-to-memory due to inline assembly, it should properly suggest adding those annotations... Ideally even with source locations :-).

But that's a bit of a hassle, since codegen so far is not meant to report stuff like that and we may need to store the source locations somewhere, etc., so I'd keep that separate for now...

[ekpyron]

The -1 node id is a bit creepy...

[ekpyron]

I just added a first rough draft for documenting this.

I'm wondering how restrictive we should define this - technically it's valid for stack-to-memory to access any memory that is known to be past the initial value of the free memory pointer...
Also we need to decide whether we want to specifically add the requirement for memory accesses to be bounded, i.e. the assumption for the redundant store eliminator (either as only ever allocating bounded amounts of memory, if we stay with only accessing allocated memory, or more freely as not accessing memory from unbounded offsets).

[ekpyron]

Test failures are just pending #12624 I think

[cameel]

#12624 is ready.

[ekpyron]

For this we still need to discuss what our actual requirements should really be, so I expect this to still change - for the rest of the docs, a review would be good already, though :-).

[chriseth]

This only applies to "via ir", does it?

[ekpyron]

In practice at least... in principle, we could use the information for old codegen as well, but we probably won't.

[chriseth]

Suggested change

	While we recommend to always respect Solidity's memory model, it is possible to use memory
	in an incompatible way from inline assembly. Therefore, moving stack variables to memory and additional
	While we recommend to always respect Solidity's memory model, inline assembly allows you to use memory
	in an incompatible way. Therefore, moving stack variables to memory and additional

[ekpyron]

Instead of the boost::split I could also split on the fly using ranges...

constexpr auto splitString = [](auto _pred) {
		return ranges::views::split_when(move(_pred)) | ranges::views::transform([](auto&& _rng){
			return string_view(&*begin(_rng), static_cast<string_view::size_type>(ranges::distance(_rng)));
		});
};
for (auto value: tagValue.content | splitString(isWhiteSpace) | ranges::views::filter(not_fn(&string_view::empty)))

But maybe that's over the top...

[ekpyron]

Updated the warnings. We should probably be clear that we can also merge the other one, before merging this, though. Although it doesn't matter as long as we manage for the same release I guess.

[ekpyron]

See #12732
But if we report the full value here, I'd say it's still ok for this purpose and we can fix it with #12732...