From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 116885 invoked by alias); 6 Aug 2019 19:20:30 -0000 Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Id: List-Archive: List-Post: List-Help: Sender: gcc-patches-owner@gcc.gnu.org Received: (qmail 116808 invoked by uid 89); 6 Aug 2019 19:20:26 -0000 Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-10.2 required=5.0 tests=AWL,BAYES_00,SPF_HELO_PASS autolearn=ham version=3.3.1 spammy= X-HELO: mx1.redhat.com Received: from mx1.redhat.com (HELO mx1.redhat.com) (209.132.183.28) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Tue, 06 Aug 2019 19:20:24 +0000 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 7EA54793F4 for ; Tue, 6 Aug 2019 19:20:23 +0000 (UTC) Received: from redhat.com (unknown [10.20.4.51]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 10F435D9E1; Tue, 6 Aug 2019 19:20:22 +0000 (UTC) Date: Tue, 06 Aug 2019 19:35:00 -0000 From: Marek Polacek To: Jason Merrill Cc: GCC Patches Subject: Re: C++ PATCH for c++/91264 - detect modifying const objects in constexpr Message-ID: <20190806192021.GL28284@redhat.com> References: <20190731192659.GP32749@redhat.com> <902366c6-754a-de65-f78e-25834263ac8a@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <902366c6-754a-de65-f78e-25834263ac8a@redhat.com> User-Agent: Mutt/1.12.1 (2019-06-15) X-SW-Source: 2019-08/txt/msg00408.txt.bz2 On Mon, Aug 05, 2019 at 03:54:19PM -0400, Jason Merrill wrote: > On 7/31/19 3:26 PM, Marek Polacek wrote: > > One of the features of constexpr is that it doesn't allow UB; and such UB must > > be detected at compile-time. So running your code in a context that requires > > a constant expression should ensure that the code in question is free of UB. > > In effect, constexpr can serve as a sanitizer. E.g. this article describes in > > in more detail: > > > > > > [dcl.type.cv]p4 says "Any attempt to modify a const object during its lifetime > > results in undefined behavior." However, as the article above points out, we > > aren't detecting that case in constexpr evaluation. > > > > This patch fixes that. It's not that easy, though, because we have to keep in > > mind [class.ctor]p5: > > "A constructor can be invoked for a const, volatile or const volatile object. > > const and volatile semantics are not applied on an object under construction. > > They come into effect when the constructor for the most derived object ends." > > > > I handled this by keeping a hash set which tracks objects under construction. > > I considered other options, such as going up call_stack, but that wouldn't > > work with trivial constructor/op=. It was also interesting to find out that > > the definition of TREE_HAS_CONSTRUCTOR says "When appearing in a FIELD_DECL, > > it means that this field has been duly initialized in its constructor" though > > nowhere in the codebase do we set TREE_HAS_CONSTRUCTOR on a FIELD_DECL as far > > as I can see. Unfortunately, using this bit proved useless for my needs here. > > > Also, be mindful of mutable subobjects. > > > > Does this approach look like an appropriate strategy for tracking objects' > > construction? > > For scalar objects, we should be able to rely on INIT_EXPR vs. MODIFY_EXPR > to distinguish between initialization and modification; for class objects, I This is already true: only class object go into the hash set. > wonder about setting a flag on the CONSTRUCTOR after initialization is > complete to indicate that the value is now constant. But here we're not dealing with CONSTRUCTORs in the gcc sense (i.e. exprs with TREE_CODE == CONSTRUCTOR). We have a CALL_EXPR like Y::Y ((struct Y *) &y), which initializes the object "y". Setting a flag on the CALL_EXPR or its underlying function decl wouldn't help. (Also, all 6 TREE_LANG_FLAGs for a CONSTRUCTOR are used.) Am I missing something? Marek