From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=V6tR=A2=redhat.com=jason@sourceware.org>
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124])
	by sourceware.org (Postfix) with ESMTPS id 8D2993858D20
	for <gcc-patches@gcc.gnu.org>; Fri,  5 May 2023 11:38:48 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 8D2993858D20
Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=redhat.com
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=redhat.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1683286728;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=ygEfv+XNxBdc9lPK2jHyHGSSpxG6YQxrZKGC197HD6E=;
	b=WwMd3Q8iELJNTKhbQ8cmC1s0lLBueoLpfCqUQLAiEdq0fBwDNTeD2a9lnS1yIM693/s020
	iyFQ0RhPJqWBMD1SillzjNXSJ/WDe/jOV5zG+CgQcS6EwLHchUqgVmcRg32QKkWARc0w1F
	jYTPuUfopDjEmJxKXm9qGKwxb8Ut4VE=
Received: from mail-qt1-f199.google.com (mail-qt1-f199.google.com
 [209.85.160.199]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-404-Kn7FjKpGPeGtsFLvSnJflA-1; Fri, 05 May 2023 07:38:47 -0400
X-MC-Unique: Kn7FjKpGPeGtsFLvSnJflA-1
Received: by mail-qt1-f199.google.com with SMTP id d75a77b69052e-3ef3323e320so16944031cf.0
        for <gcc-patches@gcc.gnu.org>; Fri, 05 May 2023 04:38:47 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20221208; t=1683286727; x=1685878727;
        h=content-transfer-encoding:in-reply-to:from:references:to
         :content-language:subject:user-agent:mime-version:date:message-id
         :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=ygEfv+XNxBdc9lPK2jHyHGSSpxG6YQxrZKGC197HD6E=;
        b=GTP7Bp70JwxE64s/WsllpC0t64V+BwThTDjav/cuCHubKd14wZp2HlAW0242hRIW8t
         svItdX9D/M2mzpSg6JWCeeeUjuuTD4912FrYLhdKJCKkdvhniDBGZN8Z+vfJsX34iIjv
         1Kd/zAzuDdB2GUvpWogJjVaUDBOFHRTTmyN3zhZyoVF15eoZkus0eSqLwrMqB9D8cpYY
         rLqgbLeM2yZEQwfptrq3aEoPrv1CuEKtaHVc8dsOlcIMnUphzvmvTbSiaTt4L0BrLMAJ
         vnMVmJg7z9dCu3oGd8sguStUsMHWGQrjVTuOF0ERrq89U8WOyk5DeM9FSNCPnKEWk1rI
         m7KA==
X-Gm-Message-State: AC+VfDzAn0OYY3oSNec2l5inq/7J0fn2h4LTmXld1MIS2OodbKwmNcoe
	W0KbszhDBlyiaP5S1A4XO36JWwpPFQHxXg92u4TuKczh9Q8+OmJT0+RTcfgVxuGjtqEf0b4QqO0
	bLww0ZGeQe8uxXicQTA==
X-Received: by 2002:ac8:5887:0:b0:3ef:3e8a:d46a with SMTP id t7-20020ac85887000000b003ef3e8ad46amr1810654qta.62.1683286726748;
        Fri, 05 May 2023 04:38:46 -0700 (PDT)
X-Google-Smtp-Source: ACHHUZ6A9TIcV/oQjxLVA7aCoUDcs7GQCCmGBo9CwKPan3uZ/+sYyC0tKBUe++I200BSA5gDsJ8Hqg==
X-Received: by 2002:ac8:5887:0:b0:3ef:3e8a:d46a with SMTP id t7-20020ac85887000000b003ef3e8ad46amr1810631qta.62.1683286726414;
        Fri, 05 May 2023 04:38:46 -0700 (PDT)
Received: from [192.168.1.108] (130-44-146-16.s12558.c3-0.arl-cbr1.sbo-arl.ma.cable.rcncustomer.com. [130.44.146.16])
        by smtp.gmail.com with ESMTPSA id v19-20020a05620a123300b007339c5114a9sm497148qkj.103.2023.05.05.04.38.45
        (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
        Fri, 05 May 2023 04:38:46 -0700 (PDT)
Message-ID: <4070a6dd-0e14-1cdd-dc59-62578fea965e@redhat.com>
Date: Fri, 5 May 2023 07:38:45 -0400
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101
 Thunderbird/102.10.1
Subject: Re: [PATCH] tree: Fix up save_expr [PR52339]
To: Jakub Jelinek <jakub@redhat.com>, Richard Biener <rguenther@suse.de>,
 "Joseph S. Myers" <joseph@codesourcery.com>,
 Eric Botcazou <botcazou@adacore.com>, gcc-patches@gcc.gnu.org
References: <ZFTGiRSmYjV5IqFy@tucnak> <ZFTSne+3Z+A4rzaf@tucnak>
 <ZFTeYfQazNKL2C2Z@tucnak>
From: Jason Merrill <jason@redhat.com>
In-Reply-To: <ZFTeYfQazNKL2C2Z@tucnak>
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Language: en-US
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Spam-Status: No, score=-9.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,NICE_REPLY_A,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_NONE,TXREP,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org
List-Id: <gcc-patches.gcc.gnu.org>

On 5/5/23 06:45, Jakub Jelinek wrote:
> On Fri, May 05, 2023 at 11:55:41AM +0200, Jakub Jelinek via Gcc-patches wrote:
>> Looking at the Ada cases (I admit I don't really understand why it isn't
>> vectorized, the IL is so different from the start because of the extra
>> SAVE_EXPRs that it is very hard to diff stuff), the case where save_expr
>> used to return the argument and no longer does are those
>> r.P_BOUNDS->LB0
>> etc. cases.  Now, I wondered if (pre-gimplification) we couldn't make an
>> exception and allow the base to be INDIRECT_REF or of a REFERENCE_TYPE
>> with the idea that references are really imutable and can't be changed
>> during its lifetime (after gimplification whether something is
>> REFERENCE_TYPE or POINTER_TYPE is lost), but that isn't what Ada is using.

And anyway, a reference can also refer to a non-const object.

>> So, another possibility would be to allow bases of TREE_READONLY (t) &&
>> !TREE_SIDE_EFFECTS (t) which are INDIRECT_REFs of tree_invariant_p_1
>> addresses.  That doesn't work either, in the r.P_BOUNDS->LB0 case
>> P_BOUNDS is a FIELD_DECL with POINTER_TYPE, LB0 is TREE_READONLY FIELD_DECL
>> and that COMPONENT_REF is  also TREE_READONLY, r is TREE_READONLY PARM_DECL,
>> but unforuntately the r.P_BOUNDS COMPONENT_REF isn't marked TREE_READONLY.

And an invariant pointer can point to a non-const object.

>> Thus, shall we treat as tree_invariant_p_1 also handled components which
>> are !TREE_SIDE_EFFECTS (t), but not TREE_READONLY and only their base
>> is TREE_READONLY?  Or do that only during the recursion?
> But doing that feels quite risky.  While the following version of
> the patch avoids the Ada regressions, the fact that we don't miscompile
> the pr52339-1.c testcase modified to have
> int
> foo (const struct S *const p, struct S *q)
> rather than
> int
> foo (const struct S *p, struct S *q)
> is only because the FE happens to add there some useless cast in between.
> While the pointer is invariant, I'm afraid nothing guarantees it goes out
> of scope in between multiple uses of the expression returned by save_expr.

Right.

> 2023-05-05  Jakub Jelinek  <jakub@redhat.com>
> 
> 	PR c++/52339
> 	* tree.cc (tree_invariant_p_1): For TREE_READONLY (t) without
> 	side-effects, only return true if DECL_P (get_base_address (t)).
> 
> 	* g++.dg/opt/pr52339.C: New test.
> 	* gcc.c-torture/execute/pr52339-1.c: New test.
> 	* gcc.c-torture/execute/pr52339-2.c: New test.
> 
> --- gcc/tree.cc.jj	2023-05-01 09:59:46.686293833 +0200
> +++ gcc/tree.cc	2023-05-05 12:34:26.989523468 +0200
> @@ -3876,10 +3876,26 @@ tree_invariant_p_1 (tree t)
>   {
>     tree op;
>   
> -  if (TREE_CONSTANT (t)
> -      || (TREE_READONLY (t) && !TREE_SIDE_EFFECTS (t)))
> +  if (TREE_CONSTANT (t))
>       return true;
>   
> +  if (TREE_READONLY (t) && !TREE_SIDE_EFFECTS (t))
> +    {
> +      /* Return true for const qualified vars, but for members or array
> +	 elements without side-effects return true only if the base
> +	 object is a decl.  If the base is e.g. a pointer dereference,
> +	 what the pointer points to could be deallocated or the pointer
> +	 could be changed.  See PR52339.  */
> +      tree base = get_base_address (t);
> +      if (DECL_P (base))
> +	return true;

So I think the above is correct.

> +      /* As an exception, allow pointer dereferences as long as the pointer
> +	 is invariant.  */
> +      if (TREE_CODE (base) == INDIRECT_REF
> +	  && tree_invariant_p_1 (get_base_address (TREE_OPERAND (base, 0))))
> +	return true;

And this is unsafe.

> +    }
> +
>     switch (TREE_CODE (t))
>       {
>       case SAVE_EXPR:
> --- gcc/testsuite/g++.dg/opt/pr52339.C.jj	2023-05-04 15:23:20.459935705 +0200
> +++ gcc/testsuite/g++.dg/opt/pr52339.C	2023-05-04 15:22:35.640578681 +0200
> @@ -0,0 +1,19 @@
> +// PR c++/52339
> +// { dg-do run { target c++11 } }
> +
> +
> +struct B;
> +struct A { B *b; };
> +struct B {
> +  A *a;
> +  B () : a(new A{this}) {}
> +  ~B () { delete a; }
> +};
> +
> +int
> +main ()
> +{
> +  B *b = new B;
> +  const A *a = b->a;
> +  delete a->b;
> +}
> --- gcc/testsuite/gcc.c-torture/execute/pr52339-1.c.jj	2023-05-04 15:22:59.177241023 +0200
> +++ gcc/testsuite/gcc.c-torture/execute/pr52339-1.c	2023-05-04 15:20:19.820527142 +0200
> @@ -0,0 +1,29 @@
> +/* PR c++/52339 */
> +
> +struct S { int a; };
> +
> +void
> +bar (int *p, struct S *q)
> +{
> +  __builtin_free (q);
> +}
> +
> +int
> +foo (const struct S *p, struct S *q)
> +{
> +  int b[p->a];
> +  bar (b, q);
> +  return sizeof (b);
> +}
> +
> +int
> +main ()
> +{
> +  struct S *p = __builtin_malloc (sizeof (struct S));
> +  if (!p)
> +    return 0;
> +  p->a = 42;
> +  if (foo (p, p) != 42 * sizeof (int))
> +    __builtin_abort ();
> +  return 0;
> +}
> --- gcc/testsuite/gcc.c-torture/execute/pr52339-2.c.jj	2022-11-21 10:04:00.210677046 +0100
> +++ gcc/testsuite/gcc.c-torture/execute/pr52339-2.c	2023-05-04 19:34:08.581686806 +0200
> @@ -0,0 +1,20 @@
> +/* PR c++/52339 */
> +
> +struct S { int a; };
> +
> +int
> +foo (const struct S *p)
> +{
> +  int b[p->a];
> +  ++p;
> +  return sizeof (b);
> +}
> +
> +int
> +main ()
> +{
> +  struct S s[] = { { 42 }, { 43 } };
> +  if (foo (s) != 42 * sizeof (int))
> +    __builtin_abort ();
> +  return 0;
> +}
> 
> 
> 	Jakub
>