<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/xhtml; charset=utf-8">
</head>
<body>
<div style="font-family:sans-serif"><div style="white-space:normal">
<p dir="auto">n 31 Jul 2020, at 7:35, Hal Finkel wrote:</p>
</div>
<div style="white-space:normal"><blockquote style="border-left:2px solid #777; color:#777; margin:0 0 5px; padding-left:5px"><p dir="auto">On 7/29/20 9:00 PM, John McCall via cfe-dev wrote:</p>
<blockquote style="border-left:2px solid #777; color:#999; margin:0 0 5px; padding-left:5px; border-left-color:#999"><p dir="auto">On 29 Jul 2020, at 17:42, Richard Smith wrote:<br>
<br>
On Wed, 29 Jul 2020 at 12:52, John McCall <rjmccall@apple.com> wrote:<br>
<br>
...<br>
<br>
I think concretely, the escape hatch doesn't stop things from<br>
going wrong,<br>
because -- as you note -- even though we *could* have made a copy,<br>
it's<br>
observable whether or not we *did* make a copy. For example:<br>
<br>
I would say that it’s observable whether the parameter variable has<br>
the same address as the argument. That doesn’t /have/ to be the same<br>
question as whether a copy was performed: we could consider there to be<br>
a formal copy (or series of copies) that ultimately creates /an/ object<br>
at the same address, but it’s not the /same/ object and so pointers<br>
to the old object no longer validly pointer to it. But I guess that<br>
would probably violate the lifetime rules, because it would make accesses<br>
through old pointers UB when in fact they should at worst access a valid<br>
object that’s just unrelated to the parameter object.<br>
</p>
</blockquote><p dir="auto">I think that it would be great to be able to do this, but unfortunately, I think that the point that you raise here is a key issue. Whether or not the copy is performed is visible in the model, and so we can't simply act as though there was a copy when optimizing. Someone could easily have code that looks like:<br>
<br>
Foo DefaultX;<br>
<br>
...<br>
<br>
void something(Foo &A, Foo &B) {<br>
<br>
if (&A == &B) { ... }<br>
<br>
}<br>
<br>
void bar(Foo X) { something(X, DefaultX); }</p>
</blockquote></div>
<div style="white-space:normal">
<p dir="auto">This example isn’t really on point; a call like <code style="background-color:#F7F7F7; border-radius:3px; margin:0; padding:0 0.4em" bgcolor="#F7F7F7">bar(DefaultX)</code> obviously cannot just pass the address of <code style="background-color:#F7F7F7; border-radius:3px; margin:0; padding:0 0.4em" bgcolor="#F7F7F7">DefaultX</code> as a by-value argument without first proving a lot of stuff about how <code style="background-color:#F7F7F7; border-radius:3px; margin:0; padding:0 0.4em" bgcolor="#F7F7F7">foo</code> uses both its parameter and <code style="background-color:#F7F7F7; border-radius:3px; margin:0; padding:0 0.4em" bgcolor="#F7F7F7">DefaultX</code>. I think <code style="background-color:#F7F7F7; border-radius:3px; margin:0; padding:0 0.4em" bgcolor="#F7F7F7">noalias</code> is actually a subset of what would have to be proven there.</p>
<p dir="auto">In general, the standard is clear that you cannot rely on escaping a pointer to/into a trivially-copyable pr-value argument prior to the call and then rely on that pointer pointing into the corresponding parameter object. Implementations are <em>allowed</em> to introduce copies. But it does seem like the current wording would allow you to rely on that pointer pointing into <em>some</em> valid object, at least until the end of the caller’s full-expression. That means that, if we don’t guarantee to do an actual copy of the argument, we cannot make it UB to access the parameter variable through pointers to the argument temporary, which is what marking the parameter as <code style="background-color:#F7F7F7; border-radius:3px; margin:0; padding:0 0.4em" bgcolor="#F7F7F7">noalias</code> would do.</p>
<p dir="auto">So I guess the remaining questions are:</p>
<ul>
<li>Is this something we can reasonably change in the standard?</li>
<li>Are we comfortable setting <code style="background-color:#F7F7F7; border-radius:3px; margin:0; padding:0 0.4em" bgcolor="#F7F7F7">noalias</code> in C if the only place that would break is with a C++ caller?</li>
</ul>
<p dir="auto">John.</p>
</div>
<div style="white-space:normal"><blockquote style="border-left:2px solid #777; color:#777; margin:0 0 5px; padding-left:5px"><p dir="auto">As Richard's example shows, the code doesn't need to explicitly compare the addresses to detect the copy either. Any code that reads/writes to the objects can do it. A perhaps-more-realistic example might be:<br>
<br>
int Cnt = A.RefCnt; ++A.RefCnt; ++B.RefCnt; if (Cnt + 1 != A.RefCnt) { /* same object case */ }<br>
<br>
The best suggestion that I have so far is that we could add an attribute like 'can_copy' indicating that the optimizer can make a formal copy of the argument in the callee and use that instead of the original pointer if that seems useful. I can certainly imagine a transformation such as LICM making use of such a thing (although the cost modeling would probably need to be fairly conservative).<br>
<br>
-Hal<br>
<br>
</p>
<blockquote style="border-left:2px solid #777; color:#999; margin:0 0 5px; padding-left:5px; border-left-color:#999"><p dir="auto">...<br>
<br>
John.<br>
<br>
<br>
_______________________________________________<br>
cfe-dev mailing list<br>
cfe-dev@lists.llvm.org<br>
<a href="https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev" style="color:#999">https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev</a></p>
</blockquote><p dir="auto">-- <br>
Hal Finkel<br>
Lead, Compiler Technology and Programming Languages<br>
Leadership Computing Facility<br>
Argonne National Laboratory</p>
</blockquote></div>
<div style="white-space:normal">
</div>
</div>
</body>
</html>