This is an archive of the discontinued LLVM Phabricator instance.

[CodeGen] Disable default copy ctor and copy assignment operator for class Array
ClosedPublic

Authored by yubing on Jun 5 2023, 11:28 PM.

Details

Summary

class Array manages resources such as dynamically allocated memory, it's generally a good practice to either implement a custom copy constructor or disable the default one.

Diff Detail

Event Timeline

yubing created this revision.Jun 5 2023, 11:28 PM
Herald added a project: Restricted Project. · View Herald TranscriptJun 5 2023, 11:28 PM
Herald added a subscriber: MatzeB. · View Herald Transcript
yubing requested review of this revision.Jun 5 2023, 11:28 PM
Herald added a project: Restricted Project. · View Herald TranscriptJun 5 2023, 11:28 PM
yubing edited the summary of this revision. (Show Details)Jun 5 2023, 11:28 PM
yubing added a reviewer: pengfei.
pengfei accepted this revision.Jun 5 2023, 11:53 PM

LGTM.

This revision is now accepted and ready to land.Jun 5 2023, 11:53 PM

Any particular motivation for this series of patches? (like this non-owning Array type looks totally fine to copy, like ArrayRef)

We actually have some out of tree code that requires us to dynamically grow LiveRegMatrix (for compile time optimizations for our backend) and we rely on these copy constructors/assignment operators to resize the Matrix. Like David mentioned above, what's the motivation here? It should be perfectly fine to update pointers and size that's not being owned by this class?

Can you please revert this commit unless there's a strong motivating reason for this commit?

@dblaikie @aditya_nandakumar i just revert the commit

Could you, perhaps, revisit the other similar patches in this series - maybe a discourse post summarizing/linking to them all & explaining the general motivation for them/which ones we should keep/revert/etc and why?

I think the intention here is to harden the code to avoid potential risks, e.g., UAF, caused by shallow copy.
I don't see a problem to have a strict rule for this. According to LLVM policy, downstream only usage is not a strong reason for upstream code. And I think it's also good to define an explicit copy constructor if you are intended to do the copy.

I think the intention here is to harden the code to avoid potential risks, e.g., UAF, caused by shallow copy.
I don't see a problem to have a strict rule for this. According to LLVM policy, downstream only usage is not a strong reason for upstream code. And I think it's also good to define an explicit copy constructor if you are intended to do the copy.

How about making them ' = default' instead?

I think the intention here is to harden the code to avoid potential risks, e.g., UAF, caused by shallow copy.
I don't see a problem to have a strict rule for this. According to LLVM policy, downstream only usage is not a strong reason for upstream code. And I think it's also good to define an explicit copy constructor if you are intended to do the copy.

But there was no problem with this code and its copy ctor/assignment operator to begin with? Perhaps just renaming this or reusing the exsiting llvm::MutableArrayRef here?
& I'm still not sure about the rest of the related changes that were made to other types in this series of patches - I'd like a broader design discussion about the set of changes, probably on discourse.

skan added a subscriber: skan.Jun 19 2023, 12:02 AM

I think the intention here is to harden the code to avoid potential risks, e.g., UAF, caused by shallow copy.
I don't see a problem to have a strict rule for this. According to LLVM policy, downstream only usage is not a strong reason for upstream code. And I think it's also good to define an explicit copy constructor if you are intended to do the copy.

How about making them ' = default' instead?

I have the same suggestion

I think the intention here is to harden the code to avoid potential risks, e.g., UAF, caused by shallow copy.
I don't see a problem to have a strict rule for this. According to LLVM policy, downstream only usage is not a strong reason for upstream code. And I think it's also good to define an explicit copy constructor if you are intended to do the copy.

But there was no problem with this code and its copy ctor/assignment operator to begin with? Perhaps just renaming this or reusing the exsiting llvm::MutableArrayRef here?
& I'm still not sure about the rest of the related changes that were made to other types in this series of patches - I'd like a broader design discussion about the set of changes, probably on discourse.

Ping on all this.