I can't figure out what "half of a bijection" is, and this phrase apparently appears nowhere on the internet other than in this file. Can we rephrase?

Comma before "and" -- new independent clause.

An IRUnitT is not necessarily a function pointer, nor a pointer to an llvm::Function, right?

same here wrt "function pointer"

This comment in particular, but also the one above, just sort of spells out in English what the type is. It's definitely helpful to tell me what "void*" is, but you could write that as

std::pair</* AnalysisID */ void*, IRUnit *>

or even

using AnalysisID = void*;
std::pair<AnalysisID, IRUnit *>

Once we've made the code clearer in this way, perhaps we could use the comments to say something about what these types are for.

comma before "to"

Rephrase beginning at "and" -- bad parallelism.

Nit, we don't really pass the API per se. "We pass in an Invalidator", perhaps?

Rephrase starting with "rather than". I think this is important, because it's kind of the motivation for the whole design, but I don't grok what you're trying to get across.

"look up" is still the verb form. I am losing this fight, but I have at least a few more years before the space is gone forever. (The space makes the written form of the verb match the spoken form, which has two accented syllables -- the spoken noun form has only one accented syllable -- "LOOKup TAble", versus "LOOK UP 'TAble' in the dictionary".)

Kind of runs on -- split into two sentences?

Track whether each pass's result is invalidated.  Memoize the results using the IsResultInvalidated map.

type-erased

s/where/whereas/

s/but/and

again s/where/whereas/ (or "while") would help, I think.

Or maybe just

This is basically the same thing as Invalidator::invalidate, but we can't call it here because we're operating on the type-erased result.  Moreover if we instead called invalidate() directly, it would do an unnecessary lookup in ResultsList.

Or maybe even leave out that second sentence, because it's a premature optimization. :)

s/invalidator/Invalidator/?

No need to set up a contrast, I think. Maybe simply

Now erase the results that were invalidated.

(I don't know why we have both a list and a map when we have things like MapVector, but...okay, let's assume there's a good reason for this. :)

Based on this comment I have no idea what I am supposed to do with the InvalidatorT object.

Invaliadtion

(I wonder how hard it would be to make a good C++ spellchecker. You could imagine a tool that spellchecks only comments, and doesn't flag tokens that appear elsewhere in the code (outside comments)... Catching these typos doesn't seem like a good job for hoomans.)

((Now I'm thinking about using whatever tech Chrome's online spellchecker -- which is hauntingly accurate -- uses, not just to catch typos in comments, but also bugs in code...))

I don't understand this comment, particularly "with a set".

s/analyses/analysis/

Kind of a run-on sentence, maybe split?

Can this constructor just take an std::function instead? That would mean you have to spell out the type of the std::function twice, but I think it would be more explicit.

Nit, missing period.

The "for one function invalidate" form is awkward for me. Maybe this would be easier to read as a bulleted list:

Next, invalidate
  - the indirect analysis for g(),
  - the underlying analysis for h(), and
  - both analyses for f().

It might also make sense to rejigger the code so that we can change the comment to read "f()", "g()", and "h()".

comma before "forcing"

ecah

sp, indiract

is invalidated

Not sure "total" is helpful.

Again not sure the second "total" helps.

WRT the names:

I agree "invalidate" isn't a great name, because

if (!my_pass->invalidate(...)) {
  // my_pass was not invalidated!
}

checkIfInvalidated? onIRChange? notifyIRChanged? I like the first one because the bool return value sort of makes sense.

This would also change the comment above -- we're not really "trying" to invalidate the result. More informing it that something has changed, and giving it the option to mark itself as invalid.

I still don't really understand what we're supposed to do inside the invalidate function, so I'm not sure about the Invalidator class name. The only example I have is

bool TestIndirectFunctionAnalysis::invalidate(Function &F, const PreservedAnalyses &PA,
                FunctionAnalysisManager::Invalidator &Inv) {
  return !PA.preserved<TestIndirectFunctionAnalysis>() ||
         Inv.invalidate<TestFunctionAnalysis>(F, PA);
}

It naively seems to me that it would be better to structure things so that we never run this function if PA.preserved<TestIndirectFunctionAnalysis>(). The Invalidator could ensure this. Then our function could be

bool checkIfInvalidated(...) {
  return Inv.checkIfInvalidated<Dep1>() || Inv.checkIfInvalidated<Dep2>();
}

which actually makes sense to me. I think ideally Inv.checkIfInvalidated would take zero parameters, since it's just boilerplate, but maybe it should still take the Function/Module/whatever. We'd at least be able to get rid of the PreservedAnalyses argument, I think?

Currently, the invalidate method is a way to opt out of being invalidated (e.g. for TTI which knows it only depends on the target).

However, this cannot trigger invalidation of additional analysis result objects, which is what is needed when one analysis result holds pointers to another analysis results in order to avoid use-after free errors[1]. Hence the addition of the extra invalidation machinery in this patch. (this patch is by no means a comprehensive solution; I mentioned some problem areas in the initial comment in this review).

The Invalidator that is added in this patch basically provides a constrained interface to the analysis result list so that analysis result objects can transitively find and check whether any analysis result objects that they hold a pointer to have been invalidated. This allows invalidation to propagate from dependencies to dependents and trigger additional invalidation, avoiding use-after-free. (for layering reasons, analyses cannot know what will depend on them, but only what they depend on, so to do this with object recursion requires this process to be top-down dependent-to-dependency relying on memoization, rather than bottom-up dependency-to-dependent with a direct traversal)

Also, unfortunately, it is not entirely practical to avoid calling the invalidate method when PA.preserved<FooAnalysis>() is true. The difficulty again occurs when analysis result objects for FooAnalysis hold pointers to other analysis result objects. In that case, transformation passes would have to call PA.preserve<BarAnalysis>() for every analysis that FooAnalysis result objects transitively hold a pointer to (otherwise there would be a dangling pointer / use-after-free error when the BarAnalysis result object is invalidated due to not being in the "preserved" set). There is actually an additional difficulty due to AliasAnalysis, which depends on a dynamic (but fixed for a given pass pipeline invocation) set of type-erased analyses; hence there is no static set of PA.preserve<...>() calls which is necessarily correct.

I don't think that the PreservedAnalyses argument can be eliminated, because the !PA.preserved<FooAnalysis>() check is essentially the base-case of the object recursion facilitated by the Invalidator. I.e. it determines the roots from which invalidation must be propagated from dependency to dependent (although for layering reasons the object recursion goes from dependent to dependency, with memoization to keep the complexity under control).

[1] This is actually pervasive. Running any non-trivial pipeline on any non-trivial piece of code will currently trigger numerous use-after free errors with the new pass manager.

Just a stale comment.

True, the comment here is just trying to explain the type itself. The members below that use them I think have more helpful comments?

I could try to clean up the type names with aliases and remove the comments if you like. But maybe in a follow-up patch? It seems orthogonal to what this is trying to do.

I've cleaned up the comments very minorly here, but not in any way that substantively addresses this.

I've tried to clarify this. Keep complaining until it makes sense though.

I like your wording much better than mine. Stolen.

And I still want to document that we're dodging a map lookup -- if we go back, the author should be aware of this even if it is worth the tradeoff.

First and foremost, I'm down with renaming this, but I'd really like that to be a separate patch. It'll be a ton of boring changes that I don't want to try and juggle in this commit.

Second, regarding the preserved analysis argument and the IR unit argument: I think they both have good reasons to exist.

1. Transformations may want to preserve an entire set of analyses, and analyses should query in the preserved analyses to see if a set that covers them has been preserved even if the individual analyses has not been.
2. Analyses may want to check trivial information about the IR to determine from first principles that they have been preserved.

And as Sean points out, this is really just about adding the first of several pieces of infrastructure necessary to make invalidation reliable.

I'd like to brainstorm different names for this outside the review though to see if there is a clearly superior alternative.

Yea, I failed to update this. Fixed.

Tried better words.

Not sure what rejiggering you had in mind here, but the comment seems sane now?

switched to 'analysis ID' which seems more clear.

Yea, this was just completely missing documentation. Added. Happy to tweak and/or improve in follow-up commits.

I'll chat with you and maybe others on IRC first to get some ideas, and then I'll send a dedicated patch to do this.