This is an archive of the discontinued LLVM Phabricator instance.

Differential D76086

[Sema][SVE] Reject arithmetic on pointers to sizeless types
ClosedPublic

Authored by rsandifo-arm on Mar 12 2020, 11:44 AM.

Details

Reviewers
sdesmalen
efriedma
rovka
rjmccall
Commits
rG94489f35a7f8: [Sema][SVE] Reject arithmetic on pointers to sizeless types
Summary

This patch completes a trio of changes related to arrays of
sizeless types. It rejects various forms of arithmetic on
pointers to sizeless types, in the same way as for other
incomplete types.

Diff Detail

Event Timeline

rsandifo-arm created this revision.Mar 12 2020, 11:44 AM
Herald added a project: Restricted Project. · View Herald TranscriptMar 12 2020, 11:44 AM
Herald added subscribers: cfe-commits, psnobl, rkruppe, tschuett. · View Herald Transcript
rsandifo-arm added a parent revision: D76084: [Sema][SVE] Reject subscripts on pointers to sizeless types.Mar 12 2020, 11:45 AM
rsandifo-arm added a child revision: D76087: [Sema][SVE] Reject sizeless types in exception specs.Mar 12 2020, 11:50 AM
Harbormaster completed remote builds in B49024: Diff 250000.Mar 12 2020, 11:59 AM
efriedma added a comment.Mar 12 2020, 12:19 PM

Do we really want to forbid this? The expected semantics are clear, and the obvious lowering to getelementptr just works.

efriedma mentioned this in D76084: [Sema][SVE] Reject subscripts on pointers to sizeless types.Mar 12 2020, 12:24 PM
rsandifo-arm mentioned this in D76088: [Sema][SVE] Don't allow sizeless objects to be thrown.Mar 12 2020, 12:47 PM
rsandifo-arm added a comment.Mar 12 2020, 1:15 PM
In D76086#1920096, @efriedma wrote:

Do we really want to forbid this? The expected semantics are clear, and the obvious lowering to getelementptr just works.

The problem is that pointer arithmetic is really a form of sizeof() operation. I.e. it only makes sense to move pointers past N objects if you know how big they are.

One corner-case that behaves strangely without the patch is:

void f() {
  int x;
  constexpr int y = (&x + 1) - &x;
}

void g() {
  __SVInt8_t x;
  constexpr int y = (&x + 1) - &x;
}

f() seems to be valid code, but g() produces:

warning: subtraction of pointers to type '__SVInt8_t' of zero size has undefined behavior [-Wpointer-arith]

So if we were to allow pointer arithmetic, I think in practice we'd need some rules to make sizeof effectively variable, but limited to that context.

In practice I don't think a more relaxed rule wil be useful because it isn't possible to create arrays of sizeless type. So the simplest approach seems to be to inherit the normal rules for incomplete types.

efriedma accepted this revision.Mar 12 2020, 3:42 PM

LGTM

People are going to want to iterate over arrays in memory to write simple intrinsic loops. If we don't allow p + i to work, people will be forced to write (__SVInt8_t*)((char*)p + i * svcntb()). Which is the same thing, just a lot uglier. And it wouldn't really be that crazy to support sizeof(__SVInt8_t). I mean, it's effectively just a different way of spelling svcntb(). I guess we can always relax it later, though.

This revision is now accepted and ready to land.Mar 12 2020, 3:42 PM
rsandifo-arm added a comment.Mar 13 2020, 11:27 AM
In D76086#1920558, @efriedma wrote:

People are going to want to iterate over arrays in memory to write simple intrinsic loops. If we don't allow p + i to work, people will be forced to write (__SVInt8_t*)((char*)p + i * svcntb()). Which is the same thing, just a lot uglier. And it wouldn't really be that crazy to support sizeof(__SVInt8_t). I mean, it's effectively just a different way of spelling svcntb(). I guess we can always relax it later, though.

__SVInt8_t is only really supposed to be used for short-term working data rather than storage. Sizelessness is one thing that makes it awkward to use as the target of a pointer iterator. But another is that the underlying ABI type has an alignment of 16 bytes regardless of how big the vector actually is. Also, for length-agnostic code, it would be unusual to have two __SVInt8_ts side-by-side in memory, since the code doesn't know ahead of time how big each one is.

So for length-agnostic code the expectation is that loops would iterate on int8_t * instead of __SVInt8_t *. It's then possible to operate on pointers that aren't 16-byte aligned. The pointer can also be incremented by svcntb() without casting. The same goes for other combinations, e.g. int32_t * and svcntw().

For length-specific code we're working on another solution that allows SVE vector types to be treated like normal fixed-length types. I hope we'll be able to share that soon.

efriedma added a comment.Mar 16 2020, 11:24 AM

I don't think there's really any reason to force the user into this sort of thing... but again, we can relax this later, so I'm not that concerned about it at the moment.

Closed by commit rG94489f35a7f8: [Sema][SVE] Reject arithmetic on pointers to sizeless types (authored by rsandifo-arm). · Explain WhyMar 17 2020, 5:07 AM
This revision was automatically updated to reflect the committed changes.

Revision Contents

PathSize
clang/
include/
clang/
Basic/
4 lines
lib/
Sema/
7 lines
test/
Sema/
12 lines
SemaCXX/
12 lines

Diff 250726

clang/include/clang/Basic/DiagnosticSemaKinds.td

  • This file is larger than 256 KB, so syntax highlighting is disabled by default.
Show First 20 LinesShow All 6,231 Lines▼ Show 20 Lines
def err_typecheck_ivar_variable_size : Error< def err_typecheck_ivar_variable_size : Error<
"instance variables must have a constant size">; "instance variables must have a constant size">;
def err_ivar_reference_type : Error< def err_ivar_reference_type : Error<
"instance variables cannot be of reference type">; "instance variables cannot be of reference type">;
def err_typecheck_illegal_increment_decrement : Error< def err_typecheck_illegal_increment_decrement : Error<
"cannot %select{decrement|increment}1 value of type %0">; "cannot %select{decrement|increment}1 value of type %0">;
def err_typecheck_expect_int : Error< def err_typecheck_expect_int : Error<
"used type %0 where integer is required">; "used type %0 where integer is required">;
def err_typecheck_arithmetic_incomplete_type : Error< def err_typecheck_arithmetic_incomplete_or_sizeless_type : Error<
"arithmetic on a pointer to an incomplete type %0">; "arithmetic on a pointer to %select{an incomplete|sizeless}0 type %1">;
def err_typecheck_pointer_arith_function_type : Error< def err_typecheck_pointer_arith_function_type : Error<
"arithmetic on%select{ a|}0 pointer%select{|s}0 to%select{ the|}2 " "arithmetic on%select{ a|}0 pointer%select{|s}0 to%select{ the|}2 "
"function type%select{|s}2 %1%select{| and %3}2">; "function type%select{|s}2 %1%select{| and %3}2">;
def err_typecheck_pointer_arith_void_type : Error< def err_typecheck_pointer_arith_void_type : Error<
"arithmetic on%select{ a|}0 pointer%select{|s}0 to void">; "arithmetic on%select{ a|}0 pointer%select{|s}0 to void">;
def err_typecheck_decl_incomplete_type : Error< def err_typecheck_decl_incomplete_type : Error<
"variable has incomplete type %0">; "variable has incomplete type %0">;
def ext_typecheck_decl_incomplete_type : ExtWarn< def ext_typecheck_decl_incomplete_type : ExtWarn<
▲ Show 20 LinesShow All 4,388 LinesShow Last 20 Lines

clang/lib/Sema/SemaExpr.cpp

  • This file is larger than 256 KB, so syntax highlighting is disabled by default.
Show First 20 LinesShow All 9,528 Lines▼ Show 20 Lines
static bool checkArithmeticIncompletePointerType(Sema &S, SourceLocation Loc, static bool checkArithmeticIncompletePointerType(Sema &S, SourceLocation Loc,
Expr *Operand) { Expr *Operand) {
QualType ResType = Operand->getType(); QualType ResType = Operand->getType();
if (const AtomicType *ResAtomicType = ResType->getAs<AtomicType>()) if (const AtomicType *ResAtomicType = ResType->getAs<AtomicType>())
ResType = ResAtomicType->getValueType(); ResType = ResAtomicType->getValueType();
assert(ResType->isAnyPointerType() && !ResType->isDependentType()); assert(ResType->isAnyPointerType() && !ResType->isDependentType());
QualType PointeeTy = ResType->getPointeeType(); QualType PointeeTy = ResType->getPointeeType();
return S.RequireCompleteType(Loc, PointeeTy, return S.RequireCompleteSizedType(
diag::err_typecheck_arithmetic_incomplete_type, Loc, PointeeTy,
PointeeTy, Operand->getSourceRange()); diag::err_typecheck_arithmetic_incomplete_or_sizeless_type,
Operand->getSourceRange());
} }
/// Check the validity of an arithmetic pointer operand. /// Check the validity of an arithmetic pointer operand.
/// ///
/// If the operand has pointer type, this code will check for pointer types /// If the operand has pointer type, this code will check for pointer types
/// which are invalid in arithmetic operations. These will be diagnosed /// which are invalid in arithmetic operations. These will be diagnosed
/// appropriately, including whether or not the use is supported as an /// appropriately, including whether or not the use is supported as an
/// extension. /// extension.
▲ Show 20 LinesShow All 8,880 LinesShow Last 20 Lines

clang/test/Sema/sizeless-1.c

Show First 20 LinesShow All 131 Lines▼ Show 20 Linesvoid func(int sel) {
local_int8 = return_int8(); local_int8 = return_int8();
local_int16 = return_int8(); // expected-error {{assigning to 'svint16_t' (aka '__SVInt16_t') from incompatible type 'svint8_t'}} local_int16 = return_int8(); // expected-error {{assigning to 'svint16_t' (aka '__SVInt16_t') from incompatible type 'svint8_t'}}
dump(&local_int8); dump(&local_int8);
dump(&const_int8); dump(&const_int8);
dump(&volatile_int8); dump(&volatile_int8);
dump(&const_volatile_int8); dump(&const_volatile_int8);
dump(&local_int8 + 1); // expected-error {{arithmetic on a pointer to sizeless type}}
*&local_int8 = local_int8; *&local_int8 = local_int8;
*&const_int8 = local_int8; // expected-error {{read-only variable is not assignable}} *&const_int8 = local_int8; // expected-error {{read-only variable is not assignable}}
*&volatile_int8 = local_int8; *&volatile_int8 = local_int8;
*&const_volatile_int8 = local_int8; // expected-error {{read-only variable is not assignable}} *&const_volatile_int8 = local_int8; // expected-error {{read-only variable is not assignable}}
global_int8_ptr[0] = local_int8; // expected-error {{subscript of pointer to sizeless type 'svint8_t'}} global_int8_ptr[0] = local_int8; // expected-error {{subscript of pointer to sizeless type 'svint8_t'}}
global_int8_ptr[1] = local_int8; // expected-error {{subscript of pointer to sizeless type 'svint8_t'}} global_int8_ptr[1] = local_int8; // expected-error {{subscript of pointer to sizeless type 'svint8_t'}}
global_int8_ptr = &global_int8_ptr[2]; // expected-error {{subscript of pointer to sizeless type 'svint8_t'}} global_int8_ptr = &global_int8_ptr[2]; // expected-error {{subscript of pointer to sizeless type 'svint8_t'}}
overf(local_int8); overf(local_int8);
overf(local_int16); overf(local_int16);
overf8(local_int8); overf8(local_int8);
overf8(local_int16); // expected-error {{no matching function}} overf8(local_int16); // expected-error {{no matching function}}
overf16(local_int8); // expected-error {{no matching function}} overf16(local_int8); // expected-error {{no matching function}}
overf16(local_int16); overf16(local_int16);
noproto(local_int8); noproto(local_int8);
varargs(1, local_int8, local_int16); varargs(1, local_int8, local_int16);
global_int8_ptr++; // expected-error {{arithmetic on a pointer to sizeless type}}
global_int8_ptr--; // expected-error {{arithmetic on a pointer to sizeless type}}
++global_int8_ptr; // expected-error {{arithmetic on a pointer to sizeless type}}
--global_int8_ptr; // expected-error {{arithmetic on a pointer to sizeless type}}
global_int8_ptr + 1; // expected-error {{arithmetic on a pointer to sizeless type}}
global_int8_ptr - 1; // expected-error {{arithmetic on a pointer to sizeless type}}
global_int8_ptr += 1; // expected-error {{arithmetic on a pointer to sizeless type}}
global_int8_ptr -= 1; // expected-error {{arithmetic on a pointer to sizeless type}}
global_int8_ptr - global_int8_ptr; // expected-error {{arithmetic on a pointer to sizeless type}}
+init_int8; // expected-error {{invalid argument type 'svint8_t'}} +init_int8; // expected-error {{invalid argument type 'svint8_t'}}
++init_int8; // expected-error {{cannot increment value of type 'svint8_t'}} ++init_int8; // expected-error {{cannot increment value of type 'svint8_t'}}
init_int8++; // expected-error {{cannot increment value of type 'svint8_t'}} init_int8++; // expected-error {{cannot increment value of type 'svint8_t'}}
-init_int8; // expected-error {{invalid argument type 'svint8_t'}} -init_int8; // expected-error {{invalid argument type 'svint8_t'}}
--init_int8; // expected-error {{cannot decrement value of type 'svint8_t'}} --init_int8; // expected-error {{cannot decrement value of type 'svint8_t'}}
init_int8--; // expected-error {{cannot decrement value of type 'svint8_t'}} init_int8--; // expected-error {{cannot decrement value of type 'svint8_t'}}
~init_int8; // expected-error {{invalid argument type 'svint8_t'}} ~init_int8; // expected-error {{invalid argument type 'svint8_t'}}
!init_int8; // expected-error {{invalid argument type 'svint8_t'}} !init_int8; // expected-error {{invalid argument type 'svint8_t'}}
▲ Show 20 LinesShow All 98 LinesShow Last 20 Lines

clang/test/SemaCXX/sizeless-1.cpp

Show First 20 LinesShow All 152 Lines▼ Show 20 Lines#endif
local_int8 = return_int8(); local_int8 = return_int8();
local_int16 = return_int8(); // expected-error {{assigning to 'svint16_t' (aka '__SVInt16_t') from incompatible type 'svint8_t'}} local_int16 = return_int8(); // expected-error {{assigning to 'svint16_t' (aka '__SVInt16_t') from incompatible type 'svint8_t'}}
dump(&local_int8); dump(&local_int8);
dump(&const_int8); dump(&const_int8);
dump(&volatile_int8); dump(&volatile_int8);
dump(&const_volatile_int8); dump(&const_volatile_int8);
dump(&local_int8 + 1); // expected-error {{arithmetic on a pointer to sizeless type}}
*&local_int8 = local_int8; *&local_int8 = local_int8;
*&const_int8 = local_int8; // expected-error {{read-only variable is not assignable}} *&const_int8 = local_int8; // expected-error {{read-only variable is not assignable}}
*&volatile_int8 = local_int8; *&volatile_int8 = local_int8;
*&const_volatile_int8 = local_int8; // expected-error {{read-only variable is not assignable}} *&const_volatile_int8 = local_int8; // expected-error {{read-only variable is not assignable}}
global_int8_ptr[0] = local_int8; // expected-error {{subscript of pointer to sizeless type 'svint8_t'}} global_int8_ptr[0] = local_int8; // expected-error {{subscript of pointer to sizeless type 'svint8_t'}}
global_int8_ptr[1] = local_int8; // expected-error {{subscript of pointer to sizeless type 'svint8_t'}} global_int8_ptr[1] = local_int8; // expected-error {{subscript of pointer to sizeless type 'svint8_t'}}
global_int8_ptr = &global_int8_ptr[2]; // expected-error {{subscript of pointer to sizeless type 'svint8_t'}} global_int8_ptr = &global_int8_ptr[2]; // expected-error {{subscript of pointer to sizeless type 'svint8_t'}}
overf(local_int8); overf(local_int8);
overf(local_int16); overf(local_int16);
overf8(local_int8); overf8(local_int8);
overf8(local_int16); // expected-error {{no matching function}} overf8(local_int16); // expected-error {{no matching function}}
overf16(local_int8); // expected-error {{no matching function}} overf16(local_int8); // expected-error {{no matching function}}
overf16(local_int16); overf16(local_int16);
varargs(1, local_int8, local_int16); varargs(1, local_int8, local_int16);
global_int8_ptr++; // expected-error {{arithmetic on a pointer to sizeless type}}
global_int8_ptr--; // expected-error {{arithmetic on a pointer to sizeless type}}
++global_int8_ptr; // expected-error {{arithmetic on a pointer to sizeless type}}
--global_int8_ptr; // expected-error {{arithmetic on a pointer to sizeless type}}
global_int8_ptr + 1; // expected-error {{arithmetic on a pointer to sizeless type}}
global_int8_ptr - 1; // expected-error {{arithmetic on a pointer to sizeless type}}
global_int8_ptr += 1; // expected-error {{arithmetic on a pointer to sizeless type}}
global_int8_ptr -= 1; // expected-error {{arithmetic on a pointer to sizeless type}}
global_int8_ptr - global_int8_ptr; // expected-error {{arithmetic on a pointer to sizeless type}}
+init_int8; // expected-error {{invalid argument type 'svint8_t'}} +init_int8; // expected-error {{invalid argument type 'svint8_t'}}
++init_int8; // expected-error {{cannot increment value of type 'svint8_t'}} ++init_int8; // expected-error {{cannot increment value of type 'svint8_t'}}
init_int8++; // expected-error {{cannot increment value of type 'svint8_t'}} init_int8++; // expected-error {{cannot increment value of type 'svint8_t'}}
-init_int8; // expected-error {{invalid argument type 'svint8_t'}} -init_int8; // expected-error {{invalid argument type 'svint8_t'}}
--init_int8; // expected-error {{cannot decrement value of type 'svint8_t'}} --init_int8; // expected-error {{cannot decrement value of type 'svint8_t'}}
init_int8--; // expected-error {{cannot decrement value of type 'svint8_t'}} init_int8--; // expected-error {{cannot decrement value of type 'svint8_t'}}
~init_int8; // expected-error {{invalid argument type 'svint8_t'}} ~init_int8; // expected-error {{invalid argument type 'svint8_t'}}
!init_int8; // expected-error {{invalid argument type 'svint8_t'}} !init_int8; // expected-error {{invalid argument type 'svint8_t'}}
▲ Show 20 LinesShow All 358 LinesShow Last 20 Lines