[Bug c++/110137] implement clang -fassume-sane-operator-new

Thu, 31 Oct 2024 05:23:50 -0700 

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110137

Jakub Jelinek <jakub at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |jakub at gcc dot gnu.org,
                   |                            |jason at gcc dot gnu.org

--- Comment #18 from Jakub Jelinek <jakub at gcc dot gnu.org> ---
So, I think the first step should be document the new option and explain what
extra guarantees it provides over what the C++ standard already guarantees.
I think the C++ standard should already guarantee that the return doesn't alias
anything, I mean our current declarations already say that with malloc, and
alloc_size (and sometimes alloc_align attributes).
So, do I understand it right that -fassume-sane-operator-new mainly just says
that ::operator new/::operator delete don't have other side-effects besides
allocation like Richi wrote in #c1, something we assume for malloc?
Basically assume that the implementation of those operators is a black box, not
LTO optimized together with the rest?

I must say I'm a little bit confused about the __attribute__s used in <new>,
some ::operator new versions just have externally_visible attribute, others
have also alloc_size + malloc, others have alloc_size + alloc_align + malloc,
but I don't see it applied consistently, e.g. alloc_align whenever there is
align_val_t argument.

Is malloc attribute all that guarantees it doesn't modify the global state?
Then I'd be afraid if a program replaces those global replaceable definition
with his own it can violate that.  Or alloc_size?

Given the __builtin_operator_{new,delete} calls clang has, should we flag the
assume-sane-operator-new property on CALL_EXPRs/GIMPLE_CALLs/CALL_INSNs and
making that the property of those calls?

If so, I think we first want to implement -fassume-sane-operator-new by setting
those flags on CALL_EXPRs to DECL_IS_REPLACEABLE_OPERATOR functions according
to the option (and perhaps make it default to on), and then implement those 2
builtins as BUILT_IN_FRONTEND varargs builtins which lower in the FE to
::operator new/delete calls with the same arguments (error if such operator
isn't declared) and only if it turns out calls to the
DECL_IS_REPLACEABLE_OPERATOR functions, set the new flag on CALL_EXPR even when
-fno-assume-sane-operator-new.

Reply via email to