On 10/6/25 10:29 AM, Jakub Jelinek wrote:
On Sat, Oct 04, 2025 at 06:15:49PM +0100, Jason Merrill wrote:
Tested x86_64-pc-linux-gnu. Is the library change OK for trunk?
The library patch checks a couple of macros, but I'm not sure that's necessary;
can we just assume std::launder in construct_at?
-- 8< --
I previously tried to clobber an array as a whole, but fell back on a loop
due to issues with std::construct_at following the resolution of LWG3436.
But the loop seems to make life hard for the optimizers and there was
support for reconsidering LWG3436 when I raised the issue on the reflector,
so let's pursue that direction.
This also fixes some xfails in Warray-bounds-20.C.
If the intent of this patch is to improve the runtime generated code, I'm
afraid for construct_at it will be the exact opposite. The whole array
clobber will be there but IFN_LAUNDER will hide it from all optimizations,
so when using the returned pointer it will not know anything about what it
points to.
Yeah, I suppose the primary purpose of launder is to handle
non-transparent replacement, and using it to hack
pointer-interconvertible is sketchy.
But it occurs to me that for T[1] I can just clobber the element type
and leave construct_at alone, as below.
Tested x86_64-pc-linux-gnu, applying to trunk.
From 1e8b4c798485d30179d45e633e11d277b001449c Mon Sep 17 00:00:00 2001
From: Jason Merrill <[email protected]>
Date: Sat, 4 Oct 2025 09:24:29 +0100
Subject: [PATCH] c++: new-expr clobber of constant-size array
To: [email protected]
I previously tried to clobber an array as a whole, but fell back on a loop
due to issues with std::construct_at following the resolution of LWG3436.
But the loop seems to make life hard for the optimizers and it occurs to me
that for a one-element array we can just clobber the element type.
This also fixes some xfails in Warray-bounds-20.C.
gcc/cp/ChangeLog:
* init.cc (build_new_1): Clobber a constant-bound array as a whole.
gcc/testsuite/ChangeLog:
* g++.dg/warn/Warray-bounds-20.C: Remove xfails, add diags.
---
gcc/cp/init.cc | 26 +++++++++++++++++---
gcc/testsuite/g++.dg/warn/Warray-bounds-20.C | 10 ++++----
2 files changed, 27 insertions(+), 9 deletions(-)
diff --git a/gcc/cp/init.cc b/gcc/cp/init.cc
index 3fe476d7eec..912298728ac 100644
--- a/gcc/cp/init.cc
+++ b/gcc/cp/init.cc
@@ -3662,11 +3662,11 @@ build_new_1 (vec<tree, va_gc> **placement, tree type, tree nelts,
tree clobber_expr = NULL_TREE;
if (do_clobber)
{
- tree clobber = build_clobber (elt_type, CLOBBER_OBJECT_BEGIN);
- CONSTRUCTOR_IS_DIRECT_INIT (clobber) = true;
- if (array_p)
+ if (array_p && TREE_CODE (cst_outer_nelts) != INTEGER_CST)
{
/* Clobber each element rather than the array at once. */
+ tree clobber = build_clobber (elt_type, CLOBBER_OBJECT_BEGIN);
+ CONSTRUCTOR_IS_DIRECT_INIT (clobber) = true;
tree maxindex = cp_build_binary_op (input_location,
MINUS_EXPR, outer_nelts,
integer_one_node,
@@ -3677,7 +3677,25 @@ build_new_1 (vec<tree, va_gc> **placement, tree type, tree nelts,
}
else
{
- tree targ = cp_build_fold_indirect_ref (data_addr);
+ tree targ = data_addr;
+ tree ttype = type;
+ /* Clobber the array as a whole, except that for a one-element array
+ just clobber the element type, to avoid problems with code like
+ construct_at that uses new T[1] for array T to get a pointer to
+ the array. */
+ if (array_p && !integer_onep (cst_outer_nelts))
+ {
+ tree dom
+ = compute_array_index_type (NULL_TREE,
+ CONST_CAST_TREE (cst_outer_nelts),
+ complain);
+ ttype = build_cplus_array_type (type, dom);
+ tree ptype = build_pointer_type (ttype);
+ targ = fold_convert (ptype, targ);
+ }
+ targ = cp_build_fold_indirect_ref (targ);
+ tree clobber = build_clobber (ttype, CLOBBER_OBJECT_BEGIN);
+ CONSTRUCTOR_IS_DIRECT_INIT (clobber) = true;
clobber_expr = cp_build_init_expr (targ, clobber);
}
}
diff --git a/gcc/testsuite/g++.dg/warn/Warray-bounds-20.C b/gcc/testsuite/g++.dg/warn/Warray-bounds-20.C
index 643e8014d36..a57499dd07a 100644
--- a/gcc/testsuite/g++.dg/warn/Warray-bounds-20.C
+++ b/gcc/testsuite/g++.dg/warn/Warray-bounds-20.C
@@ -53,18 +53,18 @@ void warn_derived_ctor_access_new_alloc ()
void warn_derived_ctor_access_new_array_decl ()
{
- char b[sizeof (D1) * 2]; // { dg-message "at offset \\d+ into object 'b' of size 80" "LP64 note" { target { lp64 } xfail { lp64 } } }
- // { dg-message "at offset \\d+ into object 'b' of size 40" "LP32 note" { target { ilp32 } xfail { ilp32 } } .-1 }
+ char b[sizeof (D1) * 2]; // { dg-message "at offset \\d+ into object 'b' of size 80" "LP64 note" { target { lp64 } } }
+ // { dg-message "at offset \\d+ into object 'b' of size 40" "LP64 note" { target { ilp32 } } .-1 }
char *p = b;
++p;
- D1 *q = new (p) D1[2];
+ D1 *q = new (p) D1[2]; // { dg-message "partly outside array bounds" }
sink (q);
}
void warn_derived_ctor_access_new_array_alloc ()
{
- char *p = new char[sizeof (D1) * 2]; // { dg-message "at offset \\d+ into object of size \\d+ allocated by '\[^\n\r]*operator new\[^\n\r]*" "note" { xfail *-*-* } }
+ char *p = new char[sizeof (D1) * 2]; // { dg-message "at offset \\d+ into object of size \\d+ allocated by '\[^\n\r]*operator new\[^\n\r]*" "note" }
++p;
- D1 *q = new (p) D1[2];
+ D1 *q = new (p) D1[2]; // { dg-message "partly outside array bounds" }
sink (q);
}
--
2.51.0
