Fix functions marked 'DANGEROUS' in irep #834
Conversation
reuk
force-pushed
the
small-shared-ptr
branch
5 times, most recently
from
6b86d5e to
4c222b4
Compare
|
Overall this now looks good to me. Yet, as said before, those changes need a proper performance test to be in place. Thus it would be great to factor out the bug fix of the padding code into a separate pull request as that should be merged as soon as possible. |
|
The fix for the padding bug is now in #836. Regarding the performance test: This patch fixes a bug in irep's copy-on-write implementation, and improves the modularity and readability of the code, while keeping the memory usage the same as the existing irep. I'd argue that, even if this change is slightly slower, it's still worthwhile in terms of maintainability and avoiding programmer error. I understand that performance is important, but it should not come at the expense of correctness. |
|
I am not in a position to make the ultimate call, but I'd refuse a change to this core data structure without proper performance testing. Indeed the performance might even improve here - but "slightly slower" would be a major difference when talking about 10^10 calls, which we see even on small benchmarks. This is no criticism of any sorts, and indeed I highly appreciate this work and the improvements it is bringing about. As this isn't a beauty contest, we need data, not high judgement. |
reuk
force-pushed
the
small-shared-ptr
branch
3 times, most recently
from
2d11ecf to
3e6b79e
Compare
|
@reuk Could you please rebase this one? It should be a trivial rebase, but I'd like to run a decent performance comparison against current develop. An initial run with the current state looks good, but I'd like to be clinical here. |
reuk
force-pushed
the
small-shared-ptr
branch
from
3e6b79e to
4e97880
Compare
reuk
requested review from
kroening,
peterschrammel,
smowton and
tautschnig
as code owners
|
@tautschnig This is rebased now |
|
I have run the performance comparison and would estimate the overhead (if any) at 1%, which seems acceptable to me. I still need to properly re-read the code, it's been a while. |
|
(And of course the Travis failures are worrying ...) |
|
The segfaults appear to be because ireps are now shared more conservatively, and copies are made more frequently. The first segfault I found looks like this: exprt &op0=code.op0().op0();
op0.operands().push_back(exprt("cpp-this"));
op0.type()=
pointer_type(cpp_namet(parent_base_name, source_location).as_type());
op0.add_source_location()=source_location;
code.operands().push_back(exprt("explicit-typecast"));
exprt &op1=code.op1();
op0.type()=
pointer_type(cpp_namet(parent_base_name, source_location).as_type());We take a reference into a vector |
|
I've got the go-ahead from @pkesseli to spend half a day on this. I'll try to fix as many of the segfaults as I can, after which I may have to delegate this work to someone else. |
|
Looks like all the segfaults have the same cause... which was a copy-paste bug I introduced a few months ago while I was 'fixing' code to do with setting |
|
@tautschnig This passes CI now, could you take another look please? |
reuk
force-pushed
the
small-shared-ptr
branch
2 times, most recently
from
83f4f2c to
286e576
Compare
|
@tautschnig this should be ready for re-review now |
There was a problem hiding this comment.
Looks good to me. Assigning to @kroening for a final opinion.
|
Squash 286e5765 into c2b1b00? |
reuk
force-pushed
the
small-shared-ptr
branch
from
d1b5653 to
ec4f0ff
Compare
|
@kroening done |
Calling push_back on a vector invalidates references that previously pointed to objects stored in the vector.
reuk
force-pushed
the
small-shared-ptr
branch
from
ec4f0ff to
20692b0
Compare
|
@reuk Could you please drop 20692b0 so that this can be merged? |
reuk
force-pushed
the
small-shared-ptr
branch
from
20692b0 to
3a6c0fd
Compare
|
This should be mergeable now |
|
Sorry, I think an edit to the second commit got lost somewhere. Hold off on this for now |
|
@reuk are you still attending to these, or should someone take it over? |
|
Yes, someone should take ownership of this. In the second commit, the method call should be on op1 instead of op0 - I introduced a typo a while ago (check git blame on that file). Other than that, it's ready to go. |
|
I asked @reuk about this yesterday and he said it would be better if other people took over his branches. I've made #1742 which is a rebased copy of this PR with the commit that @tautschnig mentioned dropped. |
|
@owen-jones-diffblue, @reuk Thank you!! |
This patch introduces a class which abstracts copy-on-write behaviour. This class allows the user to specify whether
writeshould make the object non-shareable. This modifiedwritemethod makes it safe to give away references to internal fields of the irep. (The technique is discussed here, though the approach has been modified to re-use the small intrusive shared pointer from #786.)The observable effect of this patch is that code such as the following no longer has unexpected behaviour.
Other benefits of this patch are that it uses RAII properly (all allocation and freeing takes place in constructors and destructors respectively), and that it separates the details of resource management into simple, reusable (unit-testable) classes.
As a side effect of this change, I discovered a bug in
ansi-c/paddingwhere theinserton line 262 invalidates the iterators in the vector, which had the possibility of making the reference on line 206 dangle, leading to undefined behaviour on line 269 when the reference was passed to a function. Taking a copy instead of a reference fixes the bug.