This is the mail archive of the
gcc@gcc.gnu.org
mailing list for the GCC project.
Re: [PATCH] C undefined behavior fix
- From: Geert Uytterhoeven <geert at linux-m68k dot org>
- To: Paul Mackerras <paulus at samba dot org>
- Cc: Richard Henderson <rth at redhat dot com>, Tom Rini <trini at kernel dot crashing dot org>, jtv <jtv at xs4all dot nl>, Momchil Velikov <velco at fadata dot bg>, Linux Kernel Development <linux-kernel at vger dot kernel dot org>, gcc at gcc dot gnu dot org, Linux/PPC Development <linuxppc-dev at lists dot linuxppc dot org>, Franz Sirl <Franz dot Sirl-kernel at lauterbach dot com>, Benjamin Herrenschmidt <benh at kernel dot crashing dot org>, Corey Minyard <minyard at acm dot org>
- Date: Thu, 3 Jan 2002 11:03:49 +0100 (MET)
- Subject: Re: [PATCH] C undefined behavior fix
On Thu, 3 Jan 2002, Paul Mackerras wrote:
> Richard Henderson writes:
> > Ignore strcpy. Yes, that's what visibly causing a failure here,
> > but the bug is in the funny pointer arithmetic. Leave that in
> > there and the compiler _will_ bite your ass sooner or later.
>
> I look forward to seeing your patch to remove all uses of
> virt_to_phys, phys_to_virt, __pa, __va, etc. from arch/alpha... :)
Isn't this why we use `unsigned long' to represent physical addresses, and
`void *' to represent kernel virtual addresses? Not only helps it against a
user dereferencing a physical address `pointer', but also against gcc trying to
be (too) smart.
Of course this also implies we have to change the pointer argument in readb()
and friends, since it's not a real pointer but a magic cookie. But we already
had that discussion last year...
[ and the conclusion was: keep the pointer, so we can do readl(&base->field) ]
Gr{oetje,eeting}s,
Geert
--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@linux-m68k.org
In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
-- Linus Torvalds