This is the mail archive of the gcc@gcc.gnu.org mailing list for the GCC project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

SRA problem with uninitialzed fields


Robert and I were just talking on the phone about implementation issues of
packed arrays in Ada and I realized there might be a problem with SRA.
Indeed there is and I can show it with a trivial C program. 

Consider:

struct foo {unsigned int f: 2;};

int
sub1 ()
{
  struct foo x;

  x.f |= 3;
  return x.f == 3;
}

SRA makes an x$f and here's the resulting .vars file:

sub1 ()
{
  <unnamed type> x$f;

  return (int) (<unnamed type>) (unsigned char) ((signed char) x$f | 3) == 3;
}

In the original C, the value of x.f is clearly uninitialized, but the
assignment statement forces it to be 3.  So the comparison is always true.

But in the resulting code, x$f is a full byte and so the upper six bits
remain uninitialized.  Thus the comparison above may or not may be true,
depending on how things happened to be initialized.

So clearly this is an unsafe optimization, but it's not clear what the
exact condition for safety is.  I suspect the point is that the SRA'ed
variable can't ever be uninitialized for this to work.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]