This is the mail archive of the
gcc@gcc.gnu.org
mailing list for the GCC project.
Re: [PATCH] C undefined behavior fix
- From: Jakub Jelinek <jakub at redhat dot com>
- To: Paul Mackerras <paulus at samba dot org>
- Cc: Gabriel Dos Reis <gdr at codesourcery dot com>, mike stump <mrs at windriver dot com>, dewar at gnat dot com, gcc at gcc dot gnu dot org, linux-kernel at vger dot kernel dot org, trini at kernel dot crashing dot org, velco at fadata dot bg
- Date: Sun, 6 Jan 2002 23:19:40 +0100
- Subject: Re: [PATCH] C undefined behavior fix
- References: <200201061824.KAA19536@kankakee.wrs.com> <flg05jb4go.fsf@riz.cmla.ens-cachan.fr> <15416.51411.874019.838220@argo.ozlabs.ibm.com>
- Reply-to: Jakub Jelinek <jakub at redhat dot com>
On Mon, Jan 07, 2002 at 08:59:47AM +1100, Paul Mackerras wrote:
> Gabriel Dos Reis writes:
>
> > Personnally, I don't have any sentiment against the assembler
> > solution. Dewar said it was unnecessarily un-portable, but that the
> > construct by itself *is* already unportable.
>
> I assume that what we're talking about is using an asm statement like:
>
> asm("" : "=r" (x) : "0" (y));
>
> to make the compiler treat x as a pointer that it knows nothing about,
> given a pointer y that the compiler does know something about. For
> example, y might be (char *)((unsigned long)"foo" + offset).
>
> My main problem with this is that it doesn't actually solve the
> problem AFAICS. Dereferencing x is still undefined according to the
> rules in the gcc manual.
>
> Thus, although this would make the problems go away at the moment,
> they will come back at some time in the future, e.g. when gcc learns
> to analyse asm statements and realises that the asm is just doing
> x = y. I would prefer a solution that will last, rather than one
> which relies on details of the current gcc implementation.
Even if gcc learned to analyze asm statements (and use it in something other
than scheduling), I'm sure this wouldn't be optimized away exactly because
this construct is used by various projects exactly for this purpose (make
gcc think it can have any value allowed for the type in question).
Jakub