Re: Is it OK that gcc optimizes away overflow check?

[Andrew Haley <aph at redhat dot com>]

On 07/25/2011 04:37 PM, Agner Fog wrote:
> 
> On 25-07-2011 11:43, Andrew Haley wrote:
>> On 23/07/11 21:13, Agner Fog wrote:
>>> 5). I have tested many different C++ compilers, and gcc turned out to be
>>> the one that optimizes best.
>> Well yes, and one of the reasons for this is that we take advantage of
>> integer overflow being undefined.  There is an entire class of
>> optimizations (loop induction variable optimization) that is difficult
>> of impossible without taking advantage of this.  We don't do this kind
>> of thing without good reason.

> Actually, I think we can have the cake and eat it here. If gcc
> behaves reasonably safe by default and then makes warnings in case
> of missed optimization opportunities. The programmer should then
> have the opportunity to enable the desired optimizations, for
> example with pragmas at the critical places in the code.

We already give people wrapping integer arithmetic if their program
really needs it.  It's only really a band-aid until they fix their
programs.

> If the programmer doesn't need the best optimization then he would
> not enable those warnings and would be safe without having to care.

gcc is already safe, though: we don't do any optimizations that
generate incorrect code.  Why should people who write correct C be
penalized for the benefit of those who don't?  This is, I accept,
more of a philosophical question.

> We already have the opportunity to allow the optimizer to ignore
> pointer aliasing at specific places with the 'restrict' keyword. It
> would be nice to have a similar opportunity to tell the compiler
> where it can ignore overflow.

It'd really be a new type: wrapping integer arithmetic.  This is
rather a big ask for a compiler like gcc, and IMO this is really one
for the standard, not for us.

IMO the problem is that you don't really accept that your program is
wrong, despite the fact that the standard says that it has undefined
behaviour.

Andrew.