This is the mail archive of the
gcc-patches@gcc.gnu.org
mailing list for the GCC project.
Re: [PING #2] [PATCH] enhance -Wrestrict to handle string built-ins (PR 78918)
- From: Jeff Law <law at redhat dot com>
- To: Martin Sebor <msebor at gmail dot com>, Richard Biener <richard dot guenther at gmail dot com>
- Cc: Gcc Patch List <gcc-patches at gcc dot gnu dot org>
- Date: Fri, 1 Sep 2017 09:15:53 -0600
- Subject: Re: [PING #2] [PATCH] enhance -Wrestrict to handle string built-ins (PR 78918)
- Authentication-results: sourceware.org; auth=none
- Authentication-results: ext-mx01.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com
- Authentication-results: ext-mx01.extmail.prod.ext.phx2.redhat.com; spf=fail smtp.mailfrom=law at redhat dot com
- Dmarc-filter: OpenDMARC Filter v1.3.2 mx1.redhat.com A231F796ED
- References: <8a0de82f-d68e-9c37-0406-f216e3f92884@gmail.com> <aa0b1fc4-4e97-3856-20ca-b3bbe0b0243d@gmail.com> <cb445bea-f9aa-fb96-dcd0-c8b444abd7f0@gmail.com> <a3277cea-f520-32c6-52bf-3a8693b9fb91@gmail.com> <CAFiYyc2SfpGqbMMJwLApTXJ3bwV5BbSP8k62rznRr_uTdwT6bQ@mail.gmail.com> <CAFiYyc1NiQQZ-n22FpJrnBbSqd-CYpOSJqrGf0=HoUDVCG9RFw@mail.gmail.com> <a6dfe657-9ef9-a915-dfc5-157612fdbd91@redhat.com> <CAFiYyc20GFHnT2r5ZACLxaeuMOgu6oLEvR97qXxsOgBigkVY2w@mail.gmail.com> <703424cb-db8c-8aae-9bd2-cece5883a5de@gmail.com> <0266f22c-6ac1-f676-123f-c028905519e5@redhat.com> <d76c8b0b-8fbc-8b4e-fe6d-acdaf9efd81b@gmail.com> <CAFiYyc3xAW=4EeAwqrNRx01_8PTq=a3wdsteqMyx_P2qz+SBRw@mail.gmail.com> <f207c4a2-3abd-ae26-978e-c1eaa2a01e73@redhat.com> <64e8355f-0479-b255-fa20-421e5ca613f6@gmail.com>
On 08/28/2017 06:27 PM, Martin Sebor wrote:
>> Correct. I wound my way through this mess a while back. Essentially
>> Red Hat had a customer with code that had overlapped memcpy arguments.
>> We had them use the memstomp interposition library to start tracking
>> these problems down.
>>
>> One of the things that popped up was structure/class copies which were
>> implemented via calls to memcpy. In the case of self assignment, the
>> interposition library would note the overlap and (rightly IMHO) complain.
>
> Is this bug 32667? I'm not having any luck reproducing it with
> any of the test cases there and varying struct sizes, or with
> the test case in the duplicate bug 65029 I filed for the same
> thing last year. It would be nice to have a test case.
It certainly seems to be in the same class as 32667. I'm not sure if
it's exactly the same root cause in terms of the front end interactions,
but the net result is the same.
I just reviewed the discussion in my outbox -- I didn't see sample code
or a reference to 32667, but I'm only looking at one side of the
conversation.
>
>> One could argue that GCC should emit memmove by default for structure
>> assignments, only using memcpy when it knows its not doing self
>> assignment (which may be hard to determine). Furthermore, GCC should
>> eliminate self structure/class assignment.
>
> If it's still a problem emitting memmove seems like the right
> thing to do. From what I've read the performance advantage of
> memcpy over memmove seems debatable at best. Most performance
> sensitive code avoids making copies of very large objects so
> the only code that can be impacted doesn't care about efficiency
> quite so much. For small enough objects, inlining the copy as
> GCC already does would obviate the efficiency concern altogether.
I personally feel we reached the point of diminishing returns years ago
-- in attempts to inline/unroll the copies in GCC, in terms of glibc's
copier implementations and in the gain of using memcpy over memmove vs
the pain of folks that can't be bothered to do it right WRT overlapped
copies.
But that's a bit of a digression. THe issue at handle is structure
assignments that GCC is turning into memcpys. That's a much smaller
subset of calls to memcpy and more likely to not be a performance issue
to change.
>> A self-copy should just be folded away. It's no different than x = x on
>> scalars except that we've dropped it to a memcpy in the IL. Doing so
>> makes the code more efficient and removes false positives from tools
>> like the memstomp interposition library, making those tools more useful.
>
> It's possible to do in simple cases but not in general. I agree
> that in the general case when overlap is possible the only safe
> solution, short of actually testing for it at runtime, is to call
> memmove.
So let's zap those where we know its a self copy. I'd look favorably on
a patch that use memmove on the others, but I won't immediately approve
it without wider buy-in as I expect it could well be controversial.
These should be separate patches as the former should go forward
immediately.
Jeff