This is the mail archive of the
gcc@gcc.gnu.org
mailing list for the GCC project.
Re: [PATCH] C undefined behavior fix
- From: Joe Buck <jbuck at synopsys dot COM>
- To: rth at redhat dot com (Richard Henderson)
- Cc: torvalds at transmeta dot com (Linus Torvalds),trini at kernel dot crashing dot org (Tom Rini), gcc at gcc dot gnu dot org
- Date: Fri, 4 Jan 2002 16:59:45 -0800 (PST)
- Subject: Re: [PATCH] C undefined behavior fix
Richard Henderson writes:
> You will _not_ like the code you'll get out of gcc if we turn off
> looking through PLUS. Which I don't even know how to do -- that
> sort of thing is scattered all over the compiler.
Agreed. We must not turn off looking through
pointer + expression
as it will kill us.
However, I think we have to turn off looking through the + in
(typeof pointer)((unsigned long)(pointer) + expression)
to be correct, or, rather, remove any assumption that we know where
the resulting pointer points. We cannot assume that the above
expression is equivalent to
pointer + expression / sizeof *pointer
(meaning that it is known to be a valid pointer somewhere into the same
array, string literal etc) unless we can get bounds on the range of
expression.
Such operations will appear, typically, only in kernel and embedded
code, or allocators (to get things to line up with page boundaries),
and doing worse on some cases isn't going to hurt us significantly.
> I will at this point give up on this disagreement. On a practical
> level, even if I were to concede your point (which I don't) there
> is absolutely nothing that can be done without starting over from
> scratch with another compiler.
That's too pessimistic, I think.