"Robert C. Seacord" <rcs@cert.org> writes:
Once a new version or patch is available that will warn users that
this optimization is taking place, I will recommend that we change the
work around from "Avoid newer versions of gcc" to "Avoid effected
versions of gcc" and/or recommend that users download the patch /
revision.
The behaviour of pointer overflow has now changed as of the following
(as yet unreleased) versions:
gcc 4.2.4
gcc 4.3.1
gcc 4.4.0
and all subsequent versions (4.2.x where x >= 4, 4.3.y where y >= 1,
4.z where z >= 4).
The optimization under discussion is for comparisons between P + V1
and P + V2, where P is the same pointer and V1 and V2 are variables of
some integer type. The C/C++ language standards permit this to be
reduced to a comparison between V1 and V2. However, if V1 or V2 are
such that the sum with P overflows, then the comparison of V1 and V2
will not yield the same result as actually computing P + V1 and P + V2
and comparing the sums.
The new behaviour as of the above releases is that this optimization
is performed by default at -O2 and above, including -Os. It is not
performed by default at -O1 or (of course) -O0. The optimization may
be enabled for -O1 with the -fstrict-overflow option. The
optimization may be disabled for -O2 and above with the
-fno-strict-overflow option.
When the optimization is enabled, cases where it occurs may be
detected by using -Wstrict-overflow=N where N >= 3. Note that using
this warning option is likely to yield a number of false positive
reports--cases where this or other overflow optimizations are being
applied, but where there is no actual problem.
Please see the gcc manual for more information about these options.
Ian