Possible gcc bug in strict type aliasing

Andrew Haley aph@redhat.com
Mon Sep 26 09:32:00 GMT 2016


On 25/09/16 22:46, David Brown wrote:

I think the bug is here:

>        temp = *t2p;      // Read as T2
>        t1p2 = (T1*)t2p;  // Visible T2 to T1 pointer conversion
>        *t1p2 = temp;     // Write as T1

6.3.2.3 Pointers

7 A pointer to an object type may be converted to a pointer to a
  different object type. If the resulting pointer is not correctly
  aligned for the referenced type, the behavior is undefined.
  Otherwise, when converted back again, the result shall compare equal
  to the original pointer.

Note that you have permission only to convert the pointer back to the
original type and compare it.  You don't have permission to
dereference it as a different type.  IMO your program is undefined.

This is key to alias analysis: we know that a pointer to T1 can only
point to objects compatible with T1.  It's not possible to "hide" a
pointer to T2 from the compiler by converting it to T1, passing it to
a function, and then converting it back to T2 and dereferencing it.

If you lie to the compiler, it will get its revenge.

Andrew.



More information about the Gcc-help mailing list