"As a boring platform for the portable parts of boring crypto software, I'd like to see a free C compiler that clearly defines, and permanently commits to, carefully designed semantics for everything that's labeled "undefined" or "unspecified" or implementation-defined" in the C "standard". This compiler will provide a comprehensible foundation for people writing C code, for people auditing C code, and for people formally verifying C code." (DJ Bernstein)
The only thing stopping gcc from becoming the desired boringcc is to find the people willing to do the work.
Implementing boringcc as a new flag of GCC
There are already several flags in gcc (-fno-strict-overflow, -fno-strict-aliasing, etc.) that prevent optimizations based on undefined behavior. Assuming that boringcc is technically possible at all, then a more general flag (-Oboring or -fboring) encompassing the existing ones plus any other undefined behavior should also be possible.
An incomplete list of features that -Oboring would need:
signed overflow: [DONE: -fno-strict-overflow] Although this might not be enough. See PR58454, so perhaps -fwrapv but see a discussion about -fwrapv issues. Note -fno-strict-overflow is equal to -fwrapv starting with GCC 8.
strict-aliasing: [DONE: -fno-strict-aliasing]
NULL pointer dereference: [DONE: -fno-delete-null-pointer-checks]
memory store to a location precedes a constructor to the memory location: [DONE: -fno-lifetime-dse] See also PR71885
initialize undefined values to zero: See PR70069
- out of bounds array access:
any read out of bounds produces 0; any write out of bounds is ignored. (DJB)
- Unaligned access
- to be defined...
It is an open question whether -Oboring will generate significantly slower code. The Linux kernel already defaults to most of these options and they have not noticed any difference.
Disadvantages of creating a new compiler
- Building a modern C compiler supporting as many standards and targets as GCC seems much more work than modifying GCC.
- There is already a pool of GCC developers that, although they may not be interested in boringcc, they will help by keeping the other common parts working. That is, you'll need fewer developers interested in boringcc to achieve the same amount of work.
Being a drop-in replacement of GCC would help users and simplify adoption since people are already used to GCC. This is much easier if boringcc is just gcc -Oboring.