public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug c/14750] New: type-punned pointer causes bad code
@ 2004-03-27 3:58 lindsayd at cisco dot com
2004-03-27 4:09 ` [Bug c/14750] " lindsayd at cisco dot com
` (11 more replies)
0 siblings, 12 replies; 14+ messages in thread
From: lindsayd at cisco dot com @ 2004-03-27 3:58 UTC (permalink / raw)
To: gcc-bugs
A program which causes the warning:
warning: dereferencing type-punned pointer will break strict-aliasing rules
leads to incorrect code. Put this code in typepun.c:
---------------------------------------
typedef unsigned short ushort;
typedef unsigned long ulong;
typedef struct {
ushort field1;
ushort field2;
} twoshorts;
void bug (ulong *p, int pcount)
{
twoshorts two;
if (pcount == 1) {
two.field2 = 0x400;
two.field1 = 0x8300;
*p = *(ulong *)&two;
}
}
------------------<end of typepun.c>---------------
and compile it with this script:
mips64-elf-gcc -S -nostdinc -mips3 -mabi=32 -O2 -Wall typepun.c
Examining the code, we see that two ushorts are written to a local struct, and
then the whole struct is copied elsewhere as a ulong. (Yeah, it's gross, but in
its defence, the original program that I cut down contains the keyword
"volatile".) Examining the resulting .s file, we see (as 4 consecutive lines):
sh $2,2($sp)
lw $2,0($sp)
li $3,-32000
sh $3,0($sp)
--
Summary: type-punned pointer causes bad code
Product: gcc
Version: 3.4.0
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: c
AssignedTo: unassigned at gcc dot gnu dot org
ReportedBy: lindsayd at cisco dot com
CC: gcc-bugs at gcc dot gnu dot org
GCC build triplet: i686-pc-linux-gnu
GCC host triplet: i686-pc-linux-gnu
GCC target triplet: mips64-unknown-elf
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=14750
^ permalink raw reply [flat|nested] 14+ messages in thread
* [Bug c/14750] type-punned pointer causes bad code
2004-03-27 3:58 [Bug c/14750] New: type-punned pointer causes bad code lindsayd at cisco dot com
@ 2004-03-27 4:09 ` lindsayd at cisco dot com
2004-03-27 8:40 ` pinskia at gcc dot gnu dot org
` (10 subsequent siblings)
11 siblings, 0 replies; 14+ messages in thread
From: lindsayd at cisco dot com @ 2004-03-27 4:09 UTC (permalink / raw)
To: gcc-bugs
------- Additional Comments From lindsayd at cisco dot com 2004-03-27 04:09 -------
The above got committed before I was finished. Sigh.
What's right about these four lines is that they store two halfwords (with "sh")
and load a word (with "lw"). What's wrong is that they do it in the order
{store,load,store}, not {store,store,load}. So the result (the returned word)
contains 16 uninitialized bits from the stack frame. That's not OK.
The latest 3.4 snapshot has this behavior. I believe 3.3 has the same problem:
at least, it did in December.
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=14750
^ permalink raw reply [flat|nested] 14+ messages in thread
* [Bug c/14750] type-punned pointer causes bad code
2004-03-27 3:58 [Bug c/14750] New: type-punned pointer causes bad code lindsayd at cisco dot com
2004-03-27 4:09 ` [Bug c/14750] " lindsayd at cisco dot com
@ 2004-03-27 8:40 ` pinskia at gcc dot gnu dot org
2004-03-27 19:44 ` lindsayd at cisco dot com
` (9 subsequent siblings)
11 siblings, 0 replies; 14+ messages in thread
From: pinskia at gcc dot gnu dot org @ 2004-03-27 8:40 UTC (permalink / raw)
To: gcc-bugs
------- Additional Comments From pinskia at gcc dot gnu dot org 2004-03-27 08:40 -------
The warning is correct, you are violating C89 (and C99 and C++) aliasing rules. Use an union to get
around this problem (note C89 says this still is undefined but GCC defines this as what you are
expecting).
--
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |RESOLVED
Resolution| |INVALID
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=14750
^ permalink raw reply [flat|nested] 14+ messages in thread
* [Bug c/14750] type-punned pointer causes bad code
2004-03-27 3:58 [Bug c/14750] New: type-punned pointer causes bad code lindsayd at cisco dot com
2004-03-27 4:09 ` [Bug c/14750] " lindsayd at cisco dot com
2004-03-27 8:40 ` pinskia at gcc dot gnu dot org
@ 2004-03-27 19:44 ` lindsayd at cisco dot com
2004-03-27 19:52 ` Joseph S. Myers
2004-03-27 19:52 ` jsm at polyomino dot org dot uk
` (8 subsequent siblings)
11 siblings, 1 reply; 14+ messages in thread
From: lindsayd at cisco dot com @ 2004-03-27 19:44 UTC (permalink / raw)
To: gcc-bugs
------- Additional Comments From lindsayd at cisco dot com 2004-03-27 19:44 -------
It the compiler is about to generate incorrect code, then it shouldn't be a
warning, it should be an error.
--
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |UNCONFIRMED
Resolution|INVALID |
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=14750
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [Bug c/14750] type-punned pointer causes bad code
2004-03-27 19:44 ` lindsayd at cisco dot com
@ 2004-03-27 19:52 ` Joseph S. Myers
0 siblings, 0 replies; 14+ messages in thread
From: Joseph S. Myers @ 2004-03-27 19:52 UTC (permalink / raw)
To: lindsayd at cisco dot com; +Cc: gcc-bugs
On Sat, 27 Mar 2004, lindsayd at cisco dot com wrote:
> It the compiler is about to generate incorrect code, then it shouldn't be a
> warning, it should be an error.
No, the function might never be executed. DR#109 is clear: "A conforming
implementation must not fail to translate a strictly conforming program
simply because _some_ possible execution of that program would result in
undefined behavior.".
http://std.dkuug.dk/JTC1/SC22/WG14/www/docs/dr_109.html
--
Joseph S. Myers
jsm@polyomino.org.uk
^ permalink raw reply [flat|nested] 14+ messages in thread
* [Bug c/14750] type-punned pointer causes bad code
2004-03-27 3:58 [Bug c/14750] New: type-punned pointer causes bad code lindsayd at cisco dot com
` (2 preceding siblings ...)
2004-03-27 19:44 ` lindsayd at cisco dot com
@ 2004-03-27 19:52 ` jsm at polyomino dot org dot uk
2004-03-27 19:52 ` falk at debian dot org
` (7 subsequent siblings)
11 siblings, 0 replies; 14+ messages in thread
From: jsm at polyomino dot org dot uk @ 2004-03-27 19:52 UTC (permalink / raw)
To: gcc-bugs
------- Additional Comments From jsm at polyomino dot org dot uk 2004-03-27 19:52 -------
Subject: Re: type-punned pointer causes bad code
On Sat, 27 Mar 2004, lindsayd at cisco dot com wrote:
> It the compiler is about to generate incorrect code, then it shouldn't be a
> warning, it should be an error.
No, the function might never be executed. DR#109 is clear: "A conforming
implementation must not fail to translate a strictly conforming program
simply because _some_ possible execution of that program would result in
undefined behavior.".
http://std.dkuug.dk/JTC1/SC22/WG14/www/docs/dr_109.html
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=14750
^ permalink raw reply [flat|nested] 14+ messages in thread
* [Bug c/14750] type-punned pointer causes bad code
2004-03-27 3:58 [Bug c/14750] New: type-punned pointer causes bad code lindsayd at cisco dot com
` (3 preceding siblings ...)
2004-03-27 19:52 ` jsm at polyomino dot org dot uk
@ 2004-03-27 19:52 ` falk at debian dot org
2004-03-27 20:19 ` lindsayd at cisco dot com
` (6 subsequent siblings)
11 siblings, 0 replies; 14+ messages in thread
From: falk at debian dot org @ 2004-03-27 19:52 UTC (permalink / raw)
To: gcc-bugs
------- Additional Comments From falk at debian dot org 2004-03-27 19:52 -------
First, no, it shouldn't, since the code might never be actually executed at
run time. Second, gcc cannot reliably detect this condition; it doesn't really
know whether you actually dereference the type-punned pointer (if you don't,
the code is OK).
--
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |RESOLVED
Resolution| |INVALID
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=14750
^ permalink raw reply [flat|nested] 14+ messages in thread
* [Bug c/14750] type-punned pointer causes bad code
2004-03-27 3:58 [Bug c/14750] New: type-punned pointer causes bad code lindsayd at cisco dot com
` (4 preceding siblings ...)
2004-03-27 19:52 ` falk at debian dot org
@ 2004-03-27 20:19 ` lindsayd at cisco dot com
2004-03-27 20:23 ` pinskia at gcc dot gnu dot org
` (5 subsequent siblings)
11 siblings, 0 replies; 14+ messages in thread
From: lindsayd at cisco dot com @ 2004-03-27 20:19 UTC (permalink / raw)
To: gcc-bugs
------- Additional Comments From lindsayd at cisco dot com 2004-03-27 20:19 -------
The maybe the warning should be more sternly worded.
While we're having this discussion, any idea why GCC-2.95.3 reliably generated
working code for this construct, without issuing a warning?
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=14750
^ permalink raw reply [flat|nested] 14+ messages in thread
* [Bug c/14750] type-punned pointer causes bad code
2004-03-27 3:58 [Bug c/14750] New: type-punned pointer causes bad code lindsayd at cisco dot com
` (5 preceding siblings ...)
2004-03-27 20:19 ` lindsayd at cisco dot com
@ 2004-03-27 20:23 ` pinskia at gcc dot gnu dot org
2004-03-28 3:09 ` giovannibajo at libero dot it
` (4 subsequent siblings)
11 siblings, 0 replies; 14+ messages in thread
From: pinskia at gcc dot gnu dot org @ 2004-03-27 20:23 UTC (permalink / raw)
To: gcc-bugs
------- Additional Comments From pinskia at gcc dot gnu dot org 2004-03-27 20:23 -------
Yes because the warning was not in 2.95.3 and -fstrict-aliasing was not enabled by default in 2.95.3
(but it was for 2.95 and people complained so we turned it off until 3.0 when we turned it back on).
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=14750
^ permalink raw reply [flat|nested] 14+ messages in thread
* [Bug c/14750] type-punned pointer causes bad code
2004-03-27 3:58 [Bug c/14750] New: type-punned pointer causes bad code lindsayd at cisco dot com
` (6 preceding siblings ...)
2004-03-27 20:23 ` pinskia at gcc dot gnu dot org
@ 2004-03-28 3:09 ` giovannibajo at libero dot it
2004-03-28 13:02 ` jsm at polyomino dot org dot uk
` (3 subsequent siblings)
11 siblings, 0 replies; 14+ messages in thread
From: giovannibajo at libero dot it @ 2004-03-28 3:09 UTC (permalink / raw)
To: gcc-bugs
------- Additional Comments From giovannibajo at libero dot it 2004-03-28 03:09 -------
JSM, what about rewording the message to make it clearer? Something
like: "derefering type-punned pointer will break strict-aliasing rules, and
might generate invalid code" or something like that. An explicit reference to
the wrong-code problem might help.
--
What |Removed |Added
----------------------------------------------------------------------------
CC| |giovannibajo at libero dot
| |it, jsm at polyomino dot org
| |dot uk
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=14750
^ permalink raw reply [flat|nested] 14+ messages in thread
* [Bug c/14750] type-punned pointer causes bad code
2004-03-27 3:58 [Bug c/14750] New: type-punned pointer causes bad code lindsayd at cisco dot com
` (7 preceding siblings ...)
2004-03-28 3:09 ` giovannibajo at libero dot it
@ 2004-03-28 13:02 ` jsm at polyomino dot org dot uk
2004-03-29 4:55 ` bangerth at dealii dot org
` (2 subsequent siblings)
11 siblings, 0 replies; 14+ messages in thread
From: jsm at polyomino dot org dot uk @ 2004-03-28 13:02 UTC (permalink / raw)
To: gcc-bugs
------- Additional Comments From jsm at polyomino dot org dot uk 2004-03-28 13:02 -------
Subject: Re: type-punned pointer causes bad code
On Sun, 28 Mar 2004, giovannibajo at libero dot it wrote:
> JSM, what about rewording the message to make it clearer? Something
> like: "derefering type-punned pointer will break strict-aliasing rules, and
> might generate invalid code" or something like that. An explicit reference to
> the wrong-code problem might help.
We could do with a proper index to the diagnostics. But for now adding an
inform () with a suitable message following the warning would make sense.
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=14750
^ permalink raw reply [flat|nested] 14+ messages in thread
* [Bug c/14750] type-punned pointer causes bad code
2004-03-27 3:58 [Bug c/14750] New: type-punned pointer causes bad code lindsayd at cisco dot com
` (8 preceding siblings ...)
2004-03-28 13:02 ` jsm at polyomino dot org dot uk
@ 2004-03-29 4:55 ` bangerth at dealii dot org
2005-06-05 8:42 ` pinskia at gcc dot gnu dot org
2005-06-05 8:42 ` pinskia at gcc dot gnu dot org
11 siblings, 0 replies; 14+ messages in thread
From: bangerth at dealii dot org @ 2004-03-29 4:55 UTC (permalink / raw)
To: gcc-bugs
------- Additional Comments From bangerth at dealii dot org 2004-03-29 04:54 -------
The documentation of -Wstrict-aliasing references -fstrict-aliasing
which states what exactly is wrong here. However, if someone is
interested in cleaning something up: the last paragraph of the docs
of -fstrict-aliasing should really go into the internals manual,
not invoke.texi:
--------------
Every language that wishes to perform language-specific alias analysis
should define a function that computes, given an @code{tree}
node, an alias set for the node. Nodes in different alias sets are not
allowed to alias. For an example, see the C front-end function
@code{c_get_alias_set}.
--------------
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=14750
^ permalink raw reply [flat|nested] 14+ messages in thread
* [Bug c/14750] type-punned pointer causes bad code
2004-03-27 3:58 [Bug c/14750] New: type-punned pointer causes bad code lindsayd at cisco dot com
` (10 preceding siblings ...)
2005-06-05 8:42 ` pinskia at gcc dot gnu dot org
@ 2005-06-05 8:42 ` pinskia at gcc dot gnu dot org
11 siblings, 0 replies; 14+ messages in thread
From: pinskia at gcc dot gnu dot org @ 2005-06-05 8:42 UTC (permalink / raw)
To: gcc-bugs
------- Additional Comments From pinskia at gcc dot gnu dot org 2005-06-05 08:42 -------
Mark as a dup of bug 21920.
*** This bug has been marked as a duplicate of 21920 ***
--
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |RESOLVED
Resolution| |DUPLICATE
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=14750
^ permalink raw reply [flat|nested] 14+ messages in thread
* [Bug c/14750] type-punned pointer causes bad code
2004-03-27 3:58 [Bug c/14750] New: type-punned pointer causes bad code lindsayd at cisco dot com
` (9 preceding siblings ...)
2004-03-29 4:55 ` bangerth at dealii dot org
@ 2005-06-05 8:42 ` pinskia at gcc dot gnu dot org
2005-06-05 8:42 ` pinskia at gcc dot gnu dot org
11 siblings, 0 replies; 14+ messages in thread
From: pinskia at gcc dot gnu dot org @ 2005-06-05 8:42 UTC (permalink / raw)
To: gcc-bugs
------- Additional Comments From pinskia at gcc dot gnu dot org 2005-06-05 08:42 -------
Reopning to ...
--
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |UNCONFIRMED
Resolution|INVALID |
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=14750
^ permalink raw reply [flat|nested] 14+ messages in thread
end of thread, other threads:[~2005-06-05 8:42 UTC | newest]
Thread overview: 14+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2004-03-27 3:58 [Bug c/14750] New: type-punned pointer causes bad code lindsayd at cisco dot com
2004-03-27 4:09 ` [Bug c/14750] " lindsayd at cisco dot com
2004-03-27 8:40 ` pinskia at gcc dot gnu dot org
2004-03-27 19:44 ` lindsayd at cisco dot com
2004-03-27 19:52 ` Joseph S. Myers
2004-03-27 19:52 ` jsm at polyomino dot org dot uk
2004-03-27 19:52 ` falk at debian dot org
2004-03-27 20:19 ` lindsayd at cisco dot com
2004-03-27 20:23 ` pinskia at gcc dot gnu dot org
2004-03-28 3:09 ` giovannibajo at libero dot it
2004-03-28 13:02 ` jsm at polyomino dot org dot uk
2004-03-29 4:55 ` bangerth at dealii dot org
2005-06-05 8:42 ` pinskia at gcc dot gnu dot org
2005-06-05 8:42 ` pinskia at gcc dot gnu dot org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).