From: Martin Uecker <ma.uecker@gmail.com>
To: Michael Matz <matz@suse.de>
Cc: Richard Biener <richard.guenther@gmail.com>,
"gcc@gcc.gnu.org" <gcc@gcc.gnu.org>
Subject: Re: reordering of trapping operations and volatile
Date: Fri, 14 Jan 2022 16:46:05 +0100 [thread overview]
Message-ID: <58d8f916f96fc8f371c1f0a4db05b944d23ac10d.camel@gmail.com> (raw)
In-Reply-To: <alpine.LSU.2.20.2201141328210.4251@wotan.suse.de>
Am Freitag, den 14.01.2022, 14:15 +0000 schrieb Michael Matz:
> Hello,
>
> On Thu, 13 Jan 2022, Martin Uecker wrote:
...
> > > I think to define this
> > > all rigorously seems futile (you need a new
> > > category between observable and UB), so it comes
> > > down to compiler QoI on a case by case basis.
> >
> > We would simply change UB to mean "arbitrary
> > behavior at the point of time the erraneous
> > construct is encountered at run-time" and
> > not "the complete program is invalid all
> > together". I see no problem in specifying this
> > (even in a formally precise way)
>
> First you need to define "point in time", a concept which doesn't exist
> yet in C. The obvious choice is of course observable behaviour in the
> execution environment and its specified ordering from the abstract
> machine, as clarified via sequence points. With that your "at the point
> in time" becomes something like "after all side effects of previous
> sequence point, but strictly before all side effects of next sequence
> point".
Yes, all observable side effects sequenced before
the erroneous operation should be preserved. We
also need to consider multi-threading (happens-before)
But I do not think there is any need to discuss the
precise wording now.
> But doing that would have very far reaching consequences, as already
> stated in this thread.
We already agreed that UB already works like this
relative to every function call. So why do you
think this could have far reaching consequences
when we also require this for volatile accesses
- considering that volatile accesses are not nearly
as common as function calls, and often already
limit optimization?
We had a lot of trouble even finding examples where
compiler currently exhibit behavior that would need
to change.
> The above would basically make undefined behaviour
> be reliably countable, and all implementations would need to produce the
> same counts of UB. That in turn disables many code movement and
> commonization transformations, e.g. this:
>
> int a = ..., b = ...;
> int x = a + b;
> int y = a + b;
>
> can't be transformed into "y = x = a + b" anymore, because the addition
> _might_ overflow, and if it does you have two UBs originally but would
> have one UB after. I know that you don't want to inhibit this or similar
> transformations, but that would be the result of making UB countable,
> which is the result of forcing UB to happen at specific points in time.
> So, I continue to see problems in precisely specifying what you want, _but
> not more_.
Don't worry, I do not want to make UB observable or
countable. Your example does not contain observable
behavior, so would be unaffected.
> I think all models in which you order the happening of UB with respect to
> existing side effects (per abstract machine, so it includes modification
> of objects!) have this same problem, it always becomes a side effect
> itself (one where you don't specify what actually happens, but a side
> effect nontheless) and hence becomes observable.
I don't think so. The standard always only defines behavior.
Here, would only guarantee that observable behavior before
a specific time point stays defined. For this we do not make
UB observable or countable because the statements we make
is not about the UB, but about the defined behavior before.
Martin
next prev parent reply other threads:[~2022-01-14 15:46 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-01-08 8:32 Martin Uecker
2022-01-08 12:41 ` Richard Biener
2022-01-08 13:50 ` Martin Uecker
2022-01-08 14:13 ` Marc Glisse
2022-01-08 14:41 ` Eric Botcazou
2022-01-08 15:27 ` Martin Uecker
2022-01-08 17:33 ` Eric Botcazou
2022-01-08 15:03 ` David Brown
2022-01-08 16:42 ` Martin Uecker
2022-01-08 18:35 ` Andrew Pinski
2022-01-08 21:07 ` Martin Uecker
2022-01-10 9:04 ` Richard Biener
2022-01-10 17:36 ` Martin Uecker
2022-01-11 7:11 ` Richard Biener
2022-01-11 8:17 ` Martin Uecker
2022-01-11 9:13 ` Richard Biener
2022-01-11 20:01 ` Martin Uecker
2022-01-13 16:45 ` Michael Matz
2022-01-13 19:17 ` Martin Uecker
2022-01-14 14:15 ` Michael Matz
2022-01-14 14:58 ` Paul Koning
2022-01-15 21:28 ` Martin Sebor
2022-01-15 21:38 ` Paul Koning
2022-01-16 12:37 ` Martin Uecker
2022-01-14 15:46 ` Martin Uecker [this message]
2022-01-14 19:54 ` Jonathan Wakely
2022-01-15 9:00 ` Martin Uecker
2022-01-15 16:33 ` Jonathan Wakely
2022-01-15 18:48 ` Martin Uecker
2022-01-17 14:10 ` Michael Matz
2022-01-18 8:31 ` Richard Biener
2022-01-21 16:21 ` Martin Uecker
2022-01-11 18:17 ` David Brown
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=58d8f916f96fc8f371c1f0a4db05b944d23ac10d.camel@gmail.com \
--to=ma.uecker@gmail.com \
--cc=gcc@gcc.gnu.org \
--cc=matz@suse.de \
--cc=richard.guenther@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).