From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 58946 invoked by alias); 4 Mar 2015 12:36:25 -0000 Mailing-List: contact gcc-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Id: List-Archive: List-Post: List-Help: Sender: gcc-owner@gcc.gnu.org Received: (qmail 58933 invoked by uid 89); 4 Mar 2015 12:36:25 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=0.4 required=5.0 tests=AWL,BAYES_00,FREEMAIL_FROM,KAM_FROM_URIBL_PCCC,RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=no version=3.3.2 X-HELO: mail-ob0-f171.google.com Received: from mail-ob0-f171.google.com (HELO mail-ob0-f171.google.com) (209.85.214.171) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with (AES128-GCM-SHA256 encrypted) ESMTPS; Wed, 04 Mar 2015 12:36:24 +0000 Received: by obcwo20 with SMTP id wo20so6452867obc.7 for ; Wed, 04 Mar 2015 04:36:22 -0800 (PST) MIME-Version: 1.0 X-Received: by 10.182.33.102 with SMTP id q6mr2762941obi.79.1425472581903; Wed, 04 Mar 2015 04:36:21 -0800 (PST) Received: by 10.76.98.137 with HTTP; Wed, 4 Mar 2015 04:36:21 -0800 (PST) In-Reply-To: <54F645DB.1080903@redhat.com> References: <20150218192943.GR1746@tucnak.redhat.com> <54E64DFF.8030100@codesourcery.com> <54E71534.8070805@redhat.com> <20150220121014.GY1746@tucnak.redhat.com> <54E76865.4010305@redhat.com> <54F61214.7030407@redhat.com> <54F645DB.1080903@redhat.com> Date: Wed, 04 Mar 2015 12:36:00 -0000 Message-ID: Subject: Re: Obscure crashes due to gcc 4.9 -O2 => -fisolate-erroneous-paths-dereference From: Richard Biener To: Jeff Law Cc: Martin Sebor , Jakub Jelinek , Florian Weimer , Sandra Loosemore , Jeff Prothero , GCC Development Content-Type: text/plain; charset=UTF-8 X-IsSubscribed: yes X-SW-Source: 2015-03/txt/msg00019.txt.bz2 On Wed, Mar 4, 2015 at 12:38 AM, Jeff Law wrote: > On 03/03/15 12:57, Martin Sebor wrote: >> >> >> As a data point(*) it might be interesting to note that GCC itself >> relies on memcpy providing stronger guarantees than the C standard >> requires it to by emitting calls to the function for large structure >> self-assignments (which are strictly conforming, as discussed in bug >> 65029). > > Right. I actually spent quite a bit of time struggling with this a while > back in a different context. The only case I could come up with where GCC > would generate an overlapping memcpy was self assignment, but even that was > bad and while we ultimately punted, I've always considered it a wart. ? struct A { int large[100]; }; void foo (struct A *x, struct A *y) { *x = *y; } call it as foo (&a, &a); (on x86 you need -mstringop-strategy=libcall, even at -O0, to emit a memcpy call) The self-assignment doesn't have to be visible to the compiler - so to fix this we'd have to assume pointer equality everywhere and either emit a conditional call to memcpy or always emit a call to memmove. Richard. > > [*] IMO, one in favor of tightening up the memcpy specification >> >> to require implementations to provide the expected semantics. > > That works for me :-) > > The things done in glibc's memcpy are a bit on the absurd side and the pain > caused by the changes over time is almost impossible to overstate. If the > Austin group tightens memcpy to require fewer surprises I think most > developers would ultimately be happy with the result -- a few would complain > about the performance impacts for specific workloads, but I suspect they'd > be in the minority. > > > jeff >