发表新帖
发表新帖

GCC: accuracy of strict aliasing warnings

后端 未结
关注
4 838
囚心锁ツ
囚心锁ツ 2020-12-16 12:19

I\'m trying to check some of my code for strict aliasing violations, but it looks like I\'ve missed something while trying to understand the strict aliasing rule.

Im

相关标签:
4条回答
  • 自闭症患者
    2020-12-16 12:28

    There is nothing inherently wrong with

    sp      = ( unsigned short * )&l;

    For all the compiler knows, you might simply cast back the pointer to the correct type again.

    There is also nothing inherently wrong with

    *( sp ) = 1;

    It's the combination of the two that's wrong.

    The compiler just can't put the two together to tell you the combination is problematic (it is impossible in the general case, and not so easy in this particular case).

    But

    *( ( unsigned short * )&l ) = 1;

    is far easier to detect, and hence the compiler does its best to do so.

    0 讨论(0)
  • 我在风中等你
    2020-12-16 12:35

    I expect that at O3 the compiler decides that because it knows variables of different types cannot alias, sp is never used. Therefore it removes sp from the program and no error is produced.

    Either that or because l is a known value it is being converted to a constant for use by printf. It'll still have storage because its address is taken, but that storage is never written to as far as it knows.

    0 讨论(0)
  • 失恋的感觉
    2020-12-16 12:49

    Your understanding is correct. Alias analysis is generally complicated and in this case apparently the mere use of a temporary pointer between the cast and dereference was enough to throw it off. Surprisingly, GCC 4.8.2 does a better job on this code, warning at -Wstrict-aliasing=2 as well as level 1, so this is a regression.

    As for clang, it simply does not currently have the facility to warn about aliasing violations. It does absolutely take advantage of the rule in optimization. To see this in action, take this example straight from the C standard (N1570 §6.5.2.3 9))

    struct t1 { int m; };
struct t2 { int m; };

int f(struct t1 *p1, struct t2 *p2) {
    if (p1->m < 0)
        p2->m = -p2->m;
    return p1->m;
}

    If p1 and p2 point to the same struct, Clang (and GCC) will nevertheless return the value of p1->m before negation, since they may assume p2 does not alias p1 and therefore the previous negation never affects the result. Here's the full example and output with and without -fstrict-aliasing. For more examples, see here and the oft-cited What Every C Programmer Should Know About Undefined Behavior; strict aliasing optimizations are the final topic of the introductory post.

    As for when warnings will be implemented, the devs are quiet, but they are mentioned in clang's test suite, which lists -Wstrict-aliasing=X under the title (emphasis mine)

    These flags are currently unimplemented; test that we output them anyway.

    So it seems likely to happen at some point.

    0 讨论(0)
  • 执念已碎
    2020-12-16 12:50

    My interpretation of the situation:

    1. *( ( unsigned short * )&l ) = 1; is easier to catch, because the violation is in one line. So it's always caught.

    2. With optimization, the second variation is also caught. After optimization, it's as simple as the first.

    3. Without optimization, -Wstrict-aliasing=1, which is lazier than the default, catches it. This is because it treats the cast itself as a violation, even without the dereference (delete the dereference and see). This simplistic logic is fast, but leads to false positives.

    0 讨论(0)
 看不清?
提交回复
热议问题