Re: [PATCH] C undefined behavior fix

Paul Mackerras (paulus@samba.org)
Mon, 7 Jan 2002 08:59:47 +1100 (EST)


Gabriel Dos Reis writes:

> Personnally, I don't have any sentiment against the assembler
> solution. Dewar said it was unnecessarily un-portable, but that the
> construct by itself *is* already unportable.

I assume that what we're talking about is using an asm statement like:

asm("" : "=r" (x) : "0" (y));

to make the compiler treat x as a pointer that it knows nothing about,
given a pointer y that the compiler does know something about. For
example, y might be (char *)((unsigned long)"foo" + offset).

My main problem with this is that it doesn't actually solve the
problem AFAICS. Dereferencing x is still undefined according to the
rules in the gcc manual.

Thus, although this would make the problems go away at the moment,
they will come back at some time in the future, e.g. when gcc learns
to analyse asm statements and realises that the asm is just doing
x = y. I would prefer a solution that will last, rather than one
which relies on details of the current gcc implementation.

Other objections that I have to this solution are:

- it is hard to read; it wouldn't be obvious to someone who doesn't
know the details of gcc asm syntax what it is doing or why

- it is a statement, which makes it less convenient to use than an
expression

- it requires an extra dummy variable declaration.

But my main objection is that I don't have any assurance that it
actually solves the problem in a lasting way.

Paul.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/