On Mon, Nov 7, 2011 at 8:03 PM, Jeff Law <l...@redhat.com> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 11/07/11 08:49, Richard Guenther wrote: > >> >> OTOH I'm not sure we want to change a possible trap (And thus >> program abort) to a fallthru ... > I think this is the big question we need to answer; there's other > places were we rely upon ISO's standards to enable optimization. But > this one just feels a little different... Or maybe I'm shy after the > kernel security problem caused by relying on dereferenced pointer not > being null. > > I could easily see not enabling the switch by default for a period of > time, or enabling the optimization by default along with some kind of > warning.
Indeed. We'd have to tell people that they cannot catch *(void *)0 = 0 with a SIGSEGV signal handler unless they compile with some magic flag. Thus, the question is whether we want to optimize things in a way that are non-obvious to people viewing things from a POSIX point of view rather than a C standard conforming issue. But what we could do by default is transform such stores to a trap representation, or at least making the feeding stmts dead by changing the stored value and the address to a constant (thus, even preserve the trap kind). fold_stmt could change the stored value if the address is literal zero, and all passes that know it is zero should propagate it anyway. That wouldn't remove the outgoing edge from the store of course, cfgcleanup could be teached to do that though (and we could invent a trap kind argument to __builtin_trap). Richard.
