On 01/05/2010 07:38 PM, Joshua Haberman wrote:
> Robert Dewar <dewar <at> adacore.com> writes:
>> In any case the gcc interpretation is clearly what's
>> intended in my view, so if it can be argued that the
>> standard is inconsistent with this interpretation (I
>> am unconvinced that this burden has been met), then
>> the conclusion is to add a clarification to the
>> standard, not to modify the gcc behavior.
>
> I agree with you completely on this point. My position throughout this
> thread has been that GCC should keep its existing type-based aliasing
> behavior. I think the GCC policy represents a good trade-off between a
> policy that is not aggressive enough and a policy that is too hard to
> follow.
>
> In my view the C99 standard quite clearly specifies a policy that is
> less aggressive than what GCC implements. I think it's hard to come to
> any other conclusion; section 6.5 paragraph 7 contains a footnote
> explicitly stating that the intention is to specify conditions under
> which values may be aliased, and one of the rules allows for an aliasing
> condition that GCC does not respect. I have not heard any credible
> rebuttal to this point,
On the contrary, you haven't even addressed the core issue. 6.3.2.3
limits the pointer conversions that you may do without undefined
behaviour. The conversion in your example displays undefined
behaviour, since it is not permitted by 6.3.2.3. Therefore, your
example is not legal C. Once you have a single example of undefined
beaviour, the rest of the program is irrelevant.
> or any explanation of what 6.5 paragraph 7 *does* mean, if it is not
> intended to specify aliasing rules.
It means, for example, that if you have something like
struct s1
{
float a;
float b;
};
void foo(struct s *a, int *b)
{
...
an access to *a shall not access the value of *b. However, an access
to a struct type that includes a member of a type compatible with int
may access the value of *b. This is a rule that gcc uses to do its
alias analysis.
However, this rule should not be read as extending the range of legal
pointer conversions: it only limits the types that may alias.
Andrew.
