[Bug c/93031] Wish: When the underlying ISA does not force pointer alignment, option to make GCC not assume it

Tue, 16 Mar 2021 08:38:35 -0700 

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=93031

Vladislav Valtchev <vladislav.valtchev at gmail dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |vladislav.valtchev at gmail 
dot co
                   |                            |m

--- Comment #5 from Vladislav Valtchev <vladislav.valtchev at gmail dot com> ---
Guys, in the Linux kernel too unaligned access is used when the ISA supports it
natively. Take a look at:

https://elixir.bootlin.com/linux/latest/source/lib/strncpy_from_user.c#L15

When CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS is 1, we have:
    #define IS_UNALIGNED(src, dst) 0

The initial IS_UNALIGNED() check in do_strncpy_from_user() always fails and the
following statement is executed:

    *(unsigned long *)(dst+res) = c;

Where 'dst' is a char* pointer, while 'res' is an unsigned long.

CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS is widely used:
https://elixir.bootlin.com/linux/latest/A/ident/CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS

What protects us from undefined behavior? We all agree that
-fno-strict-aliasing doesn't help in this case. Maybe we're *temporarily* kind
of safe because FPU instructions are not allowed in the kernel and we're not
aliasing anything? But that doesn't guarantee us that, in the future, some new
fancy optimization won't break everything, right?


My point is that out there there is a *ton* of code using unaligned access
(when the ISA supports it) and while it's great to optimize as much as the C
standard allows the new code, we still need to build legacy code as well, in
MANY cases. And for "legacy" code, I mean all the code that we used to compile
with GCC up to version 7.x, which is fairly recent.

I believe that it's *not a good idea* to just drop support for millions of
lines of code that potentially, somewhere, might rely on unaligned access
without not even adding an option to make that safe. It's simply not realistic
to fix ALL the "legacy" C code that uses unaligned access, no matter if, even
at the time, the C standard stated that unaligned access is UB. Therefore, it
will be really great to have an option such as "-fno-strict-align" or something
like that.


Side question: now we have "-Wcast-align=strict", which will trigger a warning
in cases like the example above, which is helpful, even if it cannot warn us in
all the cases (see Pascal's example). BUT, this warning can be suppressed this
way:

    *(unsigned long *)(void *)(dst+res) = c;

Question: does that mean that GCC *won't make assumptions* anymore about the
alignment of the pointer, or it's still UB from the GCC point of view?

Thanks in advance,
Vlad

Reply via email to