Some subsurface notes from a week of diving

Linus Torvalds torvalds at linux-foundation.org
Mon Mar 17 12:33:51 PDT 2014


On Mon, Mar 17, 2014 at 12:28 PM, Thiago Macieira <thiago at macieira.org> wrote:
> Em seg 17 mar 2014, às 11:12:31, Linus Torvalds escreveu:
>> The compiler is allowed to assume that the *result* of the arithmetic is
>> not NULL, because pointer arithmetic is only well-defined if it stays
>> within an object, and that explains the offsetof thing you point to (since
>> that very much uses the result). Even then, a compiler that actually
>> miscompiles the traditional format is just crap.
>
> Indeed:
>
> struct D { int i; int j; };
> int f(struct D *d)
> {
>         int *p = &d->j;
>         if (!p)
>                 return -1;
>         return *p;
> }
>
> Clang 3.4 removes the check for !p. ICC 14.0 and GCC 4.9 don't.

Yes, and I agree with Clang for this case.

But if you change that thing to tests "d" for NULL, and Clang removes
the test, then I think Clang is buggy. I don't have clang installed..

           Linus


More information about the subsurface mailing list