<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">On Fri, Feb 26, 2016 at 7:12 AM, Robert Haberlach <span dir="ltr"><<a href="mailto:rh633@cam.ac.uk" target="_blank">rh633@cam.ac.uk</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">I apologize in advance if this was discussed before; I didn't check the entire archive. Consider<br>
<br>
static_assert(alignof(float) >= alignof(int) && sizeof(float) >= sizeof(int));<br>
int foo(float f) {<br>
return *std::launder(reinterpret_cast<int*>(&f)); }<br>
<br>
As it stands, invocation of foo is undefined, as the argument to launder is not pointing to an object of type int (or similar) within its lifetime,<br>
violating launder's requirement.<br>
<br>
launder is designed to inhibit address propagation analysis, which is the only concerning optimization. Moreover, as long as all usual conditions are<br>
met (alignment, size & trap values), this should be fine on any implementation. If so, can we make the above formally well-defined?<br></blockquote><div>This is not fine. Type-based aliasing analysis (TBAA) is allowed to determine that the write to "<span style="font-family:monospace,monospace">f</span>" and the read from the dereference is not related.<br></div><div>Consider the effects of inlining:<br><div style="margin-left:40px"><span style="font-family:monospace,monospace">int main(void) { return !foo(0.5f); }</span><br></div><br>becomes (loosely):<br><br><div style="margin-left:40px"><span style="font-family:monospace,monospace">int main(void) {</span><br><span style="font-family:monospace,monospace"> int __ret;</span><br><span style="font-family:monospace,monospace"> {</span><br><span style="font-family:monospace,monospace"> float __f = 0.5f;</span><br><span style="font-family:monospace,monospace"> __ret = *std::launder(reinterpret_cast<int *>(&__f)); </span><br><span style="font-family:monospace,monospace"> }</span><br><span style="font-family:monospace,monospace"> return !__ret;</span><br><span style="font-family:monospace,monospace">}</span><br></div><br>The implementation is allowed to observe that there are no TBAA-compatible reads of the value of <span style="font-family:monospace,monospace">__f</span> within its lifetime. The likely result is that the initialization of <span style="font-family:monospace,monospace">__f</span> would be optimized away.<br><br></div><div>-- HT<br></div><div><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
Being able to use launder in such scenarios would render circumlocutions via memcpy superfluous.<br>
<br>
Robert<br>
_______________________________________________<br>
ub mailing list<br>
<a href="mailto:ub@isocpp.open-std.org">ub@isocpp.open-std.org</a><br>
<a href="http://www.open-std.org/mailman/listinfo/ub" rel="noreferrer" target="_blank">http://www.open-std.org/mailman/listinfo/ub</a><br>
</blockquote></div><br></div></div>