gcc的bug?

acguy

[PHP]
#include <iostream>
#include <string>

using namespace std;

int main()
{
    unsigned char v[4] = {0, 1, 2, 3};
    int save = *(int *)v; //save v
    *(short *)(v + 1) = 2; //set v[1]
    *(int *)v = save; //restore v
    cout<<(int)v[1]<<endl; //print v[1], it is 2 when complie with -O2 !!!
    return 0;
}

[/PHP]

简单的程序，用-O编译，正常，
用-O2编译就会输出 2, 反汇编看时，
[PHP]
    int save = *(int *)v; //save v
    *(short *)(v + 1) = 2; //set v[1]
[/PHP]
两句的实际执行次序是颠倒的。

acguy

试了gcc-3.4.6 gcc-4.0.3 gcc-4.1均如此
gcc-3.3.6正常！

manphiz

GCC Non-bugs

http://gcc.gnu.org/bugs.html#nonbugs_c
Casting does not work as expected when optimization is turned on.

    This is often caused by a violation of aliasing rules, which are part of the ISO C standard. These rules say that a program is invalid if you try to access a variable through a pointer of an incompatible type. This is happening in the following example where a short is accessed through a pointer to integer (the code assumes 16-bit shorts and 32-bit ints):

        #include <stdio.h>

        int main()
        {
          short a[2];

          a[0]=0x1111;
          a[1]=0x1111;

          *(int *)a = 0x22222222; /* violation of aliasing rules */

          printf("%x %x\n", a[0], a[1]);
          return 0;
        }

    The aliasing rules were designed to allow compilers more aggressive optimization. Basically, a compiler can assume that all changes to variables happen through pointers or references to variables of a type compatible to the accessed variable. Dereferencing a pointer that violates the aliasing rules results in undefined behavior.

    In the case above, the compiler may assume that no access through an integer pointer can change the array a, consisting of shorts. Thus, printf may be called with the original values of a[0] and a[1]. What really happens is up to the compiler and may change with architecture and optimization level.

    Recent versions of GCC turn on the option -fstrict-aliasing (which allows alias-based optimizations) by default with -O2. And some architectures then really print "1111 1111" as result. Without optimization the executable will generate the "expected" output "2222 2222".

    To disable optimizations based on alias-analysis for faulty legacy code, the option -fno-strict-aliasing can be used as a work-around.

    The option -Wstrict-aliasing (which is included in -Wall) warns about some - but not all - cases of violation of aliasing rules when -fstrict-aliasing is active.

    To fix the code above, you can use a union instead of a cast (note that this is a GCC extension which might not work with other compilers):

        #include <stdio.h>

        int main()
        {
          union
          {
            short a[2];
            int i;
          } u;

          u.a[0]=0x1111;
          u.a[1]=0x1111;

          u.i = 0x22222222;

          printf("%x %x\n", u.a[0], u.a[1]);
          return 0;
        }

    Now the result will always be "2222 2222".

    For some more insight into the subject, please have a look at this article.

acguy

thank much.