On Wed, 2015-11-04 at 15:46 +0000, Ian Jackson wrote:
> Ian Campbell writes ("Re: [Xen-devel] [PATCH 4/4] xen/public: arm: rework
> the macro set_xen_guest_handle_raw"):
> > The writer via one is the guest and reader via the other is the
> > hypervisor,
> > so no matter what they are certainly different compilation units, even
> > in
> > the face of whole program optimisations.
>
> The question of them being different `compilation units' (YM
> translation units) is irrelevant I think.
>
> > The concerning issue is that if the compiler can observe you writing to
> > both halves of the union then it can either omit the first write or
> > dive
> > off into deep undefined behaviour territory.
>
> If the compiler can see you write to p, it is allowed to assume that
> all subsequent readers will read the object as typeof(p). Reading
> typeof(p) does not read the padding. Therefore the compiler is
> allowed to `prove' that the padding is a dead store, and remove the
> write to the padding.
>
> This applies even if the compiler can't see the code which is doing
> the reading.
Ah, yes :-(
Ian.
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
