> Are you sure that problem is in cast ?
>
> $ cat test.c
> main() {
> int j=2;
> double *d=(double*)&j;
> *d=1.0;
> printf("%d %e\n", j, *d);
> printf("%d %e\n", j, *d);
> }
> gcc -O2 test.c && ./a.out
> 2 1.000000e+00
> 0 1.000000e+00
>
> Same result in case with line "double *d=&j;" (but expected warning:
> initialization from incompatible pointer type) and "double
> *d=(double*)(void*)&j;"


No, the problem is not in the cast. The problem is that the cast doesn't
save you when you think it does. Without the cast, you are equally screwed,
it's just that it's obvious you deserve it in that case.

> It seem to me that all examples by David show noting related to the casts.
> They only show problem by gcc -O2 .


The problem is that the casts don't do what people think they do and that
GCC assumes code obeys the standard.

With or without the cast, the compiler has every right to assume that a
modification to the thing a 'double *' points to won't change the value of
an integer. The exception would be code that uses the specifically allowed
aliasing techniques, such as unions and pointers to characters.

It's just that compilers haven't previously been smart enough to make these
kinds of optimizations. Now they are, so we'll have to either follow the
standard or disable the optimizations. Which option is a judgment call. I
generally try to do both out of abundance of caution.

The argument is that code that does this is rare enough and the
optimizations valuable enough that it's worth making everyone fix their code
to follow the aliasing rules. The counter-argument is that experts don't
agree on what the aliasing rules *are*, so how are mere mortals supposed to
follow them?

This is separate from the issue of calling a function with an incompatible
pointer type, which is also a violation of the standard.

There may be problems with newer versions of GCC even for code that complies
with all the parameter passing and aliasing rules, but I haven't seen it.
Does anyone know if turning off strict aliasing and changing the functions
to take 'char *'s solves the problem?

I might be able to run some tests myself in a few hours.

DS


__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majordomo@openssl.org