From mboxrd@z Thu Jan  1 00:00:00 1970
Authentication-Results: mx.groups.io;
 dkim=missing; spf=pass (domain: redhat.com, ip: 209.132.183.28, mailfrom: lersek@redhat.com)
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28])
 by groups.io with SMTP; Thu, 18 Apr 2019 16:12:56 -0700
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id C2474C02490F;
	Thu, 18 Apr 2019 23:12:55 +0000 (UTC)
Received: from lacos-laptop-7.usersys.redhat.com (ovpn-120-179.rdu2.redhat.com [10.10.120.179])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 9271F60BE2;
	Thu, 18 Apr 2019 23:12:54 +0000 (UTC)
Subject: Re: [edk2-devel] [PATCH 04/10] MdePkg/PiFirmwareFile: fix undefined behavior in FFS_FILE_SIZE
From: "Laszlo Ersek" <lersek@redhat.com>
To: Andrew Fish <afish@apple.com>, devel@edk2.groups.io,
 Mike Kinney <michael.d.kinney@intel.com>
Cc: "Gao, Liming" <liming.gao@intel.com>
Reply-To: devel@edk2.groups.io, lersek@redhat.com
References: <20190412233128.4756-1-lersek@redhat.com>
 <20190412233128.4756-5-lersek@redhat.com>
 <E92EE9817A31E24EB0585FDF735412F5B9C9A45F@ORSMSX113.amr.corp.intel.com>
 <6FA88780-622D-4788-BDF8-6C807D85D9D1@apple.com>
 <fdfb259c-9293-2bcd-300b-92b5741ba8c0@redhat.com>
Message-ID: <dd2d0205-2556-af07-e0e9-bcddef82d545@redhat.com>
Date: Fri, 19 Apr 2019 01:12:53 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.9.1
MIME-Version: 1.0
In-Reply-To: <fdfb259c-9293-2bcd-300b-92b5741ba8c0@redhat.com>
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]); Thu, 18 Apr 2019 23:12:55 +0000 (UTC)
Content-Type: text/plain; charset=windows-1252
Content-Language: en-US
Content-Transfer-Encoding: 7bit

On 04/18/19 10:45, Laszlo Ersek wrote:

> Beyond that, I checked the documentation of "-fstrict-aliasing" in the
> gcc manual at
> <https://gcc.gnu.org/onlinedocs/gcc-8.3.0/gcc/Optimize-Options.html>. It
> provides several examples; one of them is:
> 
>> Similarly, access by taking the address, casting the resulting pointer
>> and dereferencing the result has undefined behavior, even if the cast
>> uses a union type, e.g.:
>>
>> union a_union {
>>   int i;
>>   double d;
>> };
>>
>> int f() {
>>   double d = 3.0;
>>   return ((union a_union *) &d)->i;
>> }
> 
> I think the access in this example is well defined (I seem able to
> deduce it using the effective type rules), and so I consider this a bug
> in the gcc docs. I reached out to someone in the toolchain team at Red
> Hat to confirm or disprove.

I was told to file an upstream GCC BZ about this, in order to reach a
wider circle of experts. In case someone from edk2-devel would like to
monitor that BZ:

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90167

Thanks,
Laszlo