Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20140430224311.GP26358@brightrain.aerifal.cx>
Date: Wed, 30 Apr 2014 18:43:11 -0400
From: Rich Felker <dalias@...c.org>
To: musl@...ts.openwall.com
Cc: Pawel Dziepak <pdziepak@...rnos.org>
Subject: Re: [PATCH] add definition of max_align_t to stddef.h

On Wed, Apr 30, 2014 at 11:42:51PM +0200, Szabolcs Nagy wrote:
> * Pawel Dziepak <pdziepak@...rnos.org> [2014-04-30 22:23:01 +0200]:
> >  
> > +TYPEDEF union { long double ld; long long ll; } max_align_t;
> 
> this is wrong
> 
> - ld and ll identifiers are not reserved for the implementation
> (you could name them _ld, _ll or __ld, __ll etc)

It's also not clear to me why this should go in alltypes.h. Unless it
needs to be arch-specific, it could go directly in stddef.h.

> and see previous max_align_t discussion
> http://www.openwall.com/lists/musl/2014/04/28/8
> 
> - compiler implementations are non-conforming on some platforms
> (_Alignof returns inconsistent results for the same object type so
> reasoning about alignments is problematic, there are exceptions
> where this is allowed in c++11 but not in c11)

Is there a bug filed against gcc yet?

> - max_align_t is part of the abi and your solution is incompatible
> with gcc and clang (your definition gives 4 byte _Alignof(max_align_t)
> on i386 instead of 8)

This is probably not very important, but I agree it's desirable to be
consistent.

> there is probably not much choice and musl will have to copy the
> silly definition used in gcc/clang making max_align_t not very
> useful (it does not reflect malloc alignment supported by the libc
> nor the object alignments supported by the compiler)

 The definition of max_align_t is very confusing:

    "an object type whose alignment is as great as is supported by the
    implementation in all contexts"

But as far as I can tell, malloc has nothing to do with max_align_t;
the latter only pertains to observable behavior, and the alignment
malloc produces is not observable. The fact that our malloc produces
addresses which are multiples of 16 (or 32) as an implementation
detail does not mean that alignments up to 16 (or 32) are "supported
by the implementation" in this context; they just happen to work. As
its public interface contract, malloc only guarantees sufficient
alignment for types not produced with _Alignas (or similar GNU C
attribute usage).

Morally, max_align_t should be an object whose alignment requirement
is equal to the max alignment requirement for all types that don't
involve _Alignas.

Rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.