Re: UDB and pointer increments and decrements
- From: Eric Sosman <Eric.Sosman@xxxxxxx>
- Date: Tue, 23 Sep 2008 14:45:39 -0400
Richard wrote:
I'm still battling with this causing UDB:
while(e-- > s);
if s points to the start of a string and e becomes less than s then e is
not really pointing to defined char. Fine.
But UDB?
Yes. 6.5.6p8, penultimate sentence.
Yes, e has an UDV (undefined value) but would this really cause a
program to misbehave? In any platfrom? Remember this value of e is never
used again in this case.
The "UDV" need not even exist. Undefined behavior is not limited
to generating an indeterminate value.
I ask because theoretically s can be pointing to the middle of a bigger
string. We then call a function with s as a parameter.
No problem. Decrementing a pointer to the first element of this
string is then well-defined, because the result points to an extant
element of the larger array.
The function called can have no idea that s is the pointer to a middle
string. therefore it can have no idea how to "do undefined things" when
e is decremented past the start of s. e and s are strictly char *s. It
would be so "not C" if the compiler generated code to check the contents
pointed to do determine the range of the object to the middle of which s
points. I mean then we may as well have array limits and exceptions
built into the language.
It's not clear what you're getting at, or why you think any
checking is necessary or implied. One of the reasons the Standard
leaves things undefined is to *relieve* implementations of the burden
of checking for errors. The benefit is that the generated code can
be simpler and faster (dramatically so, in some cases), and the
penalty is that there's no way to guarantee what happens when an
error goes undetected.
The Standard *could* have required that the implementation detect
out-of-range pointer use and raise SIGSLOPPY, but that's the "so not C"
philosophy that you mention. Instead, the Standard says "Try to
generate an out-of-range pointers and all bets are off; I wash my hands
of you and refuse to make any promises about what will or won't happen.
Hasta la vista, baby." That's what "undefined behavior" means.
I'm not being difficult here. Explain how this works. My problem (and I
admit its a problem) is that i feel too much of C is being elevated to
an almost ADA type status and (in this group) C is losing that "down and
dirty and efficient" feeling which it is famous for.
Portability is one of many aspects a program can have, in greater
or lesser degree. It is seldom if ever the only important aspect, nor
even at the front of the line. Sometimes portability is compromised
for a good reason, and I don't think you'll find anyone who says
otherwise.
But when portability is sacrificed for no reason, out of ignorance
("Right-shifting always propagates the sign bit"), or out of laziness
("It's easier to write `2' than `sizeof(int)'"), or out of sloppiness
("Don't worry where the pointer points; we'll only use it if it's OK"),
or even out of arrogance ("All systems are just like mine"), then it's
worth pointing out the sacrifice and suggesting safer alternatives.
It's also worth noting that "efficient" is not an antonym of
"portable" and not a synonym of "dirty."
--
Eric.Sosman@xxxxxxx
.
- References:
- UDB and pointer increments and decrements
- From: Richard
- UDB and pointer increments and decrements
- Prev by Date: Re: Question about a cast
- Next by Date: Re: Good Tutorials
- Previous by thread: Re: UDB and pointer increments and decrements
- Next by thread: Re: UDB and pointer increments and decrements
- Index(es):
Relevant Pages
|
