yeah, there are several UBs that are hard to eliminate without changing these languages beyond recognition. this ship sailed long ago. we should focus on new languages but also on C/C++ dialects that don't aim for full back compatibility.
-
-
Replying to @johnregehr @samth
I don’t think that’s right. The signed math UBs and strict aliasing are just dumb. You don’t need to replace the language to fix those.
3 replies 0 retweets 1 like -
I'm more talking about things like use of dead stack slots and to a much lesser extent, use of uninitialized storage
1 reply 0 retweets 0 likes -
since probably >95% of code suffers a negligible performance penalty if you just zero all allocations
4 replies 0 retweets 0 likes -
Replying to @johnregehr @samth
Sounds like you’re saying that this is another UB that is trivial to fix by just specifying that variables get zero-initialized.
1 reply 0 retweets 1 like -
for most code, yes, but as Sam said it's the UAFs and OOBs that are hard to define sensibly without changing the language too much
1 reply 0 retweets 0 likes -
Replying to @johnregehr @samth
OOB and UAF means you write to some other object or trap. Seems easy to specify to me.
2 replies 0 retweets 0 likes -
Writing to "some other object" can have arbitrarily bad effects (full UB) unless you require that freed memory never be usable internally by the implementation (including as heap bookkeeping).
1 reply 0 retweets 1 like -
If the malloc is written in C (it is), then there's no problem: the C standard's claim that "any byte in any object would be overwritten by OOB" would capture the effect on malloc.
1 reply 0 retweets 0 likes -
It's not. It's defined formally as part of the language. Typical C implementations would not be permissible under your proposal.
2 replies 0 retweets 0 likes
If you want to throw that formality out and treat all the standard interfaces as implemented in C without constraints that they honor your restrictions on UB, then your restrictions really do nothing.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.