you could get the equivalent of ubsan's bug-finding power using basically a "use strict"; for C
-
-
Replying to @whitequark
Then I think you're wrong. The behavior being undefined, or at least unspecified, is what gives you that choice.
1 reply 0 retweets 0 likes -
Replying to @RichFelker @whitequark
If it's well-defined, then programs doing it are valid, have specified behavior, and impls must match that behavior.
1 reply 0 retweets 0 likes -
Replying to @RichFelker @whitequark
And if the mandated behavior is trapping/aborting, you need very expensive runtime checks all over.
1 reply 0 retweets 0 likes -
Replying to @RichFelker @whitequark
Checking for OOB accesses, aliasing errors, double free, etc. with full accuracy is NOT easy or cheap.
3 replies 0 retweets 0 likes -
-
Replying to @whitequark
UB _is_ the formal model for permitting both. Are you just objecting to the name "UB"?
1 reply 0 retweets 1 like -
Replying to @RichFelker
nope. UB permits *more* than these two. I want to permit *exactly* these two.
1 reply 0 retweets 0 likes -
Replying to @whitequark @RichFelker
an implementation can *either* define the behavior to [something sensible] *or* make it a trap while being conformant.
2 replies 0 retweets 0 likes -
Replying to @whitequark
That's a useless degree of freedom. The "or [something sensible]" is insanely expensive just like the trap.
2 replies 0 retweets 0 likes
Double free is fundamentally not detectable without never-reusing-addresses. No way to give sane behavior.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.