Another thing I forgot about Power Tools analogy. *Very* easy to understand safety guide. C expert fail internalize C safe programming rules
You can't have aliasing UB if you never cast pointers or use implicit void* conversions. Never cast pointers is basically rule #1.
-
-
Um… You can't have a UB if you never use C, but not sure it's possible to avoid it across large code base, what about inheritance,virt func?
-
Talking about C not C++ here, and specifically aliasing UB. It's one of the easier types of UB to fully preclude.
-
I was talking about C as well, I meant inheritance like in the kernel. struct A { struct Parent p; }, ditto vf struct f_ops { fun_ptr p; }.
-
Yeah, I consider it an argument for not doing that. Linux kernel is basically a tutorial on how not to write C. :-)
-
How else would you implement inheritance?
-
Indeed, there's essentially no way without either round trip (unchanged type tho) through void* or container_of type tricks.
-
Structure to how you do it can limit risk of mistakes, but avoiding gratuitous OOP-like design in favor of more static code is better IMO.
-
Can any large project avoid any OOP altogether? I'm not sure. And in practice most don't. Point is modern language enables that safely.
End of conversation
New conversation -
-
-
Applied literally, this rule precludes dynamic allocation, not to mention any kind of qsort-like genericity. It's a very restricted sublang.
-
Indeed. The obvious relaxation is to allow void* round trips only where you can show clearly that RT type is preserved.
-
This can be done in a trivial but awful way by tagging your void*'s with type names/ids & runtime comparing them when converting back.
End of conversation
New conversation -
-
-
Recursion is likewise always a bug, perhaps acceptable if bounded by log(n) but still bad style.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
The only things people should be allowed to cast are hexes and spells.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.