This is the mail archive of the gcc@gcc.gnu.org mailing list for the GCC project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: US-CERT Vulnerability Note VU#162289

Robert Dewar wrote:
Paul Koning wrote:

That said, it certainly is helpful if the compiler can detect some
undefined actions and warn about them. But that doesn't create a duty
to warn about all of them.

If it were reasonable to require a compiler to generate a warning
for a particular case, the standard would have made it an error.
The whole point in allowing undefined behavior is that in certain
cases, it is too onerous for a compiler to be required to detect
the undefined behavior, so it is not required to do so.
I recall something in the Ada LRM that a conforming
Ada program did not depend on undefined or implementation
dependent behavior.  The example I remember being
used to explain it to me was a program depending upon
the precise order of tasks executing.  That can obviously
vary based upon interrupts, CPU speed, time slice
quantum and a number of tasking implementation decisions.

When you talk undefined, the program is questionable
at best.  I like the Ada LRM because it tries to be very
clean about this in a way that a programmer can understand
and try to do the right thing.

--
Joel Sherrill, Ph.D.             Director of Research & Development
joel.sherrill@OARcorp.com        On-Line Applications Research
Ask me about RTEMS: a free RTOS  Huntsville AL 35805
  Support Available             (256) 722-9985


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]