This is the mail archive of the
mailing list for the GCC project.
Re: Request for a C++ warning for undefined behaviour
- From: skaller <skaller at ozemail dot com dot au>
- To: Michael Matz <matz at suse dot de>
- Cc: gcc at gcc dot gnu dot org, Mark Mitchell <mark at codesourcery dot com>
- Date: 13 Aug 2003 23:59:25 +1000
- Subject: Re: Request for a C++ warning for undefined behaviour
- References: <Pine.LNX.firstname.lastname@example.org>
- Reply-to: skaller at ozemail dot com dot au
On Wed, 2003-08-13 at 22:40, Michael Matz wrote:
> On 13 Aug 2003, skaller wrote:
> > The code exhibited appears quite perverted to me ..
> It's a constructed example.
I'm aware of that. You said so. I can read.
I didn't say the code was contrived, I said
it was perverted. In particular, calculating
values in mem-initialises is perverted.
Just don't do it. The example you gave clearly
indicates that the code does this in multiple
places -- otherwise you would have spotted the fault
in a few minutes because it looked different.
> Okay, so with your all-singing-all-dancing design you'll never see the
> hypothetical error message. Good. What are you arguing then exactly?
I'm suggesting that perhaps it isn't worth the effort
of detecting the error, because it can only occur in
poorly designed code in the first place.
However that's only a suggestion. If its easy to write a patch
that does the detection, there is a switch to control it,
and it isn't on by default, then its probably reasonable to
have the warning available.
I'd have thought that detecting this fault was a bit more difficult
than you indicate though, but I'm only guessing.
There is also a risk of becoming dependent on 'lack of warnings'
to indicate a certain class of error cannot occur, so that if
a diagnostic doesn't detect all cases of a particular class,
it may have a downside. I personally don't put much weight
on that though -- I'd rather have the warning available if
it is cheap to provide.