Assert and undefined behavior
Timon Gehr
timon.gehr at gmx.ch
Sun Oct 15 06:59:44 UTC 2017
On 14.10.2017 23:36, kdevel wrote:
> On Saturday, 14 October 2017 at 09:32:32 UTC, Timon Gehr wrote:
>> Also, UB can and does sometimes mean that the program can execute
>> arbitrary code. It's called "arbitrary code execution":
>> https://en.wikipedia.org/wiki/Arbitrary_code_execution
>
> This confuses different levels of reasoning.
It's a correct statement about the semantics of programs produced from
sources with UB by standard-compliant compilers.
> In C/C++ "undefined
> behavior" is a property of the SOURCE code with respect to the
> specification. It states: The spec does not not apply, it does not
> define the semantic.
> ...
I.e., the semantics of a program produced by a conforming compiler can
be arbitrary.
> This issue is totally different from the question what a given program
> containing undefined behavior actually does after is compiles and the
> after the linker produces an executable. This is reasoning about
> generated MACHINE code.
> ...
Sure. This is very much intentional. The current subthread is about what
kind of programs the compiler might produce (in practice) if the
provided source code contains UB. The claim I was refuting was that the
produced program cannot have branching and other behaviors not specified
in the source.
> A result of this confusion has been that some clever people tried to
> "detect" certain kinds of undefined behavior "after" they "happended".
> E.g. <https://gcc.gnu.org/bugzilla/show_bug.cgi?id=30475> This is the
> danger of undefined behavior: The MACHINE code may also work as the
> programmer expected. At least for some time.
>
>
I'm not confused about this at all.
More information about the Digitalmars-d-learn
mailing list