|
|
Subscribe / Log in / New account

OpenSSH and the dangers of unused code

OpenSSH and the dangers of unused code

Posted Jan 29, 2016 21:05 UTC (Fri) by wahern (subscriber, #37304)
In reply to: OpenSSH and the dangers of unused code by warrax
Parent article: OpenSSH and the dangers of unused code

Here's an excerpt from C11 (draft n1570). Elsewhere the standard says that an object's lifetime ends after a call to free (or realloc). See 6.2.4p2. You then have to rely on the definition (3.4.3p1) and application of undefined behavior to say that any side-effect is unobservable after the object's lifetime has ceased.

It's noteworthy that the last line, "[t]his is the observable behavior of the program", was absent from C99. You're still left to connect the dots about what observable behavior means in relationship to side-effects and, thus, allowable optimizations. Nowhere else is "observable behavior" explicitly mentioned except in the section on atomics, though that fact alone is suggestive of both the intended meaning as well as reasons why the language is so terse and circumspect in this respect. 

5.1.2.3 Program execution

1 The semantic descriptions in this International Standard describe the behavior of an
abstract machine in which issues of optimization are irrelevant.

2 Accessing a volatile object, modifying an object, modifying a file, or calling a function
that does any of those operations are all side effects, which are changes in the state of
the execution environment. Evaluation of an expression in general includes both value
computations and initiation of side effects. Value computation for an lvalue expression
includes determining the identity of the designated object.

...

4 In the abstract machine, all expressions are evaluated as specified by the semantics. An
actual implementation need not evaluate part of an expression if it can deduce that its
value is not used and that no needed side effects are produced (including any caused by
calling a function or accessing a volatile object).

...

6 The least requirements on a conforming implementation are:

-- Accesses to volatile objects are evaluated strictly according to the rules of the abstract
   machine.
-- At program termination, all data written into files shall be identical to the result that
   execution of the program according to the abstract semantics would have produced.
-- The input and output dynamics of interactive devices shall take place as specified in
   7.21.3. The intent of these requirements is that unbuffered or line-buffered output
   appear as soon as possible, to ensure that prompting messages actually appear prior to
   a program waiting for input.

This is the observable behavior of the program.

to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds