Undefined Behaviour as usual

Posted Feb 24, 2024 21:22 UTC (Sat) by jrtc27 (subscriber, #107748)
In reply to: Undefined Behaviour as usual by adobriyan
Parent article: Stenberg: DISPUTED, not REJECTED

On a system with 4K pages, you have a 1 in 4096 chance that the OOB access is on a different page and thus *could* even generate a page fault. Let alone the fact that in a large program there will very likely be something on the next page anyway and so you still wouldn't get a page fault.

Undefined Behaviour as usual

Posted Feb 25, 2024 7:03 UTC (Sun) by adobriyan (subscriber, #30858) [Link] (1 responses)

Yes pagefault is not reliable test but so what.

Again, if compiler can 100% prove UB access it should refuse to compile.

If UB access cannot be proven then it should shut up and emit access on the grounds that maybe, just maybe, it doesn't know something.

Linus(?) once made an example that future very powerful gcc 42 LTOing whole kernel may observe that kernel never sets PTE dirty bit
and helpfully optimise away all reads of said bit. Which, of course, will break everything.

Undefined Behaviour as usual

Posted Feb 25, 2024 8:36 UTC (Sun) by mb (subscriber, #50428) [Link]

> Again, if compiler can 100% prove UB access it should refuse to compile.

A compiler cannot at the same time assume UB doesn't exist and refuse to compile if it does exist.

You have to decide on a subset of UB that you want to abort instead of assuming it doesn't exist.
Which kind of defeats the purpose of UB then. It's defined behavior then.

We *do* have languages that have a proper language subset without UB. Just use them.