Article <86jzfmktj2.fsf@linuxsc.com>

Warning: mysqli::__construct(): (HY000/1203): User howardkn already has more than 'max_user_connections' active connections in D:\Inetpub\vhosts\howardknight.net\al.howardknight.net\includes\artfuncs.php on line 21
Failed to connect to MySQL: (1203) User howardkn already has more than 'max_user_connections' active connections
Warning: mysqli::query(): Couldn't fetch mysqli in D:\Inetpub\vhosts\howardknight.net\al.howardknight.net\index.php on line 66
Article <86jzfmktj2.fsf@linuxsc.com>

Deutsch English Français Italiano

<86jzfmktj2.fsf@linuxsc.com>

View for Bookmarking (what is this?)
Look up another Usenet article

Path: ...!3.eu.feeder.erje.net!feeder.erje.net!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: Tim Rentsch <tr.17687@z991.linuxsc.com>
Newsgroups: comp.arch
Subject: Re: Computer architects leaving Intel...
Date: Sun, 08 Sep 2024 09:19:13 -0700
Organization: A noiseless patient Spider
Lines: 62
Message-ID: <86jzfmktj2.fsf@linuxsc.com>
References: <2024Aug30.161204@mips.complang.tuwien.ac.at> <memo.20240830164247.19028y@jgd.cix.co.uk> <vasruo$id3b$1@dont-email.me> <2024Aug30.195831@mips.complang.tuwien.ac.at> <vat5ap$jthk$2@dont-email.me> <vaunhb$vckc$1@dont-email.me> <vautmu$vr5r$1@dont-email.me> <2024Aug31.170347@mips.complang.tuwien.ac.at> <vavpnh$13tj0$2@dont-email.me> <vb2hir$1ju7q$1@dont-email.me> <8lcadjhnlcj5se1hrmo232viiccjk5alu4@4ax.com> <vb3k0m$1rth7$1@dont-email.me> <17d615c6a9e70e9fabe1721c55cfa176@www.novabbs.org> <86v7zep35n.fsf@linuxsc.com> <20240902180903.000035ee@yahoo.com> <86r0a2otte.fsf@linuxsc.com> <vb50cm$2uttr$1@dont-email.me> <86ed61pfus.fsf@linuxsc.com> <vb68c2$3833i$1@dont-email.me> <vb6g9d$396lj$1@dont-email.me> <ljp1kvFdbt2U1@mid.individual.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Injection-Date: Sun, 08 Sep 2024 18:19:15 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="f4e3787f228c748b74e6d718e0ca7324";
	logging-data="2096196"; mail-complaints-to="abuse@eternal-september.org";	posting-account="U2FsdGVkX1/uomnpGM8uJuyRwf2zP2rN7qQe0EoIkQ0="
User-Agent: Gnus/5.11 (Gnus v5.11) Emacs/22.4 (gnu/linux)
Cancel-Lock: sha1:EidDVX+eNBOFLPxOOtj+o0rVenE=
	sha1:Gok3SVphdYtPa2w6xO0jc6RsUTE=
Bytes: 4796

Niklas Holsti <niklas.holsti@tidorum.invalid> writes:

> On 2024-09-03 11:10, David Brown wrote:
>
>    [snip]
>
>> (There are a few situations where UB in C could be diagnosed at
>> compile-time, which are probably historical decisions to avoid
>> imposing too much work on early compilers.  Where possible, UB that
>> can be caught at compile time, could usefully be turned into
>> constrain violations that must be diagnosed.)

A thoughtless, knee-jerk reaction, ending in a wrongheaded
conclusion.

> The problem, as you of course know, is that the "can" in "can be
> caught at compile time" depends on the amount and kind of analysis
> that is done at compile time -- some cases of UB "can" be caught at
> compile time but only by advanced and costly analysis.  If the language
> standard requires that such things /must/ be detected by the compiler,
> it can place quite a burden on the developers of conforming compilers.

That is one problem.

> As I understand it, current C compilers detect UB mostly as a side
> effect of the analyses they do for code optimization purposes, which
> vary widely between compilers, and so the UB-detections also vary.

There are different kinds of undefined behavior;  some are easy
to detect, others require more extensive analysis.  In the second
category the analysis usually is approximate rather than exact;
false positive cases need to be weighed against false negative
cases, looking for the right balance, and very often it happens
that neither of those is zero.  Obviously any requirement that a
mandatory diagnostic be issued should have no false positives,
which often means doing a different analysis.  More work.

Another problem is that just the act of specifying the condition under
which a diagnostic is required means a lot of work and a non-trivial
amount of additional text needed in the C standard.  If someone is
interested to investigate this a good place to start is the Java
standard, where there are specific rules for deciding if variables are
all initialized before any use.  Alternatively look in the C standard
at the formal definition of 'restrict'.  Besides being hard to write,
both of these are quite difficult to read and understand.  Even more
of those?  No thanks.

Let me add, it is not always a good idea to require a diagnostic in
cases even when it is 100% certain that there is undefined behavior.
Unfortunately it seems there are a fair number of people who don't
get this.

> This issue (compile-time detection) has now and then been discussed in
> the Ada standards group.  Given the currently low market penetration of
> Ada, the group has been reluctant to require too much of the
> compilers, and so the more advanced UB-detecting tools are
> stand-alone, such as the SPARK tools.

I'm all in favor of static analysis.  And I don't mind if compilers do
it (selectively), instead of or in addition to stand-alone tools.  But
there is a huge chasm between saying compilers /can/ do it and saying
compilers /must/ do it.  Crossing that chasm is a bridge too far.