Author: Eugene Nalimov
Date: 14:59:46 12/19/02
Go up one level in this thread
The following is part of the ANSI/ISO C++ Standard (section 3.10, clause 15):
If a program attempts to access the stored value of an object through an lvalue
of other than one of the following type the behavior is undefined (footnote: the
intent of this list is to specify those circumstances in which an object may or
may not be aliased)
-- the dynamic type of the object,
-- a cv-qualified version of the dynamic type of the object,
-- a type that is the signed or unsigned type corresponding to the dynamic type
of the object,
-- a type that is signed or unsigned type corresponding to a cv-qualified
version of the dynamic type of the object,
-- an aggregate or union type that includes one of the aforementioned types
among its members (incl., recursively, a member of a subaggregate or contained
union),
-- a type that is a (possibly cv-qualified) base class type of the dynamic type
of the object,
-- a char or unsigned char type.
I don't have C standard nearby, but it contains something similar.
Unfortunately, lot of real-world C/C++ code violate that part of the standard.
For example, it often assume that if (sizeof(x) == sizeof(y)) you can write
something like
x xVal;
y* py;
xVal = *(x*)py;
...
*(x*)py = yVal;
and *(py) will contain its initial value.
Or here is another example from real-world code:
void copy (long *plSrc, short *psDst)
{
int i;
long lTemp;
short *psSrc;
assert (sizeof(long) % sizeof (short) == 0);
lTemp = *plSrc;
psSrc = (short*)&lTemp;
for (i=0; i < sizeof(long)/sizeof(short); i++)
psDst[i] = psSrc[i];
}
Author used sizeof() and assert(), and was absolutely sure the program is 100%
portable on all systems he cared about (i.e. where short is 16 or 32 bits, long
is 32 or 64 bits). Of course it violates mentioned part of the standard, so
according to the standard the code is broken.
If compiler will strictly implement C/C++ aliasing rules it can generate
significally faster code for some benhmarks, but lot of programs will not work
being compiled with that compiler. Of course you can always say "The program
violates the standard", but when the customer has the choice -- try to find such
bugs in 30,000,000 lines of heavily multithreaded code, or use the compiler that
generates 10% slower code for the usual benchmarks, but will generate expected
code for such application -- how do you think, what compiler will be used?
Another examples? My own experience (from the last 2 weeks only):
(1) Huge program assumed that return value of wcscmp() is -1, 0, or +1, because
that was so on all the systems where program was ported till that moment. It is
not so on the new system (it took several person-days to figure the problem),
and after lot of discussion it was decided it's easier to change implementation
of wcscmp() than to check how each result of wcscmp() is used.
(2) Compiler assumed that constructors for all C++ global objects are executed
*before* any other user's code can be executed, and performed some optimizations
based on that. Of course user wrote his own version of startup code that first
executed some his code and only than called constructors, and used that code
instead of shipped startup code.
Thanks,
Eugene
On December 19, 2002 at 16:59:04, Dieter Buerssner wrote:
>On December 19, 2002 at 13:11:12, Robert Hyatt wrote:
>
>>If you do unsafe aliasing and such, it might have a problem, but nobody here
>>writes that kind of code...
>
>I wonder, what you mean by "unsafe aliasing". That pointers can alias each other
>is part of the C-language. If you write a memmove-alike yourself, it could very
>likely include, what you call unsafe aliasing. Compiler optimization switches
>that "assume no alias" may break the code. Of course, many functions cannot
>handle aliases by design (for example straight forward code for vector
>multiplication like cross_product(double *a, double *b, double *result) will not
>work when called like cross_product(a, b, b); With other algorithms, it can be
>more subtle).
>
>Regards,
>Dieter
This page took 0 seconds to execute
Last modified: Thu, 15 Apr 21 08:11:13 -0700
Current Computer Chess Club Forums at Talkchess. This site by Sean Mintz.