From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-wm1-x32c.google.com (mail-wm1-x32c.google.com [IPv6:2a00:1450:4864:20::32c]) by sourceware.org (Postfix) with ESMTPS id 2EB113857025 for ; Sat, 3 Jul 2021 15:36:18 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 2EB113857025 Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=jguk.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=jguk.org Received: by mail-wm1-x32c.google.com with SMTP id q18-20020a1ce9120000b02901f259f3a250so8306147wmc.2 for ; Sat, 03 Jul 2021 08:36:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jguk.org; s=google; h=from:subject:to:references:message-id:date:user-agent:mime-version :in-reply-to:content-language:content-transfer-encoding; bh=lE1sQtvSjQSXGj3KIXQcEDJhVB3G6zOtCUfy77foHMY=; b=U/G89SRTC49yXu8GbtXwd0nvqQXpCb3fTVt817ABppsGYBA4necM25mhGXm9vZbhDh cF+ggfFSxDnXzMuHJiQnTBugvZd3aaRV/ipQyS+CvWYUEjYmqxKtPvMm/+m0VTgGl1gU /UIpY6vIZ7D4yPupo+ZAIyf/EtCkEKBpa0kAW3daygQQsJyFxgjnogkU+5JseVjbP4AM ZDAgJiMw+P2MxB+nuozzQZnmc9Z9A5MV13pCy+qNCCaJcdxxVnB9yZ9m7El7hHjt8/Aq QvvD+fWQD8GfDGeETnrkoZF7/lPtEv+cl38xfFF2ylJJOwk/T3QtylSAJTYnNElskPwd IEkA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:subject:to:references:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=lE1sQtvSjQSXGj3KIXQcEDJhVB3G6zOtCUfy77foHMY=; b=LaG+WTPOYmoLihBWjn3ugBgWSAw47EI27hHa8ZAjBcSkxpj3qpT6hAhtPbnbTe44pK 12xy17B55sVPUdF9Axo0KHjZqv2ipP19zk0ebVWSxyDrmGKnUPVA6v3IRZ+UH5fEADHd rvi77Gut2Kv60J7RfE2nZCd3smF/X9ZYNEoNaS+9JIovWCj8giKKBqD0FMqTsggt9ZTm Qj8no7v8pGJbLtmpy/FrJv26Phx41P8WmowRbik6WGT0blH3o7O+dTnY/U2RNs7YpLmk 7F34jyCDP+wXq8mKQv3/vhHyJBMDwPFWHxC5m4a2nrhZSuNkJ9aCvHNTroMZQHvyfcR7 WKfg== X-Gm-Message-State: AOAM533J1jxRXxGKwcMVuiV5F3VDoUm/my6WawGOY7Yow1ZzAgLgt+DF kNcq77ngeOSl5pJbbMuO3g9Wo2pRTYNZ/g== X-Google-Smtp-Source: ABdhPJxFLQO6XkVTL0R1SWhsBydbBxfE8rYDP+Txk3VThT/IpDCLtQUtsCxCa++ZPZ+cS3Ycba/7bw== X-Received: by 2002:a7b:ce82:: with SMTP id q2mr5527336wmj.60.1625326577221; Sat, 03 Jul 2021 08:36:17 -0700 (PDT) Received: from [192.168.0.12] (cpc87345-slou4-2-0-cust172.17-4.cable.virginm.net. [81.101.252.173]) by smtp.gmail.com with ESMTPSA id r18sm7771545wmh.23.2021.07.03.08.36.15 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sat, 03 Jul 2021 08:36:16 -0700 (PDT) From: Jonny Grant Subject: Re: gcc warn when pointers not checked non-null before de-referencing. To: Xi Ruoyao , gcc-help References: <0a9ccbb7-135a-b342-e5cb-35b7c6a44a00@jguk.org> <97eb7315fd136ff8a818925b1704760a856ffe64.camel@mengyan1223.wang> <0770e060-6388-fc27-1178-205b867bfae2@jguk.org> <4dd0f2168668d9d3dd919df6088d0dea4cfe0bb5.camel@mengyan1223.wang> Message-ID: <45a96f3c-5058-e8c4-08f0-d0c62fb27f1c@jguk.org> Date: Sat, 3 Jul 2021 16:36:15 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0 MIME-Version: 1.0 In-Reply-To: <4dd0f2168668d9d3dd919df6088d0dea4cfe0bb5.camel@mengyan1223.wang> Content-Type: text/plain; charset=utf-8 Content-Language: en-GB Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-3.7 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, NICE_REPLY_A, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on server2.sourceware.org X-BeenThere: gcc-help@gcc.gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gcc-help mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 03 Jul 2021 15:36:19 -0000 On 16/06/2021 14:36, Xi Ruoyao wrote: > On Wed, 2021-06-16 at 14:01 +0100, Jonny Grant wrote: > >> Chris Latner also mentioned integer overflow being undefined, that >> crops up too. There's no easy solution right, we need to hand write >> code the checks?  It's human-error prone if we need to manually code >> each check. throwing in C++, or handling in C. >> >> if(N >= INT_MAX) >> { >>     throw std::overflow_error("N >= INT_MAX would overflow in for >> loop"); >> } >> >> for (i = 0; i <= N; ++i) >> { >> // ... >>  } > > For debugging use -fsanitize=undefined. > > And this is buggy anyway, no matter if there is an UB: > > for (unsigned i = 0; i <= N; i++) > make_some_side_effect_without_any_undefined_behavior(i); > > If N may be UINT_MAX, this is not UB, but a dead loop. Programming is > just human-error prone, even if you use "some programming language > claimed to be able to eliminate many human errors" (I'll not say its > name, to prevent a flame war). > Hi Xi Checking the UINT_MAX would at least prevent the continual running of any such buggy loop where it increments right? and the code within the loop does not modify 'i' for (unsigned i = 0; (i <= N) && (i != UINT_MAX); i++) make_some_side_effect_without_any_undefined_behavior(i); Is there any way to have a way to make loop variables like this 'i' const within the body of the loop, to avoid accidental changing of 'i' by the body of the loop Jonny