From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 70742 invoked by alias); 19 Sep 2015 09:09:02 -0000 Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Id: List-Archive: List-Post: List-Help: Sender: gcc-patches-owner@gcc.gnu.org Received: (qmail 70725 invoked by uid 89); 19 Sep 2015 09:09:00 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-1.3 required=5.0 tests=AWL,BAYES_20,FREEMAIL_FROM,RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=ham version=3.3.2 X-Spam-User: qpsmtpd, 2 recipients X-HELO: mail-yk0-f170.google.com Received: from mail-yk0-f170.google.com (HELO mail-yk0-f170.google.com) (209.85.160.170) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with (AES128-GCM-SHA256 encrypted) ESMTPS; Sat, 19 Sep 2015 09:08:59 +0000 Received: by ykdg206 with SMTP id g206so66409504ykd.1; Sat, 19 Sep 2015 02:08:57 -0700 (PDT) MIME-Version: 1.0 X-Received: by 10.129.80.215 with SMTP id e206mr511855ywb.61.1442653737578; Sat, 19 Sep 2015 02:08:57 -0700 (PDT) Received: by 10.37.207.208 with HTTP; Sat, 19 Sep 2015 02:08:57 -0700 (PDT) In-Reply-To: References: <55F71189.8080006@gmail.com> <20150914195038.GQ2631@redhat.com> <55F9C4F6.6030706@gmail.com> <20150916202953.GE2631@redhat.com> Date: Sat, 19 Sep 2015 09:12:00 -0000 Message-ID: Subject: Re: vector lightweight debug mode From: Jonathan Wakely To: Christopher Jefferson Cc: =?UTF-8?Q?Fran=C3=A7ois_Dumont?= , "libstdc++@gcc.gnu.org" , gcc-patches Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-SW-Source: 2015-09/txt/msg01473.txt.bz2 On 17 September 2015 at 21:52, Christopher Jefferson wrote: > ---------- Forwarded message ---------- > From: Christopher Jefferson > Date: 17 September 2015 at 18:59 > Subject: Re: vector lightweight debug mode > To: Jonathan Wakely > > > On 16 September 2015 at 21:29, Jonathan Wakely wrote: >> On 16/09/15 21:37 +0200, Fran=C3=A7ois Dumont wrote: >> >>>>> @@ -1051,6 +1071,7 @@ _GLIBCXX_BEGIN_NAMESPACE_CONTAINER >>>>> iterator >>>>> insert(const_iterator __position, size_type __n, const >>>>> value_type& __x) >>>>> { >>>>> + __glibcxx_assert(__position >=3D cbegin() && __position <=3D cen= d()); >>>>> difference_type __offset =3D __position - cbegin(); >>>>> _M_fill_insert(begin() + __offset, __n, __x); >>>>> return begin() + __offset; >>>> >>>> >>>> This is undefined behaviour, so I'd rather not add this check (I know >>>> it's on the google branch, but it's still undefined behaviour). >>> >>> >>> Why ? Because of the >=3D operator usage ? Is the attached patch better= ? >>> < and =3D=3D operators are well defined for a random access iterator, n= o ? >> >> >> No, because it is undefined to compare iterators that belong to >> different containers, or to compare pointers that point to different >> arrays. > > While that's true, on the other hand it's defined behaviour when the > assert passes, and in the case where the thing it's trying to check > fails, we are off into undefined-land anyway. > > A defined check would be to check if __offset is < 0 or > size(). Once > again if it's false we are undefined, but the assert line itself is > then defined behaviour. That's a good point, but it still means an optimiser could remove the checks, because it is impossible for them to fail in a correct program. That would be no worse than not having the checks at all, but it could make them unreliable.