Date: Wed, 29 May 2013 12:00:57 -0700
On 5/29/13, Gabriel Dos Reis <gdr_at_[hidden]> wrote:
> We need a set of general guidelines for SG12 (and possibly for
> the Core Working Group) to apply when proposing resolutions.
> I welcome suggestions in that regard.
The goal is to help programmers reduce bugs. A bug arises when the
program does not meet the programmer's intent. Compilers cannot tell
whether or not the code meets the programmer's intent. They can only
tell whether or not the program makes sense. If every operation
is well-defined, then all programs make sense, and the compiler
cannot provide any diagnostic services.
We need to be clear when we think programs are "senseless". We have
already done so with signed integer overflow, and I'm sure this
study group will define many more.
We also need to define the consequences of senseless behavior.
In many cases, the consequences may be unbounded, which we currently
call undefined behavior. In other cases, we may limit the actions
possible for senseless behavior. For instance, we may require the
implementation to call a no-return handler.
In either event, we must give compilers lattitude to emit diagnostics
at compile time, at link-time or at run-time. Much of this behavior
well likely be driven by compiler flags. However, in some cases,
performance is inconsistent with diagnostics and we must admit
unbounded consequences. However, unbounded consequences in the
language definition does not necessarily imply unbounded consequences
in the compilers. Compilers and programmers need the freedom to
detect and react to senseless behavior in a manner appropriate to
the application.
> We need a set of general guidelines for SG12 (and possibly for
> the Core Working Group) to apply when proposing resolutions.
> I welcome suggestions in that regard.
The goal is to help programmers reduce bugs. A bug arises when the
program does not meet the programmer's intent. Compilers cannot tell
whether or not the code meets the programmer's intent. They can only
tell whether or not the program makes sense. If every operation
is well-defined, then all programs make sense, and the compiler
cannot provide any diagnostic services.
We need to be clear when we think programs are "senseless". We have
already done so with signed integer overflow, and I'm sure this
study group will define many more.
We also need to define the consequences of senseless behavior.
In many cases, the consequences may be unbounded, which we currently
call undefined behavior. In other cases, we may limit the actions
possible for senseless behavior. For instance, we may require the
implementation to call a no-return handler.
In either event, we must give compilers lattitude to emit diagnostics
at compile time, at link-time or at run-time. Much of this behavior
well likely be driven by compiler flags. However, in some cases,
performance is inconsistent with diagnostics and we must admit
unbounded consequences. However, unbounded consequences in the
language definition does not necessarily imply unbounded consequences
in the compilers. Compilers and programmers need the freedom to
detect and react to senseless behavior in a manner appropriate to
the application.
-- Lawrence Crowl
Received on 2013-05-29 21:00:59