On 25 September 2014 20:45, David Krauss <david_work@me.com> wrote:

On 2014–09–25, at 4:52 AM, Richard Smith <richardsmith@google.com> wrote:

Then I'm strongly opposed. It does not seem acceptable to silently change existing valid and well-defined code into having undefined behavior. I'm sure I'm not the only one who'll feel this way.

True, nobody gains anything from the possibility of non-diagnosis and a crash-on-run executable. But that’s not in practice going to happen except as a result, as you put it, of the compiler doing nothing special in particular. If the implementation notices the out-of-thin-air result at all, that suggests the existence of some exception handling which provides an opportunity for diagnosis.

Perhaps there should be some specification like static UB diagnosis, where a particular expression is ill-formed/NDR but behavior is well-defined if it is neither diagnosed nor evaluated.

Yes, that would nicely address one half of my concer. Essentially we'd introduce a new class of program that is well-formed, but which an implementation is not required to translate (and can instead reject with a diagnostic).

The other half of my concern is portability: it is hugely painful to some audiences if a program is accepted by one compiler but rejected (or interpreted differently) by another, and indeed, the very purpose of having a standard is to minimize the occurrence of this problem. Making the diagnosis optional exacerbates this.

With the tweak discussed above, I don't see that we gain much over the status quo: either way, implementations can choose to detect this case, and either way, they can choose to diagnose or not. The *only* difference is that their "conforming" mode would be permitted to refuse to translate the program (which I claim is actually harmful for some audiences).

The current wording of [dcl.init.ref] 8.5.3/1 actually comes pretty close:

A variable declared to be a T& or T&&, that is, “reference to type T” (8.3.2), shall be initialized by an object, or function, of type T or by an object that can be converted into a T.

This is a “shall be” requirement applied to a runtime occurrence. Although, it perhaps intends only to constrain the type of an initializer expression.

Perhaps; this is definitely imprecisely worded. Either there's a mixture of a compile-time and a runtime constraint here, or this really means "lvalue of object or function type T". I suspect the latter.

Does portability suffer from NDR? Sure. But the main suggestion here is to weed out nonsense with a new diagnosis. If some customer can’t live with a hard error, issuing a warning and producing an executable also satisfies NDR.

Non-diagnosis and UB right at static initialization is the status quo for Clang and GCC, given this declaration sequence which portably specifies a defective product:

extern int & a;
int & b = a;
int & a = b;

The only other way I know to get circular reference initialization is in a constructor, between two member references, which Clang does diagnose by default as use of an uninitialized variable. GCC’s -Wuninitialized is also an area of active development.

On the other hand, there are ways to use a reference in its own initializer which are not unreasonable:

std::function< void( int ) > && f
    = [&] ( int cnt ) { if ( cnt ) f( -- cnt ); };

Stronger analysis might be better when it comes to checking initialization.

Yes, whatever we do specify, this example should not be made ill-formed.