Date: Sun, 30 Apr 2023 16:15:40 +0000
Ideally, students should be taught practices they can deploy in production setting. While sanitizers and fuzzers have become accepted elements of the dev toolbox, they can't be deployed in production. That is part of why it is critical that we have a standard mechanism for turning bound checking on - or better yet, have bound checking on by default and have mechanism to opt out, after profiling data have shown that's what is needed.
-- Gaby
________________________________
From: SG20 <sg20-bounces_at_[hidden]> on behalf of Marc Glisse via SG20 <sg20_at_[hidden]>
Sent: Sunday, April 30, 2023 9:02:29 AM
To: Ville Voutilainen via Ext <ext_at_[hidden]>
Cc: Marc Glisse <marc.glisse_at_[hidden]>; sg20_at_[hidden] <sg20_at_[hidden]>
Subject: Re: [SG20] [isocpp-ext] namespace composition
On Sun, 30 Apr 2023, Ville Voutilainen via Ext wrote:
> On Sun, 30 Apr 2023 at 04:47, Amir Kirsh via SG20 <sg20_at_[hidden]> wrote:
>>
>> I agree with Yehezkel that introducing address sanitizer as their guard is important.
>> As they may get index out of bounds also using std::array or C-Style arrays for example.
>
> Well.. introducing address sanitizer to newcomers is perhaps a
> distraction and a digression.
How is learning to use the compiler correctly a distraction? Is learning
to use a debugger also a distraction? Teaching students to use some kind
of debug mode while developing can save a lot of time (so can enabling
warnings). And it doesn't need to be perfect to be helpful.
AFAIK all implementations provide options to check out-of-bound vector
access. For gcc, it could be -D_GLIBCXX_DEBUG, or the lighter
-D_GLIBCXX_ASSERTIONS, or -fsanitize=address -D_GLIBCXX_SANITIZE_VECTOR
(the extra define is necessary to catch Amir's example).
-- Gaby
________________________________
From: SG20 <sg20-bounces_at_[hidden]> on behalf of Marc Glisse via SG20 <sg20_at_[hidden]>
Sent: Sunday, April 30, 2023 9:02:29 AM
To: Ville Voutilainen via Ext <ext_at_[hidden]>
Cc: Marc Glisse <marc.glisse_at_[hidden]>; sg20_at_[hidden] <sg20_at_[hidden]>
Subject: Re: [SG20] [isocpp-ext] namespace composition
On Sun, 30 Apr 2023, Ville Voutilainen via Ext wrote:
> On Sun, 30 Apr 2023 at 04:47, Amir Kirsh via SG20 <sg20_at_[hidden]> wrote:
>>
>> I agree with Yehezkel that introducing address sanitizer as their guard is important.
>> As they may get index out of bounds also using std::array or C-Style arrays for example.
>
> Well.. introducing address sanitizer to newcomers is perhaps a
> distraction and a digression.
How is learning to use the compiler correctly a distraction? Is learning
to use a debugger also a distraction? Teaching students to use some kind
of debug mode while developing can save a lot of time (so can enabling
warnings). And it doesn't need to be perfect to be helpful.
AFAIK all implementations provide options to check out-of-bound vector
access. For gcc, it could be -D_GLIBCXX_DEBUG, or the lighter
-D_GLIBCXX_ASSERTIONS, or -fsanitize=address -D_GLIBCXX_SANITIZE_VECTOR
(the extra define is necessary to catch Amir's example).
-- Marc Glisse -- SG20 mailing list SG20_at_[hidden] https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.isocpp.org%2Fmailman%2Flistinfo.cgi%2Fsg20&data=05%7C01%7Cgdr%40microsoft.com%7C676d8d9fa55049a41fa508db499450ff%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638184673609846504%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=BBEDdjBb9qc%2FQewpktsPkJjFPd0Fmsb4icIM0im3oD0%3D&reserved=0<https://lists.isocpp.org/mailman/listinfo.cgi/sg20>
Received on 2023-04-30 16:15:44