From: John Cowan <cowan@ccil.org>
To: Larry McVoy <lm@mcvoy.com>
Cc: The Unix Heritage Society mailing list <tuhs@minnie.tuhs.org>
Subject: Re: [TUHS] Is C obsolete? (was Re: [tuhs] The Unix shell: a 50-year view)
Date: Sun, 4 Jul 2021 22:36:46 -0400 [thread overview]
Message-ID: <CAD2gp_TEVk_-W72ZYJARq-WOPe1oR6xGmO9_JOCRsfJwaneLPA@mail.gmail.com> (raw)
In-Reply-To: <20210705002119.GL817@mcvoy.com>
[-- Attachment #1: Type: text/plain, Size: 2162 bytes --]
On Sun, Jul 4, 2021 at 8:22 PM Larry McVoy <lm@mcvoy.com> wrote:
> We both love C, we are both disciplined enough to write
> maintainable/extendable code in C, it works for us. We really clicked
> over our love of C.
>
Are you really sure that all the C code the two of you have written in your
careers carefully avoids all 191 kinds of undefined behavior in C99 (the
number has grown since then)? Give me leave to doubt it.
Consider this example from an earlier version of the Linux kernel:
static void __devexit agnx_pci_remove (struct pci_dev *pdev)
{
struct ieee80211_hw *dev = pci_get_drvdata(pdev);
struct agnx_priv *priv = dev->priv;
if (!dev) return;
... do stuff using dev ...
}
The trouble here is that dev is used before it is checked for being a null
pointer. In Java, you'd have a NullPointerException. In C, "gcc -O2" will
make this analysis:
Case 1: dev == NULL. This is undefined behavior and the compiler has no
obligations.
Case 2: dev != NULL. Since dev can't be null (the compiler always assumes
the programmer did not intend to use UB), the check can be removed.
The result is that there is no check for NULL in either case, the compiler
is silent, and since this is the kernel, dereferencing NULL probably pwns
your system. So whereas things that were technically UB used to work more
or less as you'd expect them to, nowadays they work as *nobody* expects
them to.
This is the result of the three values of C programmers: (1) fast
execution, (2) fast compilation, (3) I lied; there is no (3). And as
optimizers get better and better, the number of UB-related disasters
increases. (The same is true for C++ compiler developers, except that they
sometimes prioritize (2) over (1) because benchmarks.)
> If I had infinite energy and money, I would fund a dialect of C that
> made it more useful.
See <https://blog.regehr.org/archives/1287>, about how an attempt to reduce
the amount of UB int C failed because nobody could agree with anybody else
on what changes to make.
> For all its faults, C++ is the closest to a modern language that sort
> of fits with what I want
>
C++, is it? C++2011 has 203 UBs.
[-- Attachment #2: Type: text/html, Size: 5120 bytes --]
next prev parent reply other threads:[~2021-07-05 2:37 UTC|newest]
Thread overview: 109+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-07-02 21:24 [TUHS] [tuhs] The Unix shell: a 50-year view Nelson H. F. Beebe
2021-07-02 21:36 ` Larry McVoy
2021-07-02 21:56 ` Henry Bent
2021-07-02 23:12 ` Steve Nickolas
2021-07-02 23:49 ` Steffen Nurpmeso
2021-07-03 13:34 ` Steffen Nurpmeso
2021-07-03 13:56 ` Richard Salz
2021-07-03 12:04 ` Thomas Paulsen
2021-07-03 13:20 ` Dan Cross
2021-07-03 17:37 ` Theodore Ts'o
2021-07-03 17:57 ` Warner Losh
2021-07-03 18:10 ` Theodore Ts'o
2021-07-03 20:02 ` Dan Cross
2021-07-04 0:47 ` Tomasz Rola
2021-07-04 4:36 ` Larry McVoy
2021-07-04 14:56 ` Dan Cross
2021-07-04 16:07 ` Theodore Ts'o
2021-07-04 20:10 ` David Barto
2021-07-05 0:25 ` Larry McVoy
2021-07-05 1:23 ` John Cowan
2021-07-04 12:48 ` Dan Cross
2021-07-05 7:14 ` Tomasz Rola
2021-07-05 16:26 ` John Cowan
2021-07-06 23:17 ` Tomasz Rola
2021-07-06 23:47 ` Steve Nickolas
2021-07-06 23:49 ` Warner Losh
2021-07-06 23:48 ` John Cowan
2021-07-07 0:46 ` Theodore Ts'o
2021-07-07 0:58 ` George Michaelson
2021-07-07 2:48 ` Larry McVoy
2021-07-07 18:32 ` Tomasz Rola
2021-07-07 20:50 ` Michael Kjörling
2021-07-08 6:46 ` [TUHS] Overgrown ffox (was: The Unix shell: a 50-year view) Tomasz Rola
2021-07-08 13:59 ` Derek Fawcus
2021-07-08 19:25 ` Steffen Nurpmeso
2021-07-08 19:37 ` Steffen Nurpmeso
2021-07-08 20:40 ` Steffen Nurpmeso
2021-07-08 22:23 ` Kevin Bowling
2021-07-08 21:47 ` [TUHS] [tuhs] The Unix shell: a 50-year view Theodore Ts'o
2021-07-09 20:14 ` Michael Kjörling
2021-07-07 13:54 ` Tony Finch
2021-07-06 16:05 ` Clem Cole
2021-07-09 22:19 ` Tomasz Rola
2021-07-04 20:10 ` Tony Finch
2021-07-05 3:59 ` Theodore Ts'o
2021-07-05 15:08 ` Steffen Nurpmeso
2021-07-05 3:52 ` Bakul Shah
2021-07-04 18:17 ` John Dow via TUHS
2021-07-04 19:46 ` Clem Cole
2021-07-05 1:33 ` Noel Hunt
2021-07-05 2:38 ` Clem Cole
2021-07-05 2:51 ` Warner Losh
2021-07-05 3:03 ` Clem Cole
2021-07-05 3:01 ` Clem Cole
2021-07-05 5:22 ` Noel Hunt
2021-07-06 5:10 ` Nevin Liber
2021-07-06 13:30 ` Clem Cole
2021-07-06 16:23 ` Theodore Ts'o
2021-07-07 1:57 ` Dan Cross
2021-07-07 2:52 ` Larry McVoy
2021-07-07 5:19 ` Andrew Warkentin
2021-07-07 18:28 ` Jon Steinhart
2021-07-10 11:51 ` [TUHS] " Ralph Corderoy
2021-07-10 13:54 ` Henry Bent
2021-07-10 14:12 ` Ralph Corderoy
2021-07-10 16:57 ` [TUHS] Death by bug [formerly The Unix shell: a 50-year view] Jon Steinhart
2021-07-11 8:53 ` [TUHS] Death by bug Ralph Corderoy
2021-07-11 9:04 ` arnold
2021-07-12 1:42 ` Theodore Y. Ts'o
2021-07-12 2:57 ` Jon Steinhart
2021-07-12 6:39 ` arnold
2021-07-12 9:56 ` Ralph Corderoy
2021-07-11 16:10 ` Jon Steinhart
2021-07-12 10:37 ` Ralph Corderoy
2021-07-06 13:40 ` [TUHS] [tuhs] The Unix shell: a 50-year view John Cowan
2021-07-06 14:12 ` Chet Ramey
2021-07-07 0:53 ` Nevin Liber
2021-07-07 13:08 ` Chet Ramey
2021-07-07 15:15 ` Richard Salz
2021-07-03 0:09 ` Andrew Warkentin
2021-07-03 15:49 ` Andy Kosela
2021-07-04 23:24 ` [TUHS] Is C obsolete? (was Re: [tuhs] The Unix shell: a 50-year view) Derek Fawcus
2021-07-04 23:50 ` Nemo Nusquam
2021-07-05 0:15 ` Dan Stromberg
2021-07-05 0:21 ` Larry McVoy
2021-07-05 2:36 ` John Cowan [this message]
2021-07-05 2:59 ` Richard Salz
2021-07-05 3:47 ` Larry McVoy
2021-07-05 4:02 ` Dan Stromberg
2021-07-05 13:45 ` Steffen Nurpmeso
2021-07-05 20:15 ` Dan Stromberg
2021-07-05 21:05 ` Larry McVoy
2021-07-05 21:29 ` Clem Cole
2021-07-05 22:22 ` Brantley Coile
2021-07-06 4:35 ` Dan Stromberg
2021-07-06 4:44 ` Warner Losh
2021-07-06 5:58 ` Rico Pajarola
2021-07-06 13:05 ` Clem Cole
2021-07-05 12:11 ` Thomas Paulsen
2021-07-05 4:08 ` Dan Stromberg
2021-07-05 4:23 ` George Michaelson
2021-07-05 14:43 ` Larry McVoy
2021-07-05 15:17 ` Steffen Nurpmeso
2021-07-05 15:36 ` Steffen Nurpmeso
2021-07-05 15:53 ` Mike Markowski
2021-07-05 16:39 ` Warner Losh
2021-07-05 19:02 ` Clem Cole
2021-07-02 22:27 ` [TUHS] [tuhs] The Unix shell: a 50-year view Chet Ramey
2021-07-02 23:09 ` Steve Nickolas
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAD2gp_TEVk_-W72ZYJARq-WOPe1oR6xGmO9_JOCRsfJwaneLPA@mail.gmail.com \
--to=cowan@ccil.org \
--cc=lm@mcvoy.com \
--cc=tuhs@minnie.tuhs.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).