Path: csiph.com!weretis.net!feeder8.news.weretis.net!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail From: Tim Rentsch Newsgroups: comp.lang.c Subject: Re: Which tools are available for catching UB? Date: Sun, 14 Jan 2024 09:44:06 -0800 Organization: A noiseless patient Spider Lines: 35 Message-ID: <86le8rlsih.fsf@linuxsc.com> References: <87sf33mmy3.fsf@nosuchdomain.example.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Injection-Info: dont-email.me; posting-host="8638bc13aeaeb22b15b54cee031022ba"; logging-data="575712"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX19uTAcgUn/BHy/Nv5GHlIXvk6Fcesyx/hU=" User-Agent: Gnus/5.11 (Gnus v5.11) Emacs/22.4 (gnu/linux) Cancel-Lock: sha1:VA9qVfhi2X+LdzqGQTd1jE82S20= sha1:nwAwOgAMYqOmE9ruVPIKaKj2DzM= Xref: csiph.com comp.lang.c:380142 Keith Thompson writes: > Anthony Cuozzo writes: > [...] > >> [looking for constructs that are undefined behavior] >> Semi-related: Do you know if there's a resource which breaks down UB >> per standard? I'd like to see how things have changed over time. > > Each edition of the standard has an annex (Annex J in the case of C11) > that summarizes unspecified, undefined, and implementation-defined > behaviors. The standards themselves cost money, but drafts are freely > available. Annex J (which is Annex G in C90) is an excellent resource. A caution is in order: not every case of undefined behavior (and probably also unspecified behavior and implementation-defined behavior) is listed in Annex J. Most are, but not all are. Also, sometimes a statement of UB in Annex J is not completely accurate, but only an approximation. It is still the case that Annex J is an excellent resource, but don't take it as gospel. > Some instances of undefined behavior are specified explicitly. Others > are undefined just because the standard provides no definition. Both > kinds are equivalent, and can in principle result in the same kinds of > Bad Things Happening. I think a fine point should be noted here. Some kinds of undefined behavior, in addition to being undefined behavior, also require a diagnostic be issued. So different kinds of undefined behavior may not be exactly equivalent - some require some sort of message out of the compiler, whereas others may get no indication when compiling. None of this is meant to contradict Keith's statement, just to augment it with a clarification.