|
|
Boost : |
Subject: Re: [boost] [variant2] never-empty guarantee considered harmful
From: Rainer Deyke (rainerd_at_[hidden])
Date: 2019-04-13 06:05:49
On 13.04.19 01:47, Frank Mori Hess via Boost wrote:
> On Fri, Apr 12, 2019 at 7:26 PM Andrzej Krzemienski via Boost
> <boost_at_[hidden]> wrote:
>> UB is a useful symptom of a bug and
>> therefore can help detect and remove bugs
>
> It seems like you are using a different definition of undefined
> behavior than what I understand it to be. UB is not a useful symptom
> because it can be anything, and can vary by implementation. It
> doesn't necessarily mean the program crashes, it could for example
> result in exactly the harmless unnoticed response to a bug you object
> to.
UB is not a runtime check that detects bugs (although compiling with
undefined behavior sanitizer turns it into one). It is a conceptual
tool for verifying the correctness of your program. If your program
invokes undefined behavior, it is incorrect. Conversely, if your
program is correct, then it does not invoke undefined behavior.
Undefined behavior is not a defect of the C++ language. It's a
deliberate feature. The standards committee could have easily defined
the result of reading an uninitialized variable as "whatever arbitrary
value happens to occupy that memory location". Instead, they chose to
mark it as undefined behavior, because a program that uses uninitialized
variables is /wrong/.
This bears repeating. Reading from an uninitialized variable is not
wrong because it is undefined behavior, but the other way around.
Reading from an uninitialized variable is undefined behavior because it
is wrong.
-- Rainer Deyke (rainerd_at_[hidden])
Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk