Quoth Matthew House:
On Sat, Jul 29, 2023 at 8:29 AM Alejandro Colomar <alx@xxxxxxxxxx> wrote:
I lied. I should have said that it writes what is safe to write, and
then uses a somewhat "safer" version of undefined behavior (compared
to other string copying functions). The standard differentiates
"bounded UB", which doesn't perform out-of-bounds stores, from
"critical UB", which performs them. In usual jargon, UB is UB, and
there's no mild form of UB; however, the standard prescribes a bounded
form of UB. However, I'm not sure compilers --and specifically GCC--
follow such a prescription of bounded UB, so it's better to consider
all UB to be critical UB, just to fall on the safe side.
Do you have a source for this? As far as I am aware, the standards have
always followed the "UB is UB" philosophy, which is why standards-oriented
people keep trying to reiterate it. I've never heard of anything like
"bounded UB" vs. "critical UB". C17 draft N2176 provides no such
distinction in its definition:
Quoth Alejandro Colomar:
References:
<https://port70.net/~nsz/c/c11/n1570.html#L.2>
Looks like a reference to me.
Yes, UB is UB. The optional Annex L on Analyzability does define
bounded and unbounded UB. No, you don’t care about them. Yes,
that is standard terminology. No, your implementation doesn’t
define __STDC_ANALYZABLE__. Yes, that terminology can be useful.
