[閒聊] 關於C++的雷
聽說最近大家在討論雷,我目前覺得最雷的應該就是這個了:
int main() {
while (true); // UB in C++11 or later
}
是的,infinite loop 在 C++11 是 undefined behavior:
4.7.2 [intro.progress]
The implementation may assume that any thread will eventually do
one of the following:
— terminate,
— make a call to a library I/O function,
— perform an access through a volatile glvalue, or
— perform a synchronization operation or an atomic operation.
( 註:當標準說你可以 assume P 的時候,言下之意就是 not P 是 UB )
很明顯上面的 loop 不屬於這四個的其中一個
==============================================================================
於是國外就有無聊人士(?)造了一個例子用窮舉法找費式最後定理的反例,
理論上當然是找不到的,所以該 loop 應該是個無窮迴圈:
#include <cstdint>
#include <iostream>
bool fermat() {
constexpr int32_t MAX = 1000;
int32_t a = 1, b = 1, c = 1;
// Infinite loop
while (true) {
if (((a*a*a) == ((b*b*b)+(c*c*c))))
return false;
++a;
if (a > MAX) { a=1; ++b; }
if (b > MAX) { b=1; ++c; }
if (c > MAX) { c=1; }
}
return true;
}
int main() {
if (!fermat())
std::cout << "Fermat's Last Theorem has been disproved.";
else
std::cout << "Fermat's Last Theorem has not been disproved.";
std::cout << std::endl;
}
$ clang++ -O2 test.cpp && ./a.out
Fermat's Last Theorem has been disproved.
Oops.
( 如果用 -O0 或是 GCC 的確是會進入無窮迴圈 )
==============================================================================
那在 C 底下的行為是怎麼樣呢?C11 的標準如此說:
6.8.5 Iteration statements
6 An iteration statement whose controlling expression is not a constant
expression (156) that performs no input/output operations, does not access
volatile objects, and performs no synchronization or atomic operations
in its body, controlling expression, or (in the case of for statement) its
expression-3, may be assumed by the implementation to terminate. (157)
157) This is intended to allow compiler transformations such as removal of
empty loops even when termination cannot be proven
while(1); 的 1 剛好是一個 constant expression ,所以這條不適用,
但是稍微修改一下變成 while(1,1); 多了 comma op 就不是 constant expression 了,
這樣的話 compiler 的確是可以把 while(1,1); 拿掉的
==============================================================================
同場加映,踩到 UB 的下場:
#include <stdio.h>
static void (*fp)(void);
void kerker(void) {
puts("rm -rf /");
}
void never_called(void) {
fp = kerker;
}
int main(void) {
fp();
return 0;
}
$ clang test.c -O2 && ./a.out
rm -rf /
--
※ 發信站: 批踢踢實業坊(ptt.cc), 來自: 140.113.193.217
※ 文章網址: https://www.ptt.cc/bbs/C_and_CPP/M.1506348868.A.0C3.html
推
09/25 23:19, , 1F
09/25 23:19, 1F
→
09/25 23:20, , 2F
09/25 23:20, 2F
→
09/25 23:49, , 3F
09/25 23:49, 3F
推
09/25 23:51, , 4F
09/25 23:51, 4F
推
09/25 23:56, , 5F
09/25 23:56, 5F
→
09/25 23:57, , 6F
09/25 23:57, 6F
當然也要剛好 fp 是 static 且它的 address 沒有被 escape 到 TU 之外,
註解裡面的寫法都會讓這個「最佳化」失效:https://godbolt.org/g/1uwjBQ
因為 fp 可能的值只有 { NULL, kerker },而呼叫 NULL 是 UB,
所以編譯器可以直接認定 fp 一定是 kerker 然後直接 inline 進去
推
09/26 00:09, , 7F
09/26 00:09, 7F
→
09/26 00:09, , 8F
09/26 00:09, 8F
→
09/26 00:09, , 9F
09/26 00:09, 9F
推
09/26 00:14, , 10F
09/26 00:14, 10F
推
09/26 01:15, , 11F
09/26 01:15, 11F
※ 編輯: PkmX (140.113.193.217), 09/26/2017 01:31:30
推
09/26 01:28, , 12F
09/26 01:28, 12F
推
09/26 03:39, , 13F
09/26 03:39, 13F
推
09/26 04:34, , 14F
09/26 04:34, 14F
推
09/26 05:31, , 15F
09/26 05:31, 15F
推
09/26 09:11, , 16F
09/26 09:11, 16F
推
09/26 10:27, , 17F
09/26 10:27, 17F
推
09/26 11:03, , 18F
09/26 11:03, 18F
推
09/26 12:54, , 19F
09/26 12:54, 19F
推
09/26 18:12, , 20F
09/26 18:12, 20F
推
09/26 21:56, , 21F
09/26 21:56, 21F
推
09/27 02:59, , 22F
09/27 02:59, 22F
推
09/27 22:28, , 23F
09/27 22:28, 23F
推
09/27 23:20, , 24F
09/27 23:20, 24F
→
09/28 09:04, , 25F
09/28 09:04, 25F
→
09/28 15:29, , 26F
09/28 15:29, 26F
推
09/28 19:16, , 27F
09/28 19:16, 27F
推
09/28 20:08, , 28F
09/28 20:08, 28F
推
09/29 08:50, , 29F
09/29 08:50, 29F
C_and_CPP 近期熱門文章
PTT數位生活區 即時熱門文章
