[TUHS] Minimum Array Sizes in 16 bit C (was Maximum)
Rob Pike
robpike at gmail.com
Mon Sep 30 06:29:23 AEST 2024
Gradually the writers of optimizing compilers have leaned so hard on the
implementation-defined and undefined behaviors that, while far from
useless, C and C++ have become non-portable and dangerously insecure, as
well as often very surprising to the point that the US government arguing
against using them.
-rob
On Mon, Sep 30, 2024 at 2:56 AM Douglas McIlroy <
douglas.mcilroy at dartmouth.edu> wrote:
> >>> malloc(0) isn't undefined behaviour but implementation defined.
> >>
> >> In modern C there is no difference between those two concepts.
>
> > Can you explain more about your view
>
> There certainly is a difference, but in this case the practical
> implications are the same: avoid malloc(0). malloc(0) lies at the high end
> of a range of severity of concerns about implementation-definedness. At the
> low end are things like the size of ints, which only affects applications
> that may confront very large numbers. In the middle is the default
> signedness of chars, which generally may be mitigated by explicit type
> declarations.
>
> For the size of ints, C offers guardrails like INT_MAX. There is no test
> to discern what an error return from malloc(0) means.
>
> Is there any other C construct that implementation-definedness renders
> useless?
>
> Doug
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.tuhs.org/pipermail/tuhs/attachments/20240930/5a5667ed/attachment.htm>
More information about the TUHS
mailing list