On 17 April 2015 at 17:03, <mse...@redhat.com> wrote: > On 04/17/2015 09:01 AM, Peter Sewell wrote: >> >> On 17 April 2015 at 15:19, <paul_kon...@dell.com> wrote: >>> >>> >>>> On Apr 17, 2015, at 9:14 AM, Peter Sewell <peter.sew...@cl.cam.ac.uk> >>>> wrote: >>>> >>>> Dear gcc list, >>>> >>>> we are trying to clarify what behaviour of C implementations is >>>> actually relied upon in modern practice, and what behaviour is >>>> guaranteed by current mainstream implementations (these are quite >>>> different from the ISO standards, and may differ in different >>>> contexts). >>> >>> >>> I’m not sure what you mean by “guaranteed”. >>> >>> I suspect what the GCC team will say is guaranteed is “what the standard >>> says”. >> >> >> If that's really true, that will be interesting, but there may be >> areas where (a) current implementation behaviour is stronger than what >> the ISO standards require, and (b) important code relies on that >> behaviour to such an extent that it becomes pragmatically infeasible >> to change it. Such cases are part of what we're trying to discover >> here. There are also cases where the ISO standards are unclear or >> internally inconsistent. > > > Implementations can and often do provide stronger guarantees than > the standards require. When the do, they must be documented in order > to be safely relied on. This is termed as implementation-defined > behavior in standards.
The cases where the ISO standard explicitly identifies implementation-defined behaviour are generally unproblematic. The cases we're asking about, on the other hand, are typically cases which ISO declares to be undefined behaviour (sometimes for historical reasons relating to now-obsolete implementations) but where some code does depend on particular implementation behaviour. We are trying to identify and bound those cases. > Standards may be unclear to casual readers but they must be consistent > and unambiguous. > When they're not it's a defect that should be raised > against them. Yes, that's true - and we have in the past worked with the C++ and C standards committees, to fix inconsistencies in the concurrency model. But more than that, standards (including any implementation-specific documentation) and common practice have to be sufficiently in sync that the two work together: the former should give strong enough guarantees to support normal usage, and implementations should be sound with respect to them. For some aspects of C, we are currently quite some way from that. >> >>> If by “guaranteed” you mean the behavior that happens to be implemented >>> in a particular version of the compiler, that may well be different, as you >>> said. But it’s also not particularly meaningful, because it is subject to >>> change at any time subject to the constraints of the standard, and is likely >>> to be different among different versions, and for that matter among >>> different target architectures and of course optimization settings. >> >> >> Some amount of variation has to be allowed, of course - in fact, what >> we'd like to clarify is really the envelope of allowable variation, >> and that will have to be parametric on at least some optimisation >> settings. > > > All the questions in the survey that can be are answered are > answered without unambiguity in the C standard (either as well- > defined behavior - 4, 5, 11, 12, 15, unspecified - 1, 13, or > undefined - 2, 3, 7, 8, 9, 10, 14). We are really not asking about what the ISO standard says, but rather about what can be and what is relied upon in practice. (That said, our reading of the standard differs on several of those points.) Peter > There are no optimization > options that affect the answers. > Martin > >> >>> paul >>> >
