Warn about unspecified behaviour

[Tomás Ó hÉilidhe]

Is there any sort of tool out there that can warn about code that can
behave differently depending on "unspecified" behaviour? For instance,
take the following statement:

*p++ = ConvertToLowercase(*p);

In this statement, we don't know whether the lefthand or the righthand
side will be evaluated first. If the righthand side is first to be
evaluated, then we get:

*p = ConvertToLowercase(*p);
p = p + 1;

If the lefthand side is evaluated first, we get:

p = p + 1;
*p = ConvertToLowercase(*p);

The original statement has two possible distinct behaviours depending
on how the compiler chooses to handle the "unspecified" behaviour.

Is there any sort of tool that can go through code and warn about
instances in which "unspecified" behaviour can result in two or more
different behaviours?

gcc is neat in that it warns about a sequence point violation; for
instance if you do the following:
i++ + i++
then you get:
test.c:5: warning: operation on `i' may be undefined

Just wondering if there's a tool that will warn about unspecified
order of evaluation, or any unspecified behaviour for that matter.

 

[31349 83652]

Just wondering if there's a tool that will warn about unspecified
order of evaluation, or any unspecified behaviour for that matter.

<OT>
gcc warns about that construct

tmp$ echo 'char f(char x){return x;}int main(void){char*p;*p+
+=f(*p);return 0;}' | /usr/bin/gcc -Wall -xc -
<stdin>: In function ‘main’:
<stdin>:1: warning: operation on ‘p’ may be undefined
tmp$


Or you could try lint.
</OT>

 

[Tomás Ó hÉilidhe]

gcc warns about that construct

Thanks for that. I must not have used -Wall when I was compiling my
code.

tmp$ echo 'char f(char x){return x;}int main(void){char*p;*p+
+=f(*p);return 0;}' | /usr/bin/gcc -Wall -xc -
<stdin>: In function ‘main’:
<stdin>:1: warning: operation on ‘p’ may be undefined
tmp$

That command line thing is pretty cool. Got it working on Windows just
there but I haven't figured out how to work it with preprocessor stuff.

 

[CBFalconer]

Is there any sort of tool out there that can warn about code that
can behave differently depending on "unspecified" behaviour? For
instance, take the following statement:

*p++ = ConvertToLowercase(*p);

In this statement, we don't know whether the lefthand or the
righthand side will be evaluated first. If the righthand side is
first to be evaluated, then we get:

*p = ConvertToLowercase(*p);
p = p + 1;

If the lefthand side is evaluated first, we get:

p = p + 1;
*p = ConvertToLowercase(*p);

The original statement has two possible distinct behaviours
depending on how the compiler chooses to handle the "unspecified"
behaviour.

And neither may occur. The standard clearly states that the
results are undefined. If you write foolish code like that you
expect random crashes.

Some tools will warn about some failures. None will catch all.