-
Notifications
You must be signed in to change notification settings - Fork 273
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Can undefined behavior that is theoretically reachable, but not reached in practice cause problems? #454
Comments
PS: The question is motivated in part by this post about the scope of undefined behavior in C. |
afaik if value == 0 {
unsafe { print(*ptr::dangling::<u8>()); }
} |
Perhaps. I used |
"Theoretically" reachable wouldn't be a workable rule. Just change the example to The soundness of something can be unknown if we don't know enough to prove it one way or another, but whether a particular execution is UB only depends on things we can see in that execution. An execution is UB as soon as it's certain that it will hit one UB action. And yes, as in that SO question it means that it can "time travel" to an extent. In fact, that's necessary for But it can only time-travel as far as it can be proven that the execution would have hit UB anyway. So your program in the OP is not sound -- as it's possible to hit UB given a certain input -- but there are lots of inputs for which it doesn't trigger UB, as you could confirm with MIRI. TL/DR: "Soundness" is about all possible inputs. "Triggers UB" is about a particular execution. |
This is a question that is in my opinion important when dealing with the risk of undefined behavior, but is currently not clearly adressed in the nomicon (or any other materials I could find online):
If some part of a program contains undefined behavior that is reachable, but is then executed with inputs where that part of the program won't be reached, is the behavior of that specific program execution well defined or not? In other words, is the impact of undefined behavior limited to specific program executions where undefined behavior is invoked or can it affect all possible executions of the program?
For a more concrete example, say I have this program:
If I run this program with an argument of
1
, is there any risk of undefined behavior in that specific run of the program?The text was updated successfully, but these errors were encountered: