Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!tut.cis.ohio-state.edu!gem.mps.ohio-state.edu!samsung!xanth!ames!amelia!sun217!truesdel
From: truesdel@sun217..nas.nasa.gov (David A. Truesdell)
Newsgroups: comp.os.minix
Subject: Re: POSIX
Message-ID: <3627@amelia.nas.nasa.gov>
Date: 31 Oct 89 00:31:15 GMT
References: <092789A7523@syntel.mn.org>
Sender: news@amelia.nas.nasa.gov
Lines: 25

In comp.os.minix you write:

>truesdel@sun217..nas.nasa.gov (David A. Truesdell) writes:
>Sorry, but this is not free()'s job.  Section 4.10.3.2, describing the
>'free' function, states:
>
>	                     . . .                    if the space has
>	been deallocated by a call to 'free' or 'realloc', the behaviour
>	is undefined.
>
>"Undefined" behaviour means it can do ANYTHING if that situation occurs.
>Now that we have standards (or nearly so, in the case of C), personal
>opinions are moot.

True, "Undefined" does mean you could do anything, but there is something to
be said for the "Principle of Least Astonishment".

Would you use a system on which the "undefined" behaviour meant "destroy all
data on disk"?  I sure wouldn't, but it is permitted by the standard.
But then, I don't like library routines dumping core, either.  Guess I'm just
too conservative.


T.T.F.N.,
dave truesdell (truesdel@prandtl.nas.nasa.gov)