Path: utzoo!attcan!uunet!cs.utexas.edu!tut.cis.ohio-state.edu!rutgers!mcnc!rti!bcw From: bcw@rti.rti.org (Bruce Wright) Newsgroups: comp.sys.ibm.pc.programmer Subject: Re: No Aliasing Compile Option Summary: Aliasing (AGAIN!!) Keywords: Microsoft 6.0 C update woes Message-ID: <3866@rtifs1.UUCP> Date: 28 May 90 00:10:26 GMT References: <4886@daffy.cs.wisc.edu> <26547195.F69@tct.uucp> <134@qmsseq.imagen.com> Organization: Research Triangle Institute, RTP, NC Lines: 55 In article <134@qmsseq.imagen.com>, pipkins@qmsseq.imagen.com (Jeff Pipkins) writes: > 2. It is not "wrong" to use aliasing, either morally or legally, and it is > not generally considered bad practice. Since I used the word "morally", > this is obviously my opinion. I don't know where you've been, but where _I've_ been it _has_ been considered bad practice to use aliasing. Not bad _morally_ or _legally_ (how silly) but bad from a program maintenance point of view: it's difficult for someone other than the person who wrote the code to understand, correct, and/or modify the code. Sometimes it can even be difficult for the person who wrote it (!). A programmer who wrote the code in question should _know_ if aliasing is being used; the only valid excuse for not knowing would be that the code had been inherited from someone else that had not used very strict programming standards and/or didn't document what he/she had been writing. > 3. Why is this compiler option there, anyway? Because the compiler writer > says to himself (while writing the compiler), "DAMN! If I could just make > this one little ASSumption, I could produce tighter code! Wouldn't that > be nifty?!!" But he knows that it is an UNSAFE optimization. But he > still can't resist. It would be so neat. So he adds it as an option. > POINT: Not only should the option not be used to compile benchmarks, IT SHOULD > NOT EVEN BE AN AVAILABLE OPTION FOR THE COMPILER IN THE FIRST PLACE! It's also an UNSAFE assumption to optimize array references - strictly speaking, you should have bounds checking on ALL array references (C. A. R. Hoare has quite a bit to say about this). Many people find that this produces programs that run too slowly for their purposes, and find it useful to have a switch to remove array bounds checking. If you _really_ want to avoid this sort of thing, you should NOT be using C!!! It's just not possible to avoid possible problems of this sort in anything remotely approaching the full language -- for example, as soon as you use the ++ operator on a pointer, you have done an operation semantically equivalent to an _unchecked array reference_. Peter Norton once made the remark that C was an industrial strength language, and that many people got the impression that what they needed was an industrial strength language without realizing that "industrial strength" also means "unsafe for children and small animals". > Tell me how you have insured it is safe -- by looking at it? Ideally, you should attempt to show that the program _must_ be correct (proof of correctness). In practice this is often very difficult, especially when pressed for time. If you _don't_ have the time to at least give this a go and make the attempt, you probably shouldn't be using C. Maybe you should be using Ada. Bruce C. Wright