Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

restrict dodginess

0 views
Skip to first unread message

Phil Carmody

unread,
Nov 21, 2009, 7:28:01 AM11/21/09
to
if printf takes a restrict pointer, then what happens in
printf("%s", "%s");
Is the compiler obliged to have 2 copies of the string?

Phil
--
Any true emperor never needs to wear clothes. -- Devany on r.a.s.f1

Ben Bacarisse

unread,
Nov 21, 2009, 8:11:05 AM11/21/09
to
Phil Carmody <thefatphi...@yahoo.co.uk> writes:

> if printf takes a restrict pointer, then what happens in
> printf("%s", "%s");
> Is the compiler obliged to have 2 copies of the string?

I don't think so. The limitations imposed by restrict only apply when
one or more of the objects pointed to are modified, and since that
would be undefined anyway I don't think compiler needs to care.

Even if it were not UB to modify the content of a string literal, I
don't think the implementation is obliged to correct the programmer.
For example, in a hypothetical C where such modifications are
permitted

sscanf("%c", "%c", "%c");

can be undefined (due to the restrict qualifiers and aliased pointers)
because you wrote a bad call.

--
Ben.

Seebs

unread,
Nov 21, 2009, 1:32:12 PM11/21/09
to
On 2009-11-21, Phil Carmody <thefatphi...@yahoo.co.uk> wrote:
> if printf takes a restrict pointer, then what happens in
> printf("%s", "%s");
> Is the compiler obliged to have 2 copies of the string?

I think the conclusion that was reached eventually was that this was
technically undefined behavior, because the compiler is perfectly allowed
to do something which, in this case, invokes undefined behavior. This
doesn't seem to matter much.

There was some discussion about something closely related to this in
some case involving arguments to sprintf where you could conceivably want
this, and the sense of the committee, if I recall correctly, was that
it's rare enough that people can do the extra work.

The reason printf's format string has to be restrict is this:

union {
char s[4];
int x;
} foo;
strcpy(foo.s, "%n");
printf(foo.s, &foo.x);

You can easily expand this, using longer and more interesting format strings,
into a form where there's a real possibility of something going wrong.

-s
--
Copyright 2009, all wrongs reversed. Peter Seebach / usenet...@seebs.net
http://www.seebs.net/log/ <-- lawsuits, religion, and funny pictures
http://en.wikipedia.org/wiki/Fair_Game_(Scientology) <-- get educated!

christian.bau

unread,
Nov 21, 2009, 7:30:28 PM11/21/09
to
Actually, I don't think this particular example would have undefined
behaviour.

Roughly speaking, behaviour is undefined if either:

1. One object is both modified using an address based on a
restrict pointer p, and also accessed using an address not based on p.
2. One object is both accessed using an address based on a
restrict pointer p, and also modified using an address not based on p.
3. One object is both accessed using an address based on a const
restrict pointer p, and also modified in any way.

No modification, no undefined behaviour. printf as it is used by most
people doesn't modify its arguments.

0 new messages