Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Ah yes, unless that conditional returns, UB indeed has time travelling properties. (I mean, spec wise. Manifesting as the compiler "reasoning" that "well I could legally put that load before the check, and that means it's not null, which means I don't need the check")

But this brings us back to the article: Why does the author say that there's no way to check for NULL in the free function? Maybe they are hinting at something completely unrelated to what we're saying here?

If that's where we failed to communicate, then that makes sense. Thanks, stranger!



I found the old discussion here on HackerNews although I haven't seen it before. I only found it now because I wanted to double-check my hypothesis and see if my understanding is really off. Seems like not: https://news.ycombinator.com/item?id=42387013

https://godbolt.org/z/aPcr1bfPe


That godbolt illustrates what I've been saying, yes. The godbolt example is exactly what I meant when I said "If you check after dereferencing it, yes it can [remove the check]".

In fact we can make the example even shorter: https://godbolt.org/z/8fv4GKMse

And here's one with a "time travelling" removal of a branch because of UB: https://godbolt.org/z/PjYzqKxs4

Remove the memcpy, and it adds the comparison back in: https://godbolt.org/z/r1GTvGnnf

This one is fun too: Explicitly crash on null pointer: https://godbolt.org/z/sGzhK7zM4

As this comment (https://news.ycombinator.com/item?id=45442103) says, it looks like we may have just been talking past each other.

When I said "If you check for null pointer before you dereference, then no the compiler cannot elide the check." I meant like:

    if (ptr != NULL) { *ptr = 123; }
Which is obviously safe and the compiler cannot remove the check. Not:

    if (ptr != NULL) { [… something else …] } *ptr = 123;
The latter is UB, and UB is allowed to time travel.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: