Multiple Assignment Evaluation Debate

[Robin Haigh]

Robin Haigh wrote:

Trouble is, an enthusiastic reading of 6.5/2 can make all
sorts of things UB, including *p++.

An enthusiastic reading of 6.5/2 should find the footnote:

70)
This paragraph renders undefined statement expressions such as
i = ++i + 1;
a[i++] = i;
while allowing
i = i + 1;
a = i;

Can you see how this footnote helps? I can't

It should clear up that *p++ is defined.
How do you figure that *p++ can be considered to be undefined
according to 6.5/2?

I don't. I've only said that this is the logical conclusion of the claim
made by others in previous threads, namely that the value of p may not be
used for any other purpose than computing its new value.

The footnote doesn't clarify because it doesn't show an allowed example
containing a post-increment. In fact the undefined example a[i++] = i
contains 3 uses of i:
(1) to compute the new value of i
(2) to determine which element of a is modified
(3) to determine the new value of that element
and the contrasted example a = i contains uses 2 and 3, from which one
might paradoxically deduce that use 1 must be the problem. (This is of
course a spot-the-fallacy exercise)

As I said, a line has to be drawn, so that we know what is undefined and
what isn't. The line must be somewhere between the allowed examples and the
undefined examples, but the gap is quite wide and a number of things fall in
the middle. To draw the line, all we can do is try to determine the
intended meaning of the wording. Various readings are possible, but not all
are sustainable.

I suppose it all depends on your tolerance for contradiction. The ability
to believe arguments whose logical consequences are untenable is one of the
peculiarities of the human condition.

 

[ena8t8si]

Indeed. The problem is that it's extremely difficult to express the
intent precisely in English, which is why there is so much interest in a
formal model of sequence points that would do so. Unfortunately, there
hasn't been quite enough interest to succeed in doing so yet.

Between the previous and next sequence point an object shall have
its stored value modified at most once by the evaluation of an
expression. Furthermore, the prior value shall be read only in
subexpressions of the operator causing the modification.

They didn't (kowtow to freewheeling vendors), they just tried to strike
a balance between performance and determinancy. High performance is
very important to most users of C, but getting the wrong answer isn't of
any use to anyone. Like I said before, I think most experienced C
programmers have an intuitive understanding of what kinds of things
should be well defined (and "p = p->next = q;" falls into that category)
and what kinds of things should be undefined (like "j = ++i + i;"), and
the formal models proposed so far, although still works in progress,
seem to match most people's intuition.

The problem isn't the things people think will work and do, but
the things experienced people think should work and don't. The
idea that reading the prior value as part of calculating the
store-lvalue be undefined behavior is just stupid. Doug Gwyn
kept talking about vectorizing compilers, but he never gave even
one example program. Dik Winter gave an example program (which
he admitted wasn't a bona fide example), but it clearly shows the
vectorizing compiler to be wrong, since one statement incorrectly
affects _another statement_ (ie, after a sequence point). Dik
Winter also gave some pseudo-assembly as an example, but the
assembly _re-evaluated_ a subexpression after something had been
modified. Not even remotely convincing. (The thread can be seen
in google groups, "strange behaviour with a[a]".)

I'm all for having formal models and a standard that matches
people's intuition. Since all the formal models and everyone's
intuition say that using the prior value to calculate the lvalue
of where to store be defined, and arguments to the contrary are
hypothetical and weak at best, why was the concession made, if
not because the committee just gave in to the compiler vendors?
AFAIK no one has presented a single real-world example of an
implementation that benefits from this so-called "optimization".