←back to thread

C and C++ prioritize performance over correctness (2023)

(research.swtch.com)
93 points endorphine | 4 comments | 28 Mar 25 20:26 UTC | HN request time: 0s | source
Show context
gavinhoward ◴[31 Mar 25 17:42 UTC] No.43537632[source]
As a pure C programmer [1], let me post my full agreement: https://gavinhoward.com/2023/08/the-scourge-of-00ub/ .

[1]: https://gavinhoward.com/2023/02/why-i-use-c-when-i-believe-i...

replies(1): >>43539291 #
muldvarp ◴[31 Mar 25 20:06 UTC] No.43539291[source]
To quote your article:

> The question is: should compiler authors be able to do whatever they want? I argue that they should not.

My question is: I see so many C programmers bemoaning the fact that modern compilers exploit undefined behavior to the fullest extent. I almost never see those programmers actually writing a "reasonable"/"friendly"/"boring" C compiler. Why is no one willing to put their ~money~ time where their mouth is?

replies(2): >>43540135 #>>43540589 #
bsder ◴[31 Mar 25 21:23 UTC] No.43540135[source]
> I almost never see those programmers actually writing a "reasonable"/"friendly"/"boring" C compiler. Why is no one willing to put their ~money~ time where their mouth is?

Because it is not much harder to simply write a new language and you can discard all the baggage? Lots of verbiage gets spilled about undefined behavior, but things like the preprocessor and lack of "slices" are way bigger faults of C.

Proebsting's Law posits that compiler optimizations double performance every 20 years. That means that you can implement the smallest handful of compiler optimizations in your new language and still be within a factor of 2 of the best compilers. And people are doing precisely that (see: Zig, Jai, Odin, etc.).

replies(1): >>43547291 #
1. WalterGillman ◴[01 Apr 25 14:36 UTC] No.43547291[source]
I'm willing to write a C compiler that detects all undefined behavior but instead of doing something sane like reporting it or disallowing it just adds the code to open a telnet shell with root privileges. Can't wait to see the benchmarks.
replies(1): >>43547426 #
2. muldvarp ◴[01 Apr 25 14:47 UTC] No.43547426[source]
> doing something sane like reporting it or disallowing it

This is only possible if you check for it at runtime and that's a tradeoff most C programmers don't like.

replies(1): >>43568134 #
3. WalterGillman ◴[03 Apr 25 11:35 UTC] No.43568134[source]
I was thinking more along the lines of detectable instances with compiler introducing "optimizations", but as a C "programmer" I do not mind bounds checks and any other runtime improvements that stay true to the language.

If it's implementation-defined that you can turn them off when you're building for the PDP11, I'm sold.

replies(1): >>43662358 #
4. muldvarp ◴[12 Apr 25 07:59 UTC] No.43662358{3}[source]
Compilers already warn when they detect _unconditional_ undefined behavior. They just don't warn on _conditional_ undefined behavior because doing so would introduce far too many warnings.

Exploiting undefined behavior for optimization only requires local analysis, detecting whether that undefined behavior arises (either unconditionally or at all) requires global analysis. To put it differentially: The compiler often simply doesn't know whether the undefined behavior arises, it only knows that the optimization it introduces is valid anyway.