Sender:	crough45 AT amc DOT de
Message-Id:	<97Aug9.163401gmt+0100.17058@internet01.amc.de>
Date:	Sat, 9 Aug 1997 15:35:58 +0100
From:	Chris Croughton <crough45 AT amc DOT de>
Mime-Version:	1.0
To:	fighteer AT cs DOT com
Cc:	djgpp AT delorie DOT com
Subject:	Re: expression evaluation guarantees

John M. Aldrich wrote:

> Let me put it this way:
> 
> - If your compiler does not claim to be ANSI compliant, then nothing
> like this is safe.
> - If your compiler does claim to be ANSI compliant, and this doesn't
> work as intended, then you can sue the company that makes it for
> zillions of dollars.
> - Anybody who runs a program capable of formatting the hard drive
> without ensuring that all necessary data is backed up is an idiot.
> - No sane person would ever write a format program like that.

And no sane person would write any mission-critical program
without testing it in a safe environment first.  The probability
of getting the test the wrong way round is far higher than that
of the compiler being wrong, and it would be just as fatal.  Any
competent programmer knows that they must test their programs,
especially if they are designed to do something drastic.  Part
of those tests is to make sure it's actually doing what you
expected - whether that's because of compiler bugs or (more likely)
coding errors is irrelevant, if you don't test it (in the example
with the "format_hard_drive()" routine just doing a printf) first
then you deserve anything that happens.  Including being fired from
your job...

In fact, once you start distrusting the compiler there's nowhere
to stop.  Why trust it to generate any useful code at all?  I've
seen assemblers which generate bad jump offsets, and even one which
reversed a jump test - better not trust anything except raw machine
code which you have personally blown bit-by-bit into a PROM.  
Except that CPUs have been known to have faults as well - try a
diode-matrix lookup.  Or a Babbage Engine.  And since the human 
brain has far more elements than a computer you'd better not trust
that - commit suicide immediately!

Certainly there are compilers with bugs in them, but that is not
a valid reason to ignore half the language just in case your 
compiler is buggy in that area.

> P.S.:  The first person to actually start that thread again because
> I mentioned it will be slapped with a wet trout.

That thread appears not to have been on this newsgroup.  It seems
that comp.os.msdos.djgpp was about the only one it wasn't posted
to.  So I'll take you up on that offer of a fresh trout, and start
it here.  What's wrong with exceeding the speed of light?  Have you
ever tried it?  If not, don't knock it...

Chris C

- Raw text -