diff options
| author | Kartik K. Agaram <vc@akkartik.com> | 2015-05-25 22:27:19 -0700 |
|---|---|---|
| committer | Kartik K. Agaram <vc@akkartik.com> | 2015-05-25 22:27:19 -0700 |
| commit | c5ffb6e1cc9c5ff880d037c53b8ebc8562be0008 (patch) | |
| tree | 2d05d987ec3c81bfbb0c1f598966d9d1b16e9b1f /html/001help.cc.html | |
| parent | b2757892d553352feb59d70b1e7241ccdafa6905 (diff) | |
| download | mu-c5ffb6e1cc9c5ff880d037c53b8ebc8562be0008.tar.gz | |
1459
Diffstat (limited to 'html/001help.cc.html')
| -rw-r--r-- | html/001help.cc.html | 61 |
1 files changed, 55 insertions, 6 deletions
diff --git a/html/001help.cc.html b/html/001help.cc.html index d1a53d63..2e4278d1 100644 --- a/html/001help.cc.html +++ b/html/001help.cc.html @@ -2,7 +2,7 @@ <html> <head> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> -<title>~/Desktop/s/mu/001help.cc</title> +<title>001help.cc</title> <meta name="Generator" content="Vim/7.4"> <meta name="plugin-version" content="vim7.4_v1"> <meta name="syntax" content="cpp"> @@ -62,6 +62,60 @@ bool is_equal<span class="Delimiter">(</span>char* s<span class="Delimiter">,</s <span class="Identifier">return</span> strncmp<span class="Delimiter">(</span>s<span class="Delimiter">,</span> lit<span class="Delimiter">,</span> strlen<span class="Delimiter">(</span>lit<span class="Delimiter">))</span> == <span class="Constant">0</span><span class="Delimiter">;</span> <span class="Delimiter">}</span> +<span class="Comment">// I'll throw some style conventions here for want of a better place for them.</span> +<span class="Comment">// As a rule I hate style guides. Do what you want, that's my motto. But since</span> +<span class="Comment">// we're dealing with C/C++, the one big thing we want to avoid is undefined</span> +<span class="Comment">// behavior. If a compiler ever encounters undefined behavior it can make</span> +<span class="Comment">// your program do anything it wants.</span> +<span class="Comment">//</span> +<span class="Comment">// For reference, my checklist of undefined behaviors to watch out for:</span> +<span class="Comment">// out-of-bounds access</span> +<span class="Comment">// uninitialized variables</span> +<span class="Comment">// use after free</span> +<span class="Comment">// dereferencing invalid pointers: null, a new of size 0, others</span> +<span class="Comment">//</span> +<span class="Comment">// casting a large number to a type too small to hold it</span> +<span class="Comment">//</span> +<span class="Comment">// integer overflow</span> +<span class="Comment">// division by zero and other undefined expressions</span> +<span class="Comment">// left-shift by negative count</span> +<span class="Comment">// shifting values by more than or equal to the number of bits they contain</span> +<span class="Comment">// bitwise operations on signed numbers</span> +<span class="Comment">//</span> +<span class="Comment">// Converting pointers to types of different alignment requirements</span> +<span class="Comment">// T* -> void* -> T*: defined</span> +<span class="Comment">// T* -> U* -> T*: defined if non-function pointers and alignment requirements are same</span> +<span class="Comment">// function pointers may be cast to other function pointers</span> +<span class="Comment">//</span> +<span class="Comment">// Casting a numeric value into a value that can't be represented by the target type (either directly or via static_cast)</span> +<span class="Comment">//</span> +<span class="Comment">// To guard against these, some conventions:</span> +<span class="Comment">//</span> +<span class="Comment">// 0. Initialize all primitive variables in functions and constructors.</span> +<span class="Comment">//</span> +<span class="Comment">// 1. Minimize use of pointers and pointer arithmetic. Avoid 'new' and</span> +<span class="Comment">// 'delete' as far as possible. Rely on STL to perform memory management to</span> +<span class="Comment">// avoid use-after-free issues (and memory leaks).</span> +<span class="Comment">//</span> +<span class="Comment">// 2. Avoid naked arrays to avoid out-of-bounds access. Never use operator[]</span> +<span class="Comment">// except with map. Use at() with STL vectors and so on.</span> +<span class="Comment">//</span> +<span class="Comment">// 3. Valgrind all the things.</span> +<span class="Comment">//</span> +<span class="Comment">// 4. Avoid unsigned numbers. Not strictly an undefined-behavior issue, but</span> +<span class="Comment">// the extra range doesn't matter, and it's one less confusing category of</span> +<span class="Comment">// interaction gotchas to worry about.</span> +<span class="Comment">//</span> +<span class="Comment">// Corollary: don't use the size() method on containers, since it returns an</span> +<span class="Comment">// unsigned and that'll cause warnings about mixing signed and unsigned,</span> +<span class="Comment">// yadda-yadda. Instead use this macro below to perform an unsafe cast to</span> +<span class="Comment">// signed. We'll just give up immediately if a container's every too large.</span> +<span class="Delimiter">:(before "End Includes")</span> +<span class="PreProc">#define SIZE(X) (assert(X</span><span class="Delimiter">.</span><span class="PreProc">size() < (</span><span class="Constant">1LL</span><span class="PreProc"><<</span><span class="Constant">62</span><span class="PreProc">))</span><span class="Delimiter">,</span><span class="PreProc"> </span>static_cast<span class="PreProc"><</span>long<span class="PreProc"> </span>long<span class="PreProc"> </span>int<span class="PreProc">>(X</span><span class="Delimiter">.</span><span class="PreProc">size()))</span> +<span class="Comment">//</span> +<span class="Comment">// 5. Integer overflow is still impossible to guard against. Maybe after</span> +<span class="Comment">// reading <a href="http://www.cs.utah.edu/~regehr/papers/overflow12.pdf">http://www.cs.utah.edu/~regehr/papers/overflow12.pdf</a></span> + <span class="Delimiter">:(before "End Includes")</span> <span class="PreProc">#include</span><span class="Constant"><assert.h></span> @@ -76,11 +130,6 @@ using std::cerr<span class="Delimiter">;</span> <span class="PreProc">#include</span><span class="Constant"><cstring></span> <span class="PreProc">#include</span><span class="Constant"><string></span> using std::string<span class="Delimiter">;</span> -typedef size_t index_t<span class="Delimiter">;</span> -const index_t NOT_FOUND = string::npos<span class="Delimiter">;</span> -<span class="Delimiter">:(after "int main(int argc, char* argv[])")</span> -assert<span class="Delimiter">(</span>sizeof<span class="Delimiter">(</span>string::size_type<span class="Delimiter">)</span> == sizeof<span class="Delimiter">(</span>size_t<span class="Delimiter">));</span> -assert<span class="Delimiter">(</span>sizeof<span class="Delimiter">(</span>index_t<span class="Delimiter">)</span> == sizeof<span class="Delimiter">(</span>size_t<span class="Delimiter">));</span> </pre> </body> </html> |