This is the mail archive of the
mailing list for the glibc project.
Re: [PATCH B2/2] Use builtin_unreachable in assert
- From: Roland McGrath <roland at hack dot frob dot com>
- To: Richard Henderson <rth at twiddle dot net>
- Cc: libc-alpha at sourceware dot org
- Date: Mon, 2 Mar 2015 15:00:05 -0800 (PST)
- Subject: Re: [PATCH B2/2] Use builtin_unreachable in assert
- Authentication-results: sourceware.org; auth=none
- References: <1420827419-18655-1-git-send-email-rth at twiddle dot net> <1420827419-18655-3-git-send-email-rth at twiddle dot net> <20150302074325 dot GB8519 at vapier> <54F49B67 dot 3060908 at twiddle dot net>
> I wonder if, during the gcc 6 development cycle, we should experiment with a
> __builtin_side_effects_p, akin to __builtin_constant_p. Then we could still
> follow POSIX re no side effects but even in the external context provide the
> information derivable from __builtin_unreachable. I.e.
> #define assert(X) \
> (__builtin_side_effects_p (X) || !(X) ? 0 : __builtin_unreachable ())
It would be ideal to do this in a way that some new warning option or
fortify enablement or whatnot can give compile-time warnings about side
effects in assert expressions. How uselessly false-positivey that would be
depends on how much a particular codebase uses the style of data gathering
or consistency-checking function calls in assert expressions (i.e., things
that the compiler would consider to have side effects, perhaps even with
complete and perfect inlining, but the programmer reasonably considers to
have no actual semantic side effects).