This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [patch] For BZ #17328, mark __errno_location with __attribute__((returns_nonnull)) for gcc >=4.9.0
- From: Zack Weinberg <zackw at panix dot com>
- To: Rich Felker <dalias at libc dot org>
- Cc: Paul Pluzhnikov <ppluzhnikov at gmail dot com>, GLIBC Devel <libc-alpha at sourceware dot org>
- Date: Mon, 2 Mar 2015 17:51:10 -0500
- Subject: Re: [patch] For BZ #17328, mark __errno_location with __attribute__((returns_nonnull)) for gcc >=4.9.0
- Authentication-results: sourceware.org; auth=none
- References: <CALoOobOuAEpw+zxRrrDyHB7UVbAZMzreXqpujzZOWNLS7+aRUA at mail dot gmail dot com> <20150301011753 dot GV23507 at brightrain dot aerifal dot cx> <CAPC3xapQBMH+DJdup2Y8_tt6xdcFAnQLB_K8VpT3ouCavvzXXA at mail dot gmail dot com> <CAKCAbMgyAEueVsYB=avfUg0pK49YiY-Qyi8w1qXvfTCzfPbUiQ at mail dot gmail dot com> <20150302223953 dot GB23507 at brightrain dot aerifal dot cx>
On Mon, Mar 2, 2015 at 5:39 PM, Rich Felker <dalias@libc.org> wrote:
> On Mon, Mar 02, 2015 at 05:23:58PM -0500, Zack Weinberg wrote:
>> My original motivation was to improve code generation with
>> -fsanitize=undefined, which, among other things, instruments *every
>> use of errno* with a check to ensure that the pointer returned by
>> __errno_location is non-null. For instance, the admittedly silly code
>
> This is indeed ugly, but I'm not necessarily convinced that improving
> code optimization with ubsan is a worthwhile use of human effort or
> code complexity. Anyone else have opinions on this?
For what it's worth, the hope was that ubsan would be sufficiently
accurate about its instrumentation that I could use it as a poor man's
tool for identifying places where the program couldn't be proven not
to have undefined behavior. In a real program that did a lot of
low-level work and therefore had to tweak errno all the time, though,
the noise level was just too high. I should probably suck it up and
learn how to use a proper correctness prover.
zw