Message352792
> Real world example. _PyLong_Copy() [1] calls _PyLong_New() [2]. _PyLong_New() checks the size, so that overflow does not occur. This check is redundant when _PyLong_New() is called from _PyLong_Copy(). We could add a function that bypass that check, but in LTO build PyObject_MALLOC() is inlined into _PyLong_New() and it also checks the size. Adding Py_ASSUME((size_t)size <= MAX_LONG_DIGITS) allows to bypass both checks.
This sounds like a bad usage of __builtin_unreachable().
_PyLong_New() must always check that size <= MAX_LONG_DIGITS, the check must not be optimized by the compiler.
__builtin_unreachable() must only be used if the code really be reached by design.
For example:
if (...) { Py_FatalError("oops)"; __builtin_unreachable() }
But it's a bad example, since Py_FatalError is decorated with the "noreturn" attribute, so the compiler should already know that Py_FatalError() never returns. |
|
Date |
User |
Action |
Args |
2019-09-19 13:43:13 | vstinner | set | recipients:
+ vstinner, sir-sigurd |
2019-09-19 13:43:13 | vstinner | set | messageid: <1568900593.81.0.979375867421.issue38147@roundup.psfhosted.org> |
2019-09-19 13:43:13 | vstinner | link | issue38147 messages |
2019-09-19 13:43:13 | vstinner | create | |
|