Re: std::string add nullptr attribute

[Jonny Grant <jg@jguk.org>]

On 20/02/2023 11:28, Segher Boessenkool wrote:
> On Mon, Feb 20, 2023 at 12:18:36PM +0100, Marc Glisse via Gcc-help wrote:
>> On Mon, 20 Feb 2023, Gabriel Ravier via Gcc-help wrote:
>>
>>> This is the kind of thing that makes me wonder why there isn't some kind 
>>> of `__builtin_unreachable_do_not_optimize()` builtin that allows one to 
>>> mark places in code that should never be reached and should thus be warned 
>>> about if such a thing happens while at the same time never doing any 
>>> optimization on the basis of the presence of the call.
>>
>> -fsanitize=unreachable -fsanitize=null and others prevent the kind of 
>> optimization you are worried about.
> 
> Or even just __builtin_trap(), or abort(), or similar.  Just a printf()
> thing if you really want to just warn.

__builtin_trap() gets compiled so there isn't a symbol (unless I wrap it)

        pushq   %rbp
        movq    %rsp, %rbp
        ud2


I made an example which does create a string with the file and line number (which would aid checking assembler output for null dereference issues), but oddly the optimizer doesn't remove the string, as that code is never reached.  I'm probably misunderstanding I guess.

.LC0:
        .string "/app/example.cpp:8"

https://godbolt.org/z/Yzqb5ov6M

#define xto_str(s) to_str(s)
#define to_str(s) #s

void f(const char * str)
{
    if(nullptr == str)
    {
        __builtin_printf(__FILE__ ":" xto_str(__LINE__));
    }

    __builtin_printf("%c", str[0]);
}

int main()
{
    const char * a = "a";
    f(a);
}



> 
> "Never doing any optimisation" based on <anything> is of course not a
> reasonable expectation; but you *can* ask for reachable code not to be
> optimised away.  This is the default, just don't mark reachable code as
> unreachable :-)
> 
> 
> Segher