Re: [patch] Use __builtin_FILE and __builtin_LINE in assert implementation in C++

public inbox for libc-alpha@sourceware.org
 help / color / mirror / Atom feed

From: Jonathan Wakely <jwakely@redhat.com>
To: Szabolcs Nagy <szabolcs.nagy@arm.com>
Cc: Florian Weimer <fweimer@redhat.com>,
	Rich Felker <dalias@libc.org>,
	 Paul Pluzhnikov via Libc-alpha <libc-alpha@sourceware.org>,
	Paul Pluzhnikov <ppluzhnikov@google.com>
Subject: Re: [patch] Use __builtin_FILE and __builtin_LINE in assert implementation in C++
Date: Tue, 24 Jan 2023 15:51:22 +0000	[thread overview]
Message-ID: <CACb0b4mOiRtajHKp=HeM4-pb=7=A0qtR0tnEX+9SqJ1ceMVfvQ@mail.gmail.com> (raw)
In-Reply-To: <Y8/0O3XmWK+GJkCG@arm.com>

On Tue, 24 Jan 2023 at 15:08, Szabolcs Nagy <szabolcs.nagy@arm.com> wrote:
>
> The 01/24/2023 12:17, Jonathan Wakely via Libc-alpha wrote:
> > On Tue, 24 Jan 2023 at 12:08, Florian Weimer <fweimer@redhat.com> wrote:
> > > There's also the issue that <cassert> is defined in terms of ISO C,
> > > and ISO C specifies that __FILE__ and __LINE__ must be used.  Is that
> > > another defect?  But maybe the difference is not observable because
> > > __FILE__ cannot be redefined?
> >
> > I don't think it's observable. C requires the text printed by a failed
> > assert to include "the values of the preprocessing macros __FILE__ and
> > __LINE__ " but it doesn't require the actual tokens to appear in the
> > definition. The built-ins do return "the values" of those macros, so
> > that seems OK to me.
>
> is that a real fix? the token sequence is the same in different
> TUs with the builtins but the actual printed path is different,
> so if the linker picks a definition at random then the produced
> binary is not deterministic.

In practice, that only happens if you copy & paste the inline function
definition so it appears in two different TUs. If the inline function
is defined in a header, as in 99.9% of cases, then __FILE__ and
__builtin_FILE() both give you the name of that header, and the
problem never happens anyway. If you do weird things (duplicating the
code so it appears in two separate TUs without being included by a
common header) and the inline function isn't inlined, then yes, some
calls might appear to come from the "other" definition, showing the
file and line number of that definition. C'est la vie.

> why is this better than just using __FILE__?

The version with __FILE__ has undefined behaviour, and might not even
compile in a strict implementation of C++20 modules.

The version with __builtin_FILE is valid C++, so required to compile.
You might still get non-deterministic output if you duplicate the code
(instead of defining it in a header), but that's also possible if you
have a function that prints the value of rand() in an assertion
message.

Valid code that has non-deterministic behaviour in weird use cases is
better than code that has undefined behaviour in those cases.

next prev parent reply	other threads:[~2023-01-24 15:51 UTC|newest]

Thread overview: 22+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-01-17 19:28 Paul Pluzhnikov
2023-01-23 14:26 ` Florian Weimer
2023-01-24 11:10   ` Rich Felker
2023-01-24 11:19     ` Rich Felker
2023-01-24 11:19     ` Florian Weimer
2023-01-24 11:23       ` Rich Felker
2023-01-24 11:53         ` Jonathan Wakely
2023-01-24 12:08           ` Florian Weimer
2023-01-24 12:17             ` Jonathan Wakely
2023-01-24 15:07               ` Szabolcs Nagy
2023-01-24 15:51                 ` Jonathan Wakely [this message]
2023-01-26 19:18                   ` Paul Pluzhnikov
2023-01-27 15:43                     ` Jonathan Wakely
2023-02-05 18:39                       ` Paul Pluzhnikov
2023-02-05 20:08                         ` Florian Weimer
2023-02-05 21:51                           ` Paul Pluzhnikov
2023-02-05 22:34                             ` Florian Weimer
2023-02-05 22:55                               ` Paul Pluzhnikov
2023-02-06  6:01                                 ` Florian Weimer
2023-02-06 16:25                                   ` Paul Pluzhnikov
2023-02-08 21:43                                     ` Paul Pluzhnikov
2023-01-25 20:50           ` Paul Pluzhnikov

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CACb0b4mOiRtajHKp=HeM4-pb=7=A0qtR0tnEX+9SqJ1ceMVfvQ@mail.gmail.com' \
    --to=jwakely@redhat.com \
    --cc=dalias@libc.org \
    --cc=fweimer@redhat.com \
    --cc=libc-alpha@sourceware.org \
    --cc=ppluzhnikov@google.com \
    --cc=szabolcs.nagy@arm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).