STINNER Victor <[email protected]> added the comment:
> Real world example. _PyLong_Copy() [1] calls _PyLong_New() [2]. _PyLong_New()
> checks the size, so that overflow does not occur. This check is redundant
> when _PyLong_New() is called from _PyLong_Copy(). We could add a function
> that bypass that check, but in LTO build PyObject_MALLOC() is inlined into
> _PyLong_New() and it also checks the size. Adding Py_ASSUME((size_t)size <=
> MAX_LONG_DIGITS) allows to bypass both checks.
This sounds like a bad usage of __builtin_unreachable().
_PyLong_New() must always check that size <= MAX_LONG_DIGITS, the check must
not be optimized by the compiler.
__builtin_unreachable() must only be used if the code really be reached by
design.
For example:
if (...) { Py_FatalError("oops)"; __builtin_unreachable() }
But it's a bad example, since Py_FatalError is decorated with the "noreturn"
attribute, so the compiler should already know that Py_FatalError() never
returns.
----------
nosy: +vstinner
_______________________________________
Python tracker <[email protected]>
<https://bugs.python.org/issue38147>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe:
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
