[PATCH] D11948: Add some macros to abstract marking of parameters as "not null", and use them in <cstring>

[Dan Albert via cfe-commits]

>
> Would you be opposed to annotations that tell the programmer they have
> UB in their code, but *do not* effect the code generation?


Not on our end. This would be great.

On Tue, Aug 11, 2015 at 12:56 PM, Aaron Ballman via cfe-commits <
cfe-commits at lists.llvm.org> wrote:

> On Tue, Aug 11, 2015 at 3:32 PM, Joerg Sonnenberger via cfe-commits
> <cfe-commits at lists.llvm.org> wrote:
> > joerg added a comment.
> >
> > No, it doesn't. It tells the compiler that it is free to make such
> assumptions. Take a step back from the standard. Can you think of any
> reasonable and efficient implementation of memcpy and friends, which fails
> for size 0? Adding the annotations (whether here or in string.h)
> effectively changes the behavior of the program. It is behavior people have
> been expecting for two decades, even when C90 said something else. This is
> completely different from the warning annotations. I'm just waiting for
> some of the bigger projects like PostgreSQL to start getting annoyed enough
> to introduce sane_memcpy for this.
> > I can't speak for Linux distributions using glibc, but I find this kind
> of smoking gun completely unacceptable to force unconditionally on everyone.
>
> Would you be opposed to annotations that tell the programmer they have
> UB in their code, but *do not* effect the code generation?
>
> ~Aaron
> _______________________________________________
> cfe-commits mailing list
> cfe-commits at lists.llvm.org
> http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20150811/cc4e0573/attachment.html>