[libcxx-commits] [libcxx] [libc++][hardening] Don't trigger redundant checks in the fast mode. (PR #77176)
Louis Dionne via libcxx-commits
libcxx-commits at lists.llvm.org
Tue Jan 9 13:29:22 PST 2024
================
@@ -290,6 +290,18 @@
// user input.
//
// - `_LIBCPP_ASSERT_UNCATEGORIZED` -- for assertions that haven't been properly classified yet.
+//
+// In addition to these categories, `_LIBCPP_REDUNDANT_ASSERTION` should be used to wrap assertions that duplicate other
+// assertions (for example, a range view might check that its `optional` data member holds a value before dereferencing
+// it, but this is already checked by `optional` itself). Redundant assertions incur an additional performance overhead
+// and don't provide any extra security benefit, but catching an error earlier allows halting the program closer to the
+// root cause and giving the user an error message that contains more context. Due to these tradeoffs, redundant
+// assertions are disabled in the fast mode but are enabled in the extensive mode and above. Thus, going back to the
+// example above, if a view attempts to dereference an empty optional member variable:
----------------
ldionne wrote:
```suggestion
// example above, the view should wrap its check for the empty optional member in `_LIBCPP_REDUNDANT_ASSERTION`. Then:
```
https://github.com/llvm/llvm-project/pull/77176
More information about the libcxx-commits
mailing list