https://gcc.gnu.org/bugzilla/show_bug.cgi?id=113878
--- Comment #8 from uecker at gcc dot gnu.org --- (In reply to Jakub Jelinek from comment #7) > (In reply to uecker from comment #6) > > My idea would be to explicitly add either traps or __builtin_unreachable > > whenever there is UB that can be checked for in the C FE, and not add > > sanitizer calls (that may return). Just a lightweight tool for safety that > > needs no run-time and and be activated in production because it is optimized > > well. > > Something that traps is -fsanitize=undefined -fsanitize-trap=undefined (or > selected sanitizers), that doesn't need any runtime. And it is still very > costly, it isn't lightweight, and it severely prevents optimizations. > Something that would add conditional __builtin_unreachable would be useless, > that is already implied from the operations. Sure, but -fsanitize=undefined -fsanitize-trap=undefined does optimize much worse than directly adding the overflow checks (as this and other examples show) and also sometimes does not have quite the ideal semantics because of upstream sanitizer library dependency. I wouldn't mind if it could be fixed but its complexity seems to make it unnecessary hard.
