[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: memset bugs.



On 11/25/2009 02:03 PM, Dave Jones wrote:
On Wed, Nov 25, 2009 at 01:58:38PM -0500, Jakub Jelinek wrote:

  >  glibc headers warn about this (when -D_FORTIFY_SOURCE=2), so a faster way
  >  would be just grep through all packages' build.log files (preferrably on the
  >  box where they are stored to avoid downloading it all).

Can we make it fail the build instead of warning ?
A zero sized memset is always a bug.

No, memset(,,0) is not always a bug.  A null region is not automatically a bug.
Here is one example:

    struct Foo {
        long x;
        char hole[8 - sizeof(long)];
    } foo;

    memset(&foo.hole, 0, sizeof(foo.hole));

On a LP64-bit machine such as x86_64, this is memset(&foo.hole, 0, 0),
which is *NOT* a bug.

Perhaps the best that can be expected is for the compiler to warn
if _builtin_memset has a third argument which is known to be a compile-time
constant zero.  But such a warning must be optional, for there are
legitimate use cases.  Also, if the second argument to _builtin_memset
is a compile-time constant which cannot be represented in one byte
(considering both signed and unsigned cases) then another optional warning
may be appropriate.

--


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]