memset bugs.
John Reiser
jreiser at bitwagon.com
Thu Nov 26 03:30:01 UTC 2009
On 11/25/2009 02:03 PM, Dave Jones wrote:
> On Wed, Nov 25, 2009 at 01:58:38PM -0500, Jakub Jelinek wrote:
> > glibc headers warn about this (when -D_FORTIFY_SOURCE=2), so a faster way
> > would be just grep through all packages' build.log files (preferrably on the
> > box where they are stored to avoid downloading it all).
>
> Can we make it fail the build instead of warning ?
> A zero sized memset is always a bug.
No, memset(,,0) is not always a bug. A null region is not automatically a bug.
Here is one example:
struct Foo {
long x;
char hole[8 - sizeof(long)];
} foo;
memset(&foo.hole, 0, sizeof(foo.hole));
On a LP64-bit machine such as x86_64, this is memset(&foo.hole, 0, 0),
which is *NOT* a bug.
Perhaps the best that can be expected is for the compiler to warn
if _builtin_memset has a third argument which is known to be a compile-time
constant zero. But such a warning must be optional, for there are
legitimate use cases. Also, if the second argument to _builtin_memset
is a compile-time constant which cannot be represented in one byte
(considering both signed and unsigned cases) then another optional warning
may be appropriate.
--
More information about the fedora-devel-list
mailing list