This is the mail archive of the
mailing list for the GCC project.
Re: Obscure crashes due to gcc 4.9 -O2 => -fisolate-erroneous-paths-dereference
- From: Jakub Jelinek <jakub at redhat dot com>
- To: Florian Weimer <fweimer at redhat dot com>
- Cc: Sandra Loosemore <sandra at codesourcery dot com>, Jeff Prothero <jprother at altera dot com>, gcc at gcc dot gnu dot org
- Date: Fri, 20 Feb 2015 13:10:14 +0100
- Subject: Re: Obscure crashes due to gcc 4.9 -O2 => -fisolate-erroneous-paths-dereference
- Authentication-results: sourceware.org; auth=none
- References: <pdf61azt48b dot fsf at sj-interactive3 dot altera dot com> <20150218192943 dot GR1746 at tucnak dot redhat dot com> <54E64DFF dot 8030100 at codesourcery dot com> <54E71534 dot 8070805 at redhat dot com>
- Reply-to: Jakub Jelinek <jakub at redhat dot com>
On Fri, Feb 20, 2015 at 12:06:28PM +0100, Florian Weimer wrote:
> On 02/19/2015 09:56 PM, Sandra Loosemore wrote:
> > Hmmmm, Passing the additional option in user code would be one thing,
> > but what about library code? E.g., using memcpy (either explicitly or
> > implicitly for a structure copy)?
> The memcpy problem isn't restricted to embedded architectures.
> size_t size;
> const unsigned char *source;
> std::vector<char> vec;
> memcpy(vec.data(), source, size);
> std::vector<T>::data() can return a null pointer if the vector is empty,
> which means that this code is invalid for empty inputs.
> I think the C standard is wrong here. We should extend it, as a QoI
> matter, and support null pointers for variable-length inputs and outputs
> if the size is 0. But I suspect this is still a minority view.
I disagree. If you want a function that will have that different property,
don't call it memcpy.