This is the mail archive of the gcc-patches@gcc.gnu.org mailing list for the GCC project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [PATCH] warn on mem calls modifying objects of non-trivial types (PR 80560)

From: Pedro Alves <palves at redhat dot com>
To: Jason Merrill <jason at redhat dot com>, Martin Sebor <msebor at gmail dot com>
Cc: Gcc Patch List <gcc-patches at gcc dot gnu dot org>
Date: Tue, 16 May 2017 23:48:36 +0100
Subject: Re: [PATCH] warn on mem calls modifying objects of non-trivial types (PR 80560)
Authentication-results: sourceware.org; auth=none
References: <b729a519-fdef-1ad7-3e33-4b3d451d1a1a@gmail.com> <656ca1db-1082-b1ed-a911-ba7bf48f09c0@redhat.com> <ff1cdad8-ee13-1bd4-5d2a-cc1306abc8b2@gmail.com> <CADzB+2=O4oFJazNaGN_Qxas9SBE1phBKL8yKpSA=g+Y3bbEnsA@mail.gmail.com>

On 05/16/2017 08:41 PM, Jason Merrill wrote:

> I agree that it makes sense to
> check for a trivial assignment operator specifically.  I guess we want
> a slightly stronger "trivially copyable" that also requires a
> non-deleted assignment operator.
> 
> It seems to me that the relevant tests are:
> 
> bcopy/memcpy/memmove want trivally copyable + non-deleted assignment.
> bzero/memset want trivial + non-deleted assignment.
> 
> I'm still not convinced we need to consider standard-layout at all.

What do you think of warning for memset of types with references?  Since NULL
references are undefined behavior (N4659, [dcl.ref]/5), IMHO such code is quite
smelly and most likely a sign of incomplete refactoring, not design.

(My original intention for poisoning memset of standard-layout type in gdb was
mainly as proxy/approximation for "type with references".  Other properties
that make a type non-standard-layout are not as interesting to me.)

While at it, maybe the same reasoning would justify warn of memcpy/memset
of types with const data members?  memcpy of such types kind of sounds like a
recipe for subtle breakage that could only be salvaged with std::launder.
And if you know about that, you'll probably be copying objects of type T
to/from raw byte/char storage, not to/from another T.

Actually, now that I look at Martin's new patch, I see he's already warning
about const data members and references, both memcpy and memset.  I'm not
super convinced on warning about memcpy of references (unlike memset), but
I don't feel strongly against it either.  I'd be fine (FWIW) with giving it a
try and see what breaks out there.

> +Wnon-trivial-memaccess
> +C++ ObjC++ Var(warn_nontrival_memaccess) Warning LangEnabledBy(C++ ObjC++, Wall)
> +Warn for raw memory writes to objects of non-trivial types.

May I suggest renaming the warning (and the description above) from
-Wnon-trivial-memaccess to something else that avoids "trivial" in
its name?  Because it's no longer strictly about "trivial" in the
standard C++ sense.  The documentation talks about "The safe way",
and "does not warn on safe calls", so maybe call it -Wunsafe-memaccess?

(I spotted a couple typos in the new patch: "otherwse", "becase", btw.)

Thanks,
Pedro Alves

Follow-Ups:
- Re: [PATCH] warn on mem calls modifying objects of non-trivial types (PR 80560)
  - From: Martin Sebor

References:
- Re: [PATCH] warn on mem calls modifying objects of non-trivial types (PR 80560)
  - From: Martin Sebor
- Re: [PATCH] warn on mem calls modifying objects of non-trivial types (PR 80560)
  - From: Jason Merrill

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]