This is the mail archive of the gcc@gcc.gnu.org mailing list for the GCC project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: memset zero bytes at NULL - isolate-erroneous-paths


On Mon, Nov 18, 2013 at 8:11 AM, Florian Weimer <fw@deneb.enyo.de> wrote:
> * Jeff Law:
>
>>> Is this new in C11?  Does it apply to functions such as strnlen as well?
>
>> No, it's C99 I think.  There was a clarification which came in after
>> C99 which clarified that even if the length is zero, the pointers must
>> still be valid.
>
> Okay, I found the language in sections 7.1.4 and 7.21.1 (thanks Marc).
>
> This is a bit unfortunate because it interoperates poorly with
> std::vector<T>::data(), which can return a null pointer if the vector
> is empty.

I'd say that turning memset (0, '\0', 0) into a trap is bad from a QOI
perspective.  Jeff, is there an easy way to avoid this?  Testcase:

void fn (void *addr, int a)
{
  if (a == 0)
    addr = (void *)0;
  __builtin_memset (addr, '\0', a);
}

I wonder where in isolate-paths you check for builtins at all?  ah,
it's probably from the nonnull attribute on memset.  Which also
means that trying to catch this case reliably isn't going to work
(you cannot prove the program has len == 0 in this case and
conditionally not trapping would somewhat defeat the purpose
of isolating this path)

Richard.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]