On 04/27/2016 03:55 AM, Bernd Schmidt wrote:
On 04/26/2016 11:23 PM, Martin Sebor wrote:
The documentation for the new option implies that it should warn
for calls to memset where the third argument contains the number
of elements not multiplied by the element size. But in my (quick)
testing it only warns when the argument is a constant equal to
the number of elements and less than the size of the array. For
example, neither of the following is diagnosed:
int a [4];
__builtin_memset (a, 0, 2 + 2);
__builtin_memset (a, 0, 4 * 1);
__builtin_memset (a, 0, 3);
__builtin_memset (a, 0, 4 * sizeof a);
If it's possible and not too difficult, it would be nice if
the detection logic could be made a bit smarter to also diagnose
these less trivial cases (and matched the documented behavior).
I've thought about some of these cases. The problem is there are
legitimate cases of calling memset for only part of an array. I wanted
to start with something that is unlikely to give false positives.
So I wonder if what we really want is to track which bytes in the object
are set and which are not -- utilizing both memset and standard stores
and if the object as a whole is not initialized, then warn.
We've actually got a lot of the code that would be necessary to detect
this in tree DSE, with more coming in this stage1 as I extend it to
handle some missing cases.
Clearly a follow-up rather than a requirement for the current patch to
move forward.
Jeff
