On Tue, Nov 01, 2016 at 08:55:03PM -0600, Martin Sebor wrote:
> struct S {
> int a, b, c, d;
> };
>
> #define bos(p, t) __builtin_object_size (p, t)
> #define memset0(p, i, n) __builtin___memset_chk (p, i, n, bos (p, 0))
> #define memset1(p, i, n) __builtin___memset_chk (p, i, n, bos (p, 1))
>
> void f0 (struct S *s)
> {
> memset0 (&s->d, 0, 1024); // no warning here (bos 0)
> }
But we do not want the warning here, there is nothing wrong on it.
The caller may be
void
bar (void)
{
struct T { struct S header; char payload[1024 - offsetof (struct S, d)]; } t;
initialize (&t);
f0 (&t.header);
}
and the callee might rely on that. Using some header structure at the
beginning and then conditionally on fields in that structure various
payloads occurs in many projects, starting with glibc, gcc, Linux kernel,
... The warning really must not be detached from reality.
If you want a warning for suspicious calls, sure, but
1) it has to be clearly worded significantly differently from how do you
word it, so that users really understand you are warning about
suspicious code (though, I really believe it is very common and there
is really nothing the users can do about it)
2) it really shouldn't be enabled in -Wall, and I think not even in -Wextra
Jakub
