This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [RFC PATCH] -Wmemset-transposed-args (PR middle-end/61294)
- From: "Carlos O'Donell" <carlos at redhat dot com>
- To: Jakub Jelinek <jakub at redhat dot com>, "Joseph S. Myers" <joseph at codesourcery dot com>, Jason Merrill <jason at redhat dot com>, Siddhesh Poyarekar <siddhesh at redhat dot com>
- Cc: gcc-patches at gcc dot gnu dot org, libc-alpha at sourceware dot org
- Date: Tue, 08 Jul 2014 15:34:15 -0400
- Subject: Re: [RFC PATCH] -Wmemset-transposed-args (PR middle-end/61294)
- Authentication-results: sourceware.org; auth=none
- References: <20140708125017 dot GN31640 at tucnak dot redhat dot com>
On 07/08/2014 08:50 AM, Jakub Jelinek wrote:
> Hi!
>
> This is an attempt to move the warning about transposed memset arguments
> from the glibc headers to gcc FEs. The problem with the warning in glibc
> is that it uses __builtin_constant_p and e.g. jump threading very often
> makes the warning trigger even on code where it is very unlikely a user
> swapped arguments. See e.g.
> https://gcc.gnu.org/PR51744
> https://gcc.gnu.org/PR56977
> https://gcc.gnu.org/PR61294
> https://bugzilla.redhat.com/452219
> https://bugs.kde.org/show_bug.cgi?id=311098
> https://bugzilla.mozilla.org/show_bug.cgi?id=581227
> and many others. Thus, I'd like to warn in the FEs instead, and
> once we have a GCC release with that warning in, disable the glibc
> bits/string3.h:
> if (__builtin_constant_p (__len) && __len == 0
> && (!__builtin_constant_p (__ch) || __ch != 0))
> {
> __warn_memset_zero_len ();
> return __dest;
> }
> warning for GCC versions with that new warning in.
>
> Any thoughts on this?
>
> If you are ok with it, either we can add it only for 4.10/5.0 and
> later only, or perhaps 4.9.2 too, or even 4.9.1. For -D_FORTIFY_SOURCE=2
> built code with glibc it shouldn't make a difference (other than having
> fewer false positives), but for other non-fortified -Wall compilation
> it would make a difference (introducing new warnings), so perhaps
> doing it only for 4.10/5.0+ is best.
This seems like a sensible solution to fixing the false positives
caused by jump threading (I haven't looked into that in detail,
just briefly).
I would prefer we enable this for 4.10/5.0+ if only to avoid the
fallout (new warnings) that would happen for the distributions.
We can fix the glibc header once the fix is in gcc, unless someone
objects to the fix itself.
Cheers,
Carlos.