[PATCH] D86993: Document Clang's expectations of the C standard library.

Thu Jul 13 08:10:05 PDT 2023

aaron.ballman added a comment.

In D86993#4497851 <https://reviews.llvm.org/D86993#4497851>, @xbolva00 wrote:

> In D86993#4497744 <https://reviews.llvm.org/D86993#4497744>, @aaron.ballman wrote:
>
>> In D86993#4477744 <https://reviews.llvm.org/D86993#4477744>, @RalfJung wrote:
>>
>>> It would probably be worth including all string functions that take a length in such a DR. In Rust we are currently puzzling over whether calling 0-length `memcmp` on something like `(char*)42` is okay or not. If not we'd have to introduce a pretty pointless branch.
>>
>> I think the DR would be to change 7.1.4p1 where it currently says:
>>
>> If an argument to a function has an invalid value (such as a value outside the domain of the function, or a pointer outside the address space of the program, or a null pointer, or a pointer to non-modifiable storage when the corresponding parameter is not const-qualified) or a type (after default argument promotion) not expected by a function with a variable number of arguments, the behavior is undefined.
>>
>> "invalid value" includes null pointers and we may want to make a surgical repair to say something along the lines of "unless invalid value is a null pointer and the library function has a count parameter blah blah blah". Then we'd cover all the APIs taking a pointer and a count in one go, I believe.
>
> But not the case mentioned above, (char *)42. More like if size (count) parameter is zero, pointer arguments are not dereferenced?

Yeah, that's a good point.. I'm not certain how the committee might react to that. I think it might be an easier case for nullptr/0 than it is for invalid/0, but I do like the specification niceties that come along with "if count is zero, pointer is not dereferenced".

Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D86993/new/

https://reviews.llvm.org/D86993