memset with void pointer and zero length 
Author Message
 memset with void pointer and zero length

Is it safe to call memset with a null pointer if the count is zero?

--
#include <standard.disclaimer>
 _
Kevin D Quitt  USA 91351-4454           96.37% of all statistics are made up
Per the FCA, this email address may not be added to any commercial mail list
--



Sun, 20 Apr 2003 08:33:31 GMT  
 memset with void pointer and zero length

Quote:

>Is it safe to call memset with a null pointer if the count is zero?

7.11.6.1 ("The _memset_ function") says:

    void *memset(void *s, int c, size_t n);

    The _memset_ function copies the value of _c_ (converted
    to an _unsigned char_) into each of the first _n_ characters
    of the object pointed to by _s_.
       ^^^^^^^^^^^^^^^^^^^^^^^^^^^^

By my interpretation, this implies that "s points to an object"
is a precondition of calling 'memset(s,c,n)'.  This would rule
out passing NULL as the first argument to _memset_, since NULL
does not point to any object.

But may I ask:  Why do you care?  I'm only aware of a _very_ few
circumstances in which memset() is actually useful (and none
of them involve a condition in which _s_ == NULL is possible).
Just curious,

--Joe English


--



Tue, 22 Apr 2003 03:54:18 GMT  
 memset with void pointer and zero length


Quote:
>Is it safe to call memset with a null pointer if the count is zero?

I vote "yes", but it's difficult for me to find a strong justification
for this.

Section 7.21.6.1 of ISO/IEC 9899:1999 (the C99 standard) says

    void *memset(void *s, int c, size_t n);
    The memset function copies the value of c (converted to an
    unsigned char) into each of the first n characters of the object
    pointed to by s.

I argue thusly:  if I call memset with n=0, it must behave as if it
modified no characters at the destination.  Since the only way for it
to behave as if it modified no characters is for it not to write to
the object pointed to by s, it is safe to call memset with any address
whatsoever so long as n=NULL.

I'm open to counter-arguments, however.

-andy
--



Tue, 22 Apr 2003 03:55:13 GMT  
 memset with void pointer and zero length

wrote in comp.lang.c.moderated:

Quote:
> Is it safe to call memset with a null pointer if the count is zero?

> --
> #include <standard.disclaimer>
>  _
> Kevin D Quitt  USA 91351-4454           96.37% of all statistics are made up
> Per the FCA, this email address may not be added to any commercial mail list

No:

       7.21  String handling <string.h>

       7.21.1  String function conventions

       [#1] The header <string.h> declares  one  type  and  several
       functions,  and  defines  one  macro useful for manipulating
       arrays of character type and other objects treated as arrays
       of  character type.259)  The type is size_t and the macro is
       NULL (both described in 7.17).  Various methods are used for
       determining  the  lengths  of the arrays, but in all cases a
       char * or void * argument  points  to  the  initial  (lowest
       addressed)  character of the array.  If an array is accessed
       beyond the end of an object, the behavior is undefined.

       [#2] Where an argument declared as size_t  n  specifies  the
       length  of  the  array  for a function, n can have the value
       zero on a call to that function.  Unless  explicitly  stated
       otherwise  in  the  description  of a particular function in
       this subclause, pointer arguments on such a call shall still
       have valid values, as described in 7.1.4.  On such a call, a
       function that locates a character  finds  no  occurrence,  a
       function that compares two character sequences returns zero,
       and  a  function  that   copies   characters   copies   zero
       characters.

Note the second sentence in paragraph 2.  There is no such "explicitly
stated" exception in the definition memset, so the behavior is
explicitly undefined by:

       7.1.4  Use of library functions

       [#1]  Each  of  the  following  statements  applies   unless
       explicitly  stated  otherwise  in  the detailed descriptions
       that follow: If an argument to a  function  has  an  invalid
       value  (such  as a value outside the domain of the function,
       or a pointer outside the address space of the program, or  a
       null  pointer,  or  a pointer to non-modifiable storage when
       the corresponding parameter is  not  const-qualified)  or  a
       type  (after  promotion)  not  expected  by  a function with
       variable number of arguments, the behavior is undefined.

The quotes are from C99, but the meaning is unchanged from ANSI C89
and ISO C90.

Jack Klein
--
Home: http://jackklein.home.att.net
--



Tue, 22 Apr 2003 04:04:00 GMT  
 memset with void pointer and zero length
Quote:

> Is it safe to call memset with a null pointer if the count is zero?

Perphaps. memset is often replaced with a specialized machinecode
instruction for your special cpu. These won't probably try to access
adress null either, since the count is zero, but there is the improbable
thing that: a) the implementation will decrease the count first, so the
memset will try to set 2^16-1 or 2^32-1 bytes, b) the adress is pushed
into a spezialized cpu register that will cause a GPF if it gets a null.
Otherwise, I'd say it works on modern hardware, but don't roll it into
a library that may get called by some weird piece of code - library
function should always sanity check the arguments, and pointernull and
sizenull is just that.

Has anyone an example where a) or b) did occur?

bye
-- guido
--



Tue, 22 Apr 2003 04:16:42 GMT  
 memset with void pointer and zero length

Quote:
>Is it safe to call memset with a null pointer if the count is zero?

it is with the bcpp55 libraries, and i suppose it would be in most
implementations, as it seems logical to evaluate the counter before
writing to memory.
but you never know.

why, anyway? :)

jon svendsen
--



Tue, 22 Apr 2003 04:19:37 GMT  
 memset with void pointer and zero length

Quote:

> Is it safe to call memset with a null pointer if the count is zero?

No, not according to the C standard.
--



Tue, 22 Apr 2003 04:20:24 GMT  
 memset with void pointer and zero length
Thank you - I had missed that reference.

As to why I'd want to - I don't.  I'm looking at a third-party library
that has some annoying code snippets in it (call a function that does the
malloc and returns the size, do the memset, then check for NULL pointer)
(use memcpy instead of memmove), and I'm just wondering whether I should
bother going through and fixing all of them.

--
#include <standard.disclaimer>
 _
Kevin D Quitt  USA 91351-4454           96.37% of all statistics are made up
Per the FCA, this email address may not be added to any commercial mail list
--



Tue, 22 Apr 2003 03:00:00 GMT  
 memset with void pointer and zero length

wrote in comp.lang.c.moderated:

Quote:
> Thank you - I had missed that reference.

> As to why I'd want to - I don't.  I'm looking at a third-party library
> that has some annoying code snippets in it (call a function that does the
> malloc and returns the size, do the memset, then check for NULL pointer)
> (use memcpy instead of memmove), and I'm just wondering whether I should
> bother going through and fixing all of them.

Having inherited a lot of bad code in my time, I would say... it
depends.

If you need this code to be portable (even to the next version of the
same compiler) I would probably fix it if it were me.

On the other hand, if the compiler brand and version is frozen forever
for the project (happens in embedded systems, at least), you never
plan on using this code again, there is a lot of this nonsense, and
there are a zillion (all right, LLONG_MAX) other things on your
schedule, you might just walk through the compiler's implementation of
memset() and verify that it safely does nothing, and just leave it be.

But if you do the latter, put LOTS of comments around it to perhaps
spare someone else a lot of grief someday.

<OT>

Want to help with the hideous PL/M I just inherited myself?

</OT>

Jack Klein
--
Home: http://jackklein.home.att.net
--



Sat, 26 Apr 2003 14:07:41 GMT  
 memset with void pointer and zero length


Quote:

>> Is it safe to call memset with a null pointer if the count is zero?
>Perphaps. memset is often replaced with a specialized machinecode
>instruction for your special cpu. These won't probably try to access
>adress null either, since the count is zero, but there is the improbable
>thing that: a) the implementation will decrease the count first, so the
>memset will try to set 2^16-1 or 2^32-1 bytes, b) the adress is pushed

<snip>

Quote:
>Has anyone an example where a) or b) did occur?

I know of processors which have repeat instructions that repeat cause
the next instruction to repeat 1 or more times (a value of 0 means
execute once, max unsigned repeats max unsigned + 1 times).

Without the libraries for these processors (I no longer work on them)
I cannot verify the library, but I would not be surprised to see the
following implemented:
  decrement count by 1 /* from 0 to max unsigned */
  load count into repeat count register /* ready to repeat max
unsigned+1 times */
  repeat instruction to store value /* wipe the entire RAM! */

However this would not meet the required behaviour as defined below,
so the code would have to trap a count of zero first for the library
to conform.

       7.21  String handling <string.h>

       7.21.1  String function conventions

       [#1] The header <string.h> declares  one  type  and  several
       functions,  and  defines  one  macro useful for manipulating
       arrays of character type and other objects treated as arrays
       of  character type.259)  The type is size_t and the macro is
       NULL (both described in 7.17).  Various methods are used for
       determining  the  lengths  of the arrays, but in all cases a
       char * or void * argument  points  to  the  initial  (lowest
       addressed)  character of the array.  If an array is accessed
       beyond the end of an object, the behaviour is undefined.
--
Mark Gordon
Dyslexic C Programmer,
At least the compiler ensures I spell variable names consistently wrong.
For a faster email response replace spamtrap with mark.gordon
--



Tue, 29 Apr 2003 03:00:00 GMT  
 
 [ 10 post ] 

 Relevant Pages 

1. Zero-length strings in marshaled arrays

2. bsearch, qsort with zero length lists

3. ANSI, Zero Length Array

4. : Zero-length array?

5. Zero length string after fgets?

6. Zero Length Arrays Allowed in C Standard?

7. making bit field with union: error zero length?

8. missing struct vs zero length struct?

9. zero length array

10. zero-length arrays

11. Allow Zero Length Text Fields In Access

12. void pointer (void *) : how to determine type?

 

 
Powered by phpBB® Forum Software