About some bugs
Walter Bright
newshound2 at digitalmars.com
Tue Jan 4 11:34:12 PST 2011
bearophile wrote:
> I have studied more Linux bugs.
>
> ----------------
>
> An example of bug (more than 14 like this fixed in few years):
>
> - memset(pp, 0, sizeof(pp)); + memset(pp, 0, sizeof(*pp));
>
> - memcpy((caddr_t)TstSchedTbl, (caddr_t)&vcIndex,sizeof(TstSchedTbl));
> + memcpy((caddr_t)TstSchedTbl, (caddr_t)&vcIndex,
> sizeof(*TstSchedTbl));
>
> Here the type system knows that pp is a pointer. sizeof(pp) is typically a
> word, while the correct sizeof(*pp) is often larger. A simple way to avoid
> this bug in D is to use a zerioing template function, something like
> (untested) (in GNU C there is a way to write a similar macro, I don't know
> why they don't use it, even if it's a bit less safe and much less nice
> looking):
>
> void zeroit(T)(T* ptr) if (!IsPointer!T) { memset(ptr, 0, (*ptr).sizeof); }
>
> Standard safer wrappers for some C functions may help low-level D coding.
>
> If you don't want to use a zeroit() then a type system able to catch such
> bugs needs some nice annotations...
In D:
pp[] = 0;
or:
pp = typeof(pp).init;
etc.
> In this post I don't see any little rule worth adding to the D compiler.
Many of them are dealt with with D's scope guard, RIAA, and garbage collection
support.
More information about the Digitalmars-d
mailing list