On Wed, 10 Nov 2010, Vasiliy Kulikov wrote: > On Wed, Nov 10, 2010 at 17:07 +0100, Julia Lawall wrote: > > > > > But it is impossible to differ wrong type passing to memset: > > > > > > > > > > struct X *ll; > > > > > memset(ll, 0, sizeof(*ll)); > > > > > > > > > > vs. > > > > > > > > > > struct X *ll; /* l + l */ > > > > > struct Y *l1; /* l + 1 (number one) */ > > > > > memset(ll, 0, sizeof(*l1)); > > > > > > > > OK, I guess. But perhaps the above code would be wrong even if both ll > > > > and l1 had type struct X *? > > > > > > OK, assume that ll is initialized :) > > > > I still don't get the point. > > This code should memset struct by pointer to the struct with invalid > size (not the size of the ll struct, but any other wrong size). If cocci > knows the argument of sizeof() then it is able to detect this mistake. > > Also IIRC I saw script in your samples like this one: > > @@ > type T; > T x; > expression E; > @@ > > -memset(x, E, sizeof(T)); > +memset(x, E, sizeof(*T)); > > > This change will break this script.
I don't mean that it doesn't know anything at all about the argument of sizeof, just that it doesn't know the type of the subexpressions. In this script, T is an explicit type (although *T doesn't look right to me, but the script was probably something similar). julia _______________________________________________ Cocci mailing list [email protected] http://lists.diku.dk/mailman/listinfo/cocci (Web access from inside DIKUs LAN only)
