* posix/bits/unistd.h: Avoid calling __*_chk variants if we can

determine the call will never trigger a failure.

	* sysdeps/i386/i686/memset_chk.S: Remove alias and warning.
	* sysdeps/x86_64/memset_chk.S: Likewise.

2005-02-24  Roland McGrath  <roland@redhat.com>

	* debug/Versions (libc: GLIBC_2.4): Remove
	__memset_zero_constant_len_parameter.
	* sysdeps/generic/memset_chk.c: Remove alias and warning.
	* misc/sys/cdefs.h (__warndecl): New macro.
	* debug/warning-nop.c: New file.
	* string/bits/string3.h (memset): Call __warn_memset_zero_len with no
	arguments, instead of calling __memset_zero_constant_len_parameter.
	Use __warndecl for __warn_memset_zero_len.
	* debug/Makefile (routines): Add $(static-only-routines).
	(static-only-routines): New variable.

ChangeLog

@@ -1,3 +1,24 @@
+2005-02-28  Ulrich Drepper  <drepper@redhat.com>
+
+	* posix/bits/unistd.h: Avoid calling __*_chk variants if we can
+	determine the call will never trigger a failure.
+
+	* sysdeps/i386/i686/memset_chk.S: Remove alias and warning.
+	* sysdeps/x86_64/memset_chk.S: Likewise.
+
+2005-02-24  Roland McGrath  <roland@redhat.com>
+
+	* debug/Versions (libc: GLIBC_2.4): Remove
+	__memset_zero_constant_len_parameter.
+	* sysdeps/generic/memset_chk.c: Remove alias and warning.
+	* misc/sys/cdefs.h (__warndecl): New macro.
+	* debug/warning-nop.c: New file.
+	* string/bits/string3.h (memset): Call __warn_memset_zero_len with no
+	arguments, instead of calling __memset_zero_constant_len_parameter.
+	Use __warndecl for __warn_memset_zero_len.
+	* debug/Makefile (routines): Add $(static-only-routines).
+	(static-only-routines): New variable.
+
 2005-02-27  Ulrich Drepper  <drepper@redhat.com>
 
 	* po/tr.po: Update from translation team.

debug/Makefile

@@ -24,14 +24,16 @@ subdir	:= debug
 headers	:= execinfo.h
 distribute = sigcontextinfo.h register-dump.h frame.h
 
-routines := backtrace backtracesyms backtracesymsfd noophooks \
+routines  = backtrace backtracesyms backtracesymsfd noophooks \
 	    memcpy_chk memmove_chk mempcpy_chk memset_chk stpcpy_chk \
 	    strcat_chk strcpy_chk strncat_chk strncpy_chk \
 	    sprintf_chk vsprintf_chk snprintf_chk vsnprintf_chk \
 	    printf_chk fprintf_chk vprintf_chk vfprintf_chk \
 	    gets_chk chk_fail readonly-area fgets_chk fgets_u_chk \
 	    read_chk pread_chk pread64_chk recv_chk recvfrom_chk \
-	    readlink_chk getwd_chk getcwd_chk
+	    readlink_chk getwd_chk getcwd_chk \
+	    $(static-only-routines)
+static-only-routines := warning-nop
 
 CFLAGS-backtrace.c = -fno-omit-frame-pointer
 CFLAGS-sprintf_chk.c = -D_IO_MTSAFE_IO

debug/Versions

@@ -22,7 +22,6 @@ libc {
     __fgets_chk; __fgets_unlocked_chk;
     __read_chk; __pread_chk; __pread64_chk;
     __readlink_chk; __getcwd_chk; __getwd_chk;
-    __memset_zero_constant_len_parameter;
     __recv_chk; __recvfrom_chk;
   }
 }

debug/pread_chk.c

@@ -23,11 +23,8 @@
 ssize_t
 __pread_chk (int fd, void *buf, size_t nbytes, off_t offset, size_t buflen)
 {
-  /* In case NBYTES is greater than BUFLEN, we read BUFLEN+1 bytes.
-     This might overflow the buffer but the damage is reduced to just
-     one byte.  And the program will terminate right away.  */
-  ssize_t n = __pread (fd, buf, offset, MIN (nbytes, buflen + 1));
-  if (n > 0 && (size_t) n > buflen)
+  if (nbytes > buflen)
     __chk_fail ();
-  return n;
+
+  return __pread (fd, buf, offset, MIN (nbytes, buflen + 1));
 }

debug/read_chk.c

@@ -27,15 +27,12 @@
 ssize_t
 __read_chk (int fd, void *buf, size_t nbytes, size_t buflen)
 {
-  /* In case NBYTES is greater than BUFLEN, we read BUFLEN+1 bytes.
-     This might overflow the buffer but the damage is reduced to just
-     one byte.  And the program will terminate right away.  */
-#ifdef HAVE_INLINED_SYSCALLS
-  ssize_t n = INLINE_SYSCALL (read, 3, fd, buf, MIN (nbytes, buflen + 1));
-#else
-  ssize_t n = __read (fd, buf, MIN (nbytes, buflen + 1));
-#endif
-  if (n > 0 && (size_t) n > buflen)
+  if (nbytes > buflen)
     __chk_fail ();
-  return n;
+
+#ifdef HAVE_INLINED_SYSCALLS
+  return = INLINE_SYSCALL (read, 3, fd, buf, nbytes);
+#else
+  return = __read (fd, buf, nbytes);
+#endif
 }

debug/warning-nop.c

@@ -0,0 +1,38 @@
+/* Dummy nop functions to elicit link-time warnings.
+   Copyright (C) 2005 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, write to the Free
+   Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+   02111-1307 USA.  */
+
+#include <sys/cdefs.h>
+
+void __nop (void)
+{
+}
+
+/* Don't insert any other #include's before this #undef!  */
+
+#undef __warndecl
+#define __warndecl(name, msg) \
+  strong_alias (__nop, name) link_warning (name, msg)
+
+#undef	__USE_FORTIFY_LEVEL
+#define __USE_FORTIFY_LEVEL 99
+
+/* Following here we need an #include for each public header file
+   that uses __warndecl.  */
+
+#include <string.h>

misc/sys/cdefs.h

@@ -130,6 +130,7 @@
 /* Fortify support.  */
 #define __bos(ptr) __builtin_object_size (ptr, __USE_FORTIFY_LEVEL > 1)
 #define __bos0(ptr) __builtin_object_size (ptr, 0)
+#define __warndecl(name, msg) extern void name (void)
 
 
 /* Support for flexible arrays.  */

posix/bits/unistd.h

@@ -25,6 +25,7 @@ extern ssize_t __read_chk (int __fd, void *__buf, size_t __nbytes,
 			   size_t __buflen) __wur;
 #define read(fd, buf, nbytes) \
   (__bos (buf) != (size_t) -1						      \
+   && (!__builtin_constant_p (nbytes) || (nbytes) > __bos (buf))	      \
    ? __read_chk (fd, buf, nbytes, __bos (buf))				      \
    : read (fd, buf, nbytes))
 
@@ -36,11 +37,13 @@ extern ssize_t __pread64_chk (int __fd, void *__buf, size_t __nbytes,
 # ifndef __USE_FILE_OFFSET64
 #  define pread(fd, buf, nbytes, offset) \
   (__bos (buf) != (size_t) -1						      \
+   && (!__builtin_constant_p (nbytes) || (nbytes) > __bos (buf))	      \
    ? __pread64_chk (fd, buf, nbytes, offset, __bos (buf))		      \
    : pread (fd, buf, offset, nbytes))
 # else
 #  define pread(fd, buf, nbytes, offset) \
   (__bos (buf) != (size_t) -1						      \
+   && (!__builtin_constant_p (nbytes) || (nbytes) > __bos (buf))	      \
    ? __pread_chk (fd, buf, nbytes, offset, __bos (buf))			      \
    : pread (fd, buf, offset, nbytes))
 # endif
@@ -48,6 +51,7 @@ extern ssize_t __pread64_chk (int __fd, void *__buf, size_t __nbytes,
 # ifdef __USE_LARGEFILE64
 #  define pread64(fd, buf, nbytes, offset) \
   (__bos (buf) != (size_t) -1						      \
+   && (!__builtin_constant_p (nbytes) || (nbytes) > __bos (buf))	      \
    ? __pread64_chk (fd, buf, nbytes, offset, __bos (buf))		      \
    : pread64 (fd, buf, offset, nbytes))
 # endif
@@ -60,6 +64,7 @@ extern int __readlink_chk (__const char *__restrict __path,
      __THROW __nonnull ((1, 2)) __wur;
 # define readlink(path, buf, len) \
   (__bos (buf) != (size_t) -1						      \
+   && (!__builtin_constant_p (len) || (len) > __bos (buf))		      \
    ? __readlink_chk (path, buf, len, __bos (buf))			      \
    : readlink (path, buf, len))
 #endif
@@ -68,6 +73,7 @@ extern char *__getcwd_chk (char *__buf, size_t __size, size_t __buflen)
      __THROW __wur;
 #define getcwd(buf, size) \
   (__bos (buf) != (size_t) -1						      \
+   && (!__builtin_constant_p (size) || (size) > __bos (buf))		      \
    ? __getcwd_chk (buf, size, buflen) : getcwd (buf, size))
 
 #if defined __USE_BSD || defined __USE_XOPEN_EXTENDED

string/bits/string3.h

@@ -85,11 +85,11 @@ __mempcpy_ichk (void *__restrict __dest, const void *__restrict __src,
    especially problematic if the intended fill value is zero.  In this
    case no work is done at all.  We detect these problems by referring
    non-existing functions.  */
-extern char *__memset_zero_constant_len_parameter (void *, int, size_t,
-						   size_t);
+__warndecl (__warn_memset_zero_len,
+	    "memset used with constant zero length parameter; this could be due to transposed parameters");
 #define memset(dest, ch, len) \
   (__builtin_constant_p (len) && (len) == 0				      \
-   ? __memset_zero_constant_len_parameter (dest, ch, len, 0)		      \
+   ? (__warn_memset_zero_len (), (void) (ch), (void) (len), (void *) (dest))  \
    : ((__bos0 (dest) != (size_t) -1)					      \
       ? __builtin___memset_chk (dest, ch, len, __bos0 (dest))		      \
       : __memset_ichk (dest, ch, len)))

sysdeps/generic/memset_chk.c

@@ -90,7 +90,3 @@ __memset_chk (dstpp, c, len, dstlen)
 
   return dstpp;
 }
-strong_alias (__memset_chk, __memset_zero_constant_len_parameter)
-
-link_warning (__memset_zero_constant_len_parameter,
-	      "memset used with constant zero length parameter; this could be due to transposed parameters")

sysdeps/i386/i686/memset_chk.S

@@ -32,8 +32,4 @@ ENTRY (__memset_chk)
 	jb	__chk_fail
 	jmp	memset
 END (__memset_chk)
-
-strong_alias (__memset_chk, __memset_zero_constant_len_parameter)
-	.section .gnu.warning.__memset_zero_constant_len_parameter
-	.string "memset used with constant zero length parameter; this could be due to transposed parameters"
 #endif

sysdeps/x86_64/memset_chk.S

@@ -31,8 +31,4 @@ ENTRY (__memset_chk)
 	jb	__chk_fail
 	jmp	memset
 END (__memset_chk)
-
-strong_alias (__memset_chk, __memset_zero_constant_len_parameter)
-	.section .gnu.warning.__memset_zero_constant_len_parameter
-	.string "memset used with constant zero length parameter; this could be due to transposed parameters"
 #endif