It appears that, according to the standard, passing NULL to memcmp is undefined behavior, even if the count is 0. See http://stackoverflow.com/questions/16362925/can-i-pass-a-null-pointer-to-memcmp for C99 and C++ standard references. I didn't see a good reference for C89 but I find it almost impossible to believe it was changed from defined to undefined behavior between C89 and C99.
On Mon, Jun 22, 2015 at 2:31 PM, Tom Lane <tgl@sss.pgh.pa.us> wrote:
Robert Haas <robertmhaas@gmail.com> writes: > On Mon, Jun 22, 2015 at 2:55 PM, Tom Lane <tgl@sss.pgh.pa.us> wrote: >> If I recall that code correctly, the assumption was that if the third >> argument is zero then memcmp() must not fetch any bytes (not should not, >> but MUST not) and therefore it doesn't matter if we pass a NULL. Are >> you seeing any observable problem here, and if so what is it?
> I dunno, this seems like playing with fire to me. A null-test would > be pretty cheap insurance.
A null test would be a pretty cheap way of masking a bug in that logic, if we ever introduced one; to wit, that it would cause a call with argtypes==NULL to match anything.
I remain unconvinced that this is necessary, though. It looks a *whole* lot like the guards we have against old Solaris' bsearch-of-zero-entries bug. I maintain that what glibc has done is exactly to introduce a bug for the zero-entries case, and that Piotr ought to complain to them about it. At the very least, if you commit this please annotate it as working around a memcmp bug.
