To: Stephen Turnbull <turnbull AT shako DOT sk DOT tsukuba DOT ac DOT jp>
Cc: djgpp AT sun DOT soe DOT clarkson DOT edu
Subject: Re: found cause of segmentation violations in string functions in Imake 
Date: Thu, 10 Feb 94 09:56:26 +1000
From: Peter Horan <peter AT deakin DOT edu DOT au>

	Date: Wed, 9 Feb 94 14:30:16 JST
	From: Stephen Turnbull <turnbull AT shako DOT sk DOT tsukuba DOT ac DOT jp>
	Message-Id: <9402090530 DOT AA16035 AT shako DOT sk DOT tsukuba DOT ac DOT jp>
	To: djgpp AT sun DOT soe DOT clarkson DOT edu
	Subject: found cause of segmentation violations in string functions in Imake
	
	I was having problems with segmentation violations arising in Imake
[stuff deleted]
	    It has been mentioned to me by several people, and I think copied
	to the list, that the string functions in the library don't catch this
	kind of thing.  According to Harbison and Steele (2e, so it may not be
	up to date), checking validity of pointers passed to the string
	library is the programmer's responsibility, so the string functions
	*should not* be patched.  A couple of posts have mentioned this kind
	of problem recently
In practice, there is a precondition which must be met when calling string
functions, which requires that no string pointer be NULL. The error is to
omit the precondition from the documentation.

Perhaps a manual page section "REQUIRES". I was alerted to this when strcmp()
crashed, and would rewrite its man page as follows:

SYNOPSIS
     #include <string.h>

     int strcmp(const char *s1, const char *s2);

REQUIRES
		s1 != NULL && s2 != NULL

DESCRIPTION
	strcmp() compares two strings byte-by-byte, according to the ordering
	of your machine's character set. Bytes following a null byte are not
	compared.

RETURNS
	If the strings are identical, strcmp() returns a zero.  

	If the difference of the 1st string precedes that of the 2nd string
		the function returns a negative value

	If the difference of the 2nd string precedes that of the 1st string
		the function returns a positive value

Such as approach is discussed in Bertrand Meyer's "Object Oriented Software
Construction" under the heading Programming by Contract.
	
Peter Horan                     Department of Computing and Mathematics
peter AT deakin DOT edu DOT au	   	Deakin University
                                Geelong
+61-52-27 1234 (Voice)          Victoria 3217
+61-52-27 2028 (FAX)            Australia