This is the mail archive of the
gcc-bugs@gcc.gnu.org
mailing list for the GCC project.
[Bug other/56955] documentation for attribute malloc contradicts itself
- From: "bugdal at aerifal dot cx" <gcc-bugzilla at gcc dot gnu dot org>
- To: gcc-bugs at gcc dot gnu dot org
- Date: Tue, 20 May 2014 21:00:04 +0000
- Subject: [Bug other/56955] documentation for attribute malloc contradicts itself
- Auto-submitted: auto-generated
- References: <bug-56955-4 at http dot gcc dot gnu dot org/bugzilla/>
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=56955
--- Comment #10 from Rich Felker <bugdal at aerifal dot cx> ---
I don't see how it's at all helpful for GCC to assume that memory obtained by
__attribute__((__malloc__)) functions does not contain pointers to anything
that existed before the call. This assumption only aids optimization in the
case where a pointer residing in the obtained memory is used (e.g. dereferenced
or compared with another pointer) before anything is stored to it. But with
GCC's assumption, such use would be UB anyway and thus cannot occur in a
correct program, so there's no sense in optimizing it.
The alternative is much more reasonable: assume that a pointer residing in the
obtained memory could alias any object whose address has already escaped
(roughly, anything but automatic or static/internal-linkage objects whose
addresses were not taken and passed to code the compiler can't see). This
allows __attribute__((__malloc__)) to be applied to realloc-like functions as
well as functions in third-party libraries which allocate non-opaque structures
whose members may point to data that's also accessible via other paths. And as
far as I can tell, it doesn't preclude any optimizations that could take place
in a code path that doesn't invoke UB.