[PATCH] Fix malloc attribute mishandling

Richard Guenther richard.guenther@gmail.com
Tue Feb 9 23:20:00 GMT 2010 

On Wed, Feb 10, 2010 at 12:13 AM, Xinliang David Li <davidxl@google.com> wrote:
> On Tue, Feb 9, 2010 at 2:44 PM, Richard Guenther
> <richard.guenther@gmail.com> wrote:
>> On Tue, Feb 9, 2010 at 8:18 PM, Xinliang David Li <davidxl@google.com> wrote:
>>> Why is this a compiler problem, but not a user error? malloc attribute
>>> should have clear semantics to allow/disallow such use.
>>
>> It does have clear semantics.  The semantics is that a function with
>> the malloc attribute returns a pointer to memory that is not aliased
>> by any other pointer.  No further restrictions are documented.
>
> Is it carved in stone or can further be refined?

It's carved in stone - we can't probably break existing uses.  Thus for
a more restrictive interpretation we have to invent a new attribute
(or amend the function annotation patch).

Richard.

> David
>
>>
>>> Besides, can
>>> the malloc wrapper recognition detect things like 1) initializing heap
>>> memory to point to global variables; 2) making heap memory exposed
>>> before returning?  A warning can be emitted if needed when a violation
>>> is detected ...
>>
>> IPA-PTA can properly compute malloc property of malloc wrappers.
>> I don't understand your question fully though.
>
>
>
>>
>> Richard.
>>
>>> David
>>>
>>> On Tue, Feb 9, 2010 at 6:36 AM, Richard Guenther <rguenther@suse.de> wrote:
>>>>
>>>> As we now handle malloc results more precise we forget to consider
>>>> constructors with malloc attribute.  This causes some perl testcases
>>>> to fail.
>>>>
>>>> Fixed as follows -- note this pessimizes simple malloc wrappers again,
>>>> we probably need another attribute for more strict semantics (thus,
>>>> the returned memory doesn't point to anything, but is either
>>>> uninitialized or zero-initialized).  Not that this pessimization
>>>> would be a regression to 4.4 (but it is to previous 4.5 snapshots).
>>>>
>>>> Bootstrap and regtest running on x86_64-unknown-linux-gnu, will apply
>>>> if that succeeds.
>>>>
>>>> Richard.
>>>>
>>>>
>>>> 2010-02-09  Richard Guenther  <rguenther@suse.de>
>>>>
>>>>        PR tree-optimization/43008
>>>>        * tree-ssa-structalias.c (handle_lhs_call): Pass in the fndecl,
>>>>        make HEAP variables initialized from global memory if they
>>>>        are not known builtin functions.
>>>>        (find_func_aliases): Adjust.
>>>>
>>>>        * gcc.c-torture/execute/pr43008.c: New testcase.
>>>>
>>>> Index: gcc/tree-ssa-structalias.c
>>>> ===================================================================
>>>> *** gcc/tree-ssa-structalias.c  (revision 156620)
>>>> --- gcc/tree-ssa-structalias.c  (working copy)
>>>> *************** handle_rhs_call (gimple stmt, VEC(ce_s,
>>>> *** 3482,3488 ****
>>>>     the LHS point to global and escaped variables.  */
>>>>
>>>>  static void
>>>> ! handle_lhs_call (tree lhs, int flags, VEC(ce_s, heap) *rhsc)
>>>>  {
>>>>    VEC(ce_s, heap) *lhsc = NULL;
>>>>
>>>> --- 3482,3488 ----
>>>>     the LHS point to global and escaped variables.  */
>>>>
>>>>  static void
>>>> ! handle_lhs_call (tree lhs, int flags, VEC(ce_s, heap) *rhsc, tree fndecl)
>>>>  {
>>>>    VEC(ce_s, heap) *lhsc = NULL;
>>>>
>>>> *************** handle_lhs_call (tree lhs, int flags, VE
>>>> *** 3496,3501 ****
>>>> --- 3496,3507 ----
>>>>           it escapes.  */
>>>>        DECL_EXTERNAL (vi->decl) = 0;
>>>>        vi->is_global_var = 0;
>>>> +       /* If this is not a real malloc call assume the memory was
>>>> +          initialized and thus may point to global memory.  All
>>>> +        builtin functions with the malloc attribute behave in a sane way.  */
>>>> +       if (!fndecl
>>>> +         || DECL_BUILT_IN_CLASS (fndecl) != BUILT_IN_NORMAL)
>>>> +       make_constraint_from (vi, nonlocal_id);
>>>>      }
>>>>    else if (VEC_length (ce_s, rhsc) > 0)
>>>>      {
>>>> *************** find_func_aliases (gimple origt)
>>>> *** 3798,3804 ****
>>>>            handle_rhs_call (t, &rhsc);
>>>>          if (gimple_call_lhs (t)
>>>>              && could_have_pointers (gimple_call_lhs (t)))
>>>> !           handle_lhs_call (gimple_call_lhs (t), flags, rhsc);
>>>>          VEC_free (ce_s, heap, rhsc);
>>>>        }
>>>>        else
>>>> --- 3804,3810 ----
>>>>            handle_rhs_call (t, &rhsc);
>>>>          if (gimple_call_lhs (t)
>>>>              && could_have_pointers (gimple_call_lhs (t)))
>>>> !           handle_lhs_call (gimple_call_lhs (t), flags, rhsc, fndecl);
>>>>          VEC_free (ce_s, heap, rhsc);
>>>>        }
>>>>        else
>>>> Index: gcc/testsuite/gcc.c-torture/execute/pr43008.c
>>>> ===================================================================
>>>> *** gcc/testsuite/gcc.c-torture/execute/pr43008.c       (revision 0)
>>>> --- gcc/testsuite/gcc.c-torture/execute/pr43008.c       (revision 0)
>>>> ***************
>>>> *** 0 ****
>>>> --- 1,23 ----
>>>> + int i;
>>>> + struct X {
>>>> +   int *p;
>>>> + };
>>>> + struct X * __attribute__((malloc))
>>>> + my_alloc (void)
>>>> + {
>>>> +   struct X *p = __builtin_malloc (sizeof (struct X));
>>>> +   p->p = &i;
>>>> +   return p;
>>>> + }
>>>> + extern void abort (void);
>>>> + int main()
>>>> + {
>>>> +   struct X *p, *q;
>>>> +   p = my_alloc ();
>>>> +   q = my_alloc ();
>>>> +   *(p->p) = 1;
>>>> +   *(q->p) = 0;
>>>> +   if (*(p->p) != 0)
>>>> +     abort ();
>>>> +   return 0;
>>>> + }
>>>>
>>>
>>
>

More information about the Gcc-patches mailing list