[PATCH] Do not warn with warn_unused_result for alloca(0).

Martin Sebor msebor@gmail.com
Wed Jun 12 16:14:00 GMT 2019


On 6/12/19 9:25 AM, Michael Matz wrote:
> Hi,
> 
> On Wed, 12 Jun 2019, Martin Sebor wrote:
> 
>>> Otherwise LGTM as the patch, but I'd like to hear from others whether
>>> it is kosher to add such a special case to the warn_unused_result
>>> attribute warning.  And if the agreement is yes, I think it should be
>>> documented somewhere that alloca (0) will not warn even when the call
>>> has such an attribute (probably in the description of
>>> warn_unused_result attribute).
>>
>> I'm not very happy about adding another special case to alloca
>> (on top of not diagnosing zero allocation by -Walloc-zero).
>> There is no valid use case for the zero argument, whether or not
>> the return value is used.
> 
> That's the thing, there _is_ a valid use case for supplying a zero
> argument and then the returned value should _not_ be used.  There are
> alloca implementations that do something (freeing memory) when
> called with a zero size, so some (older) programs contain such calls.
> Warning on those calls for the unused results is exactly the wrong thing
> to do, if anything if the result is used we'd have to warn.  (That's of
> course non-standard, but so is alloca itself)  And just removing these
> calls isn't correct either except if it's ensured to not use an alloca
> implementation with that behaviour.

But GCC doesn't support such an implementation, does it?  The only
way to use such an alloca is with -fno-builtin-alloca which should
suppress the warning.

The Linux man page highlights this and the risks of defining one's
own alloca function:

   http://man7.org/linux/man-pages/man3/alloca.3.html

In any event, the warning, just like all others, exists to help
catch common mistakes: "constructions that are not inherently
erroneous but that are risky or suggest there may have been
an error".  It's not meant to accommodate every conceivable
corner case or oddball implementation.  Users of those can
easily disable the warning #pragma GCC diagnostic.  Doing that
makes the intent explicit both to the compiler and to other
tools and programmers.

Martin

> 
> (In fact I think our builtin_alloca implementation could benefit when we
> added that behaviour as well; it's a natural wish to be able to free
> memory that you allocated).
> 
> 
> Ciao,
> Michael.
> 



More information about the Gcc-patches mailing list