Re: [PATCH] avoid calling alloca(0)

Thu, 17 Nov 2016 14:53:06 -0800 

On 11/17/2016 03:03 PM, Jakub Jelinek wrote:

On Thu, Nov 17, 2016 at 01:56:03PM -0700, Jeff Law wrote:

On 11/17/2016 11:24 AM, Jakub Jelinek wrote:

On Thu, Nov 17, 2016 at 11:14:26AM -0700, Martin Sebor wrote:

--- a/gcc/fortran/interface.c
+++ b/gcc/fortran/interface.c
@@ -2821,7 +2821,8 @@ compare_actual_formal (gfc_actual_arglist **ap, 
gfc_formal_arglist *formal,
  for (f = formal; f; f = f->next)
    n++;

-  new_arg = XALLOCAVEC (gfc_actual_arglist *, n);
+  /* Take care not to call alloca with a zero argument.  */
+  new_arg = XALLOCAVEC (gfc_actual_arglist *, n + !n);

  for (i = 0; i < n; i++)
    new_arg[i] = NULL;


Ugh, that is just too ugly.  I don't see anything wrong on alloca (0),
and we don't rely on those pointers being distinct from other pointers.

On systems where alloca was implemented on top of malloc, alloca (0) would
cause collection of alloca'd objects that had gone out of scope.


Ouch.  Do we support any such systems as hosts?  If yes, can't we just
define XALLOCAVEC etc. to alloca (len + 1) or alloca (len ? len : 1)
on those systems and leave the sane hosts as is?
I would guess they're all dead as hosts for building GCC. I was most familiar with hpux, but I'm pretty sure there were others as emacs (IIRC) had a replacement alloca for systems without it as a builtin. They probably all fall into the "retro-computing" bucket these days.
Essentially those systems worked by recording all the allocations as well as the frame depth at which they occurred. The next time alloca was called, anything at a deeper depth than the current frame was released.
So even if we called alloca (0) unexpectedly, it's not going to cause anything to break. Failing to call alloca (0) could run the system out of heap memory. It's left as an exercise to the reader to ponder how that might happen -- it can and did happen building GCC "in the old days".
The point is warning on an alloca (0) may not be as clear cut as it might seem. It's probably a reasonable thing to do on the host, but on a target, which might be embedded and explicitly overriding the builtin alloca, warning on alloca (0) is less of a slam dunk. 


jeff

Reply via email to