On 01/11/2018 01:32 PM, Jan Hubicka wrote:
As long as the marked definition still satisfies the assumptions
GCC makes about the function it won't be harmful. I don't know
all the nuances of pointer aliasing in GCC that might rely on it
but assuming they faithfully reflect the standard requirements
it will be safe.
The other aspect of the question is under what the conditions
is suggesting the attribute meaningful. Without spending too
much time on it, I think the condition should be that the
function must return a pointer obtained from a call to
an allocation function that depends on one or more of its
arguments, either directly or indirectly, or NULL. Does that
make sense or can you or someone think of some realistic use
cases where this would be too broad?
I also think marking functions returning NULL as malloc should be
OK correctness wise.
I would not require the call to alloc function to depend on argument
of the caller - it seems perfectly OK to me to just call malloc with
constant argument, for instance.
You're right, constant calls should be included as well. I was
trying to exclude the pathological cases brought up in this thread
but maybe they're not worth worrying about.
Martin
