On Wed, May 21, 2014 at 8:37 PM, Paul Eggert <egg...@cs.ucla.edu> wrote:
> Attached is a proposed documentation patch for __attribute__ ((malloc)),
> taken from:
>
> https://gcc.gnu.org/bugzilla/show_bug.cgi?id=56955#c9
>
> Richard Biener suggested that I forward it to this list.
Thanks Paul. Re-reading this I wonder if the wording is clear enough to
disallow for example
struct S { struct S *p; };
struct S * __attribute__((malloc)) allocS (void)
{
struct S *s = malloc (sizeof (struct S));
s->p = s;
return s;
}
the function returns an initialized S, but it's pointers do
not alias any other pointer valid when the function returns(?).
That is, the constraint is rather that pointers extracted from the
memory pointed to by the return value do not point to "valid"
objects.
For the above doing
struct S *s = allocS();
s->s->s = 0;
would be DSEd (because s->s points to 'nothing').
Can you try to clarify the wording (I'm not a native speaker).
Thanks,
Richard.
