Dave Korn <dave.korn.cyg...@gmail.com> writes: > On 28/05/2010 19:32, Ian Lance Taylor wrote: > >> As the compiler documentation states, warn_unused_result was intended >> for cases where failing to check the return value is always a security > ^^^^^^ > Note: "always". > >> risk or a bug. > > OK, that's reasonable as far as it goes, but there is *no* circumstances > under which ignoring the return from *any* function is *always* a bug. So we > should provide a user override mechanism.
For practical purposes, it is always a bug to ignore the return value of realloc (I disregard the unusual case of passing 0 as the second argument in order to free the memory block). The original patch description (http://gcc.gnu.org/ml/gcc-patches/2003-09/msg00798.html) said there are calls in the Linux kernel whose return value must never be ignored. So I assert that there are such cases. We could certainly decide that we don't care about that fine distinction, and just fall back to the weaker definition which permits easy overriding with a cast to void. But we shouldn't do it on the basis that the current definition does not make sense. We should only do it on the basis that the current definition is not worth preserving. Ian
