Author: Nuno Lopes Date: To: pcre-dev Subject: Re: [pcre-dev] [PATCH] add malloc and alloc_size attributes to
allocation functions
>> I feel this patch just adds unnecessary complexity to the header file. >> What exactly are these optimizations? For buffer overflows, valgrind
>> is the perfect detection tool with its red zone based detection
>> algorithm. What else can you do with these macros?
The malloc attribute allows the compiler to decide that a pointer returned
by the function doesn't alias anything. This enables a lot of optimizations
that depend on aliasing information, such as copy propagation, constant
folding, and so. I didn't measure the impact, but I would argue that the
added complexity to the headers is null; these things are usually only
touched once in a decade..
The alloc_size attribute enables both static and run-time bounds checking.
For example, GCC will emit a warning if it can prove that you are
reading/writing outside of a buffer's limit. However, this analysis is
intra-procedural, and so the alloc_size attribute is required to enable the
warnings.
Clang can also take advantage of this attribute to emit run-time checks that
are meant to be enabled in production, and not for debugging like valgrind.
The aim of these two tools is completely different.
> In any case, I am just in the process of preparing the first 8.31
> release candidate, so if any changes are to be made, they will have to
> wait till the next release. So there is time to think about and discuss
> them.
