public inbox for gcc-bugs@sourceware.org help / color / mirror / Atom feed
From: "torvalds@linux-foundation.org" <gcc-bugzilla@gcc.gnu.org> To: gcc-bugs@gcc.gnu.org Subject: [Bug tree-optimization/94527] RFE: Add an __attribute__ that marks a function as freeing an object Date: Wed, 08 Apr 2020 00:48:53 +0000 [thread overview] Message-ID: <bug-94527-4-gMiqzyvi4g@http.gcc.gnu.org/bugzilla/> (raw) In-Reply-To: <bug-94527-4@http.gcc.gnu.org/bugzilla/> https://gcc.gnu.org/bugzilla/show_bug.cgi?id=94527 --- Comment #4 from Linus Torvalds <torvalds@linux-foundation.org> --- (In reply to Jeffrey A. Law from comment #3) > GCC already knows that free() "kills" the pointed-to memory and should be > doing DSE with that in mind. It doesn't however know that other functions > have free-like semantics, so it wouldn't do so in for kfree. Oh, ok, so the logic already exists, just not the interface to tell anybody else. I suspect even non-kernel users might have wrappers around free that might be able to use a "this acts like free()" marker. > With regard to the warnings. When we were investigating use-after-free and > double-free diagnostics it was our conclusion that do to any kind of > reasonable job you really have to do a whole program analysis. Otherwise > it's just a toy. As a result the focal point for those diagnostics is the > static analyzer David Malcolm is working on. Obviously a static analyzer is better. That said, we've had some stupid bugs wrt kfree(). Things like releasing things twice in error paths etc. So yeah, doing it in the compiler isn't going to catch the subtle cases, but catching the stupid cases early would still be a good thing. But I also realize that it might not be worth it to you guys. Since you already effectively have the DSE code, that looks like a much cheaper thing to do. (And maybe one day somebody will go "I can trivially see use-after-free things too, and warn about it", so just having the marker might result in the warnings at some point too).
next prev parent reply other threads:[~2020-04-08 0:48 UTC|newest] Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top 2020-04-07 22:44 [Bug tree-optimization/94527] New: " dhowells at redhat dot com 2020-04-07 22:46 ` [Bug tree-optimization/94527] " dhowells at redhat dot com 2020-04-07 22:48 ` law at redhat dot com 2020-04-07 23:49 ` torvalds@linux-foundation.org 2020-04-08 0:18 ` law at redhat dot com 2020-04-08 0:48 ` torvalds@linux-foundation.org [this message] 2020-04-08 6:45 ` [Bug middle-end/94527] " rguenth at gcc dot gnu.org 2020-04-08 7:53 ` redi at gcc dot gnu.org 2020-04-08 16:28 ` msebor at gcc dot gnu.org 2020-04-08 16:44 ` torvalds@linux-foundation.org 2020-10-06 13:04 ` dmalcolm at gcc dot gnu.org 2020-10-27 1:28 ` msebor at gcc dot gnu.org 2020-11-13 21:47 ` msebor at gcc dot gnu.org 2020-11-13 21:57 ` msebor at gcc dot gnu.org 2020-12-03 22:43 ` cvs-commit at gcc dot gnu.org 2020-12-03 22:45 ` msebor at gcc dot gnu.org
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=bug-94527-4-gMiqzyvi4g@http.gcc.gnu.org/bugzilla/ \ --to=gcc-bugzilla@gcc.gnu.org \ --cc=gcc-bugs@gcc.gnu.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).