Re: [Libguestfs] [libnbd PATCH] RFC: generator: Mark APIs with allocator/deallocator semantics

On Fri, Sep 30, 2022 at 10:42:01AM -0500, Eric Blake wrote: > Modern GCC has two related attributes for functions returning a > pointer: > > __attribute__((__malloc__)) - this function returns a new pointer, not > aliased to any existing pointer > > __attribute__((__malloc__(fn,1))) - call fn(return_value) to avoid > leaking memory allocated by this function > > With those attributes, static analyzers can better detect when we pass > the resulting pointer to the wrong deallocator, deallocate more than > once, have a use after free, or otherwise leak the memory. (Sadly, as > of gcc 12.2.1, -fanalyzer still has a LOT of false positives, such as: > https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107100; since our code > base triggers some of these, we can't quite rely on it yet). > --- > lib/internal.h | 4 +++- > generator/C.ml | 24 +++++++++++++++++++++--- > 2 files changed, 24 insertions(+), 4 deletions(-) >

ACK - worth a go, if it causes too many problems we can always back it out later!