stdio: Improve GCC 11 allocation-deallocation checking

bug-gnulib@gnu.org mirror (unofficial)
 help / color / mirror / Atom feed

* stdio: Improve GCC 11 allocation-deallocation checking
@ 2021-08-07 16:19 Bruno Haible
  2021-08-08 16:28 ` Bruno Haible
  0 siblings, 1 reply; 2+ messages in thread
From: Bruno Haible @ 2021-08-07 16:19 UTC (permalink / raw
  To: bug-gnulib

2021-08-07  Bruno Haible  <bruno@clisp.org>

	stdio: Improve GCC 11 allocation-deallocation checking.
	* lib/stdio.in.h (fdopen, fopen, tmpfile): Declare that deallocation
	must happen through 'fclose'.
	(popen): Declare that deallocation must happen through 'pclose'.
	* lib/stdio-safer.h (fopen_safer, tmpfile_safer): Declare that
	deallocation must happen through 'fclose'.
	(popen_safer): Declare that deallocation must happen through 'pclose'.
	(freopen_safer): Declare that arguments must be non-NULL.

diff --git a/lib/stdio.in.h b/lib/stdio.in.h
index 20ba488..7986f72 100644
--- a/lib/stdio.in.h
+++ b/lib/stdio.in.h
@@ -260,8 +260,9 @@ _GL_CXXALIASWARN (fcloseall);
 #   undef fdopen
 #   define fdopen rpl_fdopen
 #  endif
-_GL_FUNCDECL_RPL (fdopen, FILE *, (int fd, const char *mode)
-                                  _GL_ARG_NONNULL ((2)));
+_GL_FUNCDECL_RPL (fdopen, FILE *,
+                  (int fd, const char *mode)
+                  _GL_ARG_NONNULL ((2)) _GL_ATTRIBUTE_DEALLOC (fclose, 1));
 _GL_CXXALIAS_RPL (fdopen, FILE *, (int fd, const char *mode));
 # elif defined _WIN32 && !defined __CYGWIN__
 #  if !(defined __cplusplus && defined GNULIB_NAMESPACE)
@@ -380,7 +381,7 @@ _GL_CXXALIASWARN (fileno);
 #  endif
 _GL_FUNCDECL_RPL (fopen, FILE *,
                   (const char *restrict filename, const char *restrict mode)
-                  _GL_ARG_NONNULL ((1, 2)));
+                  _GL_ARG_NONNULL ((1, 2)) _GL_ATTRIBUTE_DEALLOC (fclose, 1));
 _GL_CXXALIAS_RPL (fopen, FILE *,
                   (const char *restrict filename, const char *restrict mode));
 # else
@@ -1009,13 +1010,15 @@ _GL_WARN_ON_USE (perror, "perror is not always POSIX compliant - "
 #   undef popen
 #   define popen rpl_popen
 #  endif
-_GL_FUNCDECL_RPL (popen, FILE *, (const char *cmd, const char *mode)
-                                 _GL_ARG_NONNULL ((1, 2)));
+_GL_FUNCDECL_RPL (popen, FILE *,
+                  (const char *cmd, const char *mode)
+                  _GL_ARG_NONNULL ((1, 2)) _GL_ATTRIBUTE_DEALLOC (pclose, 1));
 _GL_CXXALIAS_RPL (popen, FILE *, (const char *cmd, const char *mode));
 # else
 #  if !@HAVE_POPEN@
-_GL_FUNCDECL_SYS (popen, FILE *, (const char *cmd, const char *mode)
-                                 _GL_ARG_NONNULL ((1, 2)));
+_GL_FUNCDECL_SYS (popen, FILE *,
+                  (const char *cmd, const char *mode)
+                  _GL_ARG_NONNULL ((1, 2)) _GL_ATTRIBUTE_DEALLOC (pclose, 1));
 #  endif
 _GL_CXXALIAS_SYS (popen, FILE *, (const char *cmd, const char *mode));
 # endif
@@ -1346,7 +1349,8 @@ _GL_CXXALIASWARN (tempnam);
 #  if !(defined __cplusplus && defined GNULIB_NAMESPACE)
 #   define tmpfile rpl_tmpfile
 #  endif
-_GL_FUNCDECL_RPL (tmpfile, FILE *, (void));
+_GL_FUNCDECL_RPL (tmpfile, FILE *, (void)
+                                   _GL_ATTRIBUTE_DEALLOC (fclose, 1));
 _GL_CXXALIAS_RPL (tmpfile, FILE *, (void));
 # else
 _GL_CXXALIAS_SYS (tmpfile, FILE *, (void));
diff --git a/lib/stdio-safer.h b/lib/stdio-safer.h
index 464ffcf..53ee971 100644
--- a/lib/stdio-safer.h
+++ b/lib/stdio-safer.h
@@ -20,17 +20,21 @@
 #include <stdio.h>
 
 #if GNULIB_FOPEN_SAFER
-FILE *fopen_safer (char const *, char const *);
+FILE *fopen_safer (char const *, char const *)
+  _GL_ARG_NONNULL ((1, 2)) _GL_ATTRIBUTE_DEALLOC (fclose, 1);
 #endif
 
 #if GNULIB_FREOPEN_SAFER
-FILE *freopen_safer (char const *, char const *, FILE *);
+FILE *freopen_safer (char const *, char const *, FILE *)
+  _GL_ARG_NONNULL ((2, 3));
 #endif
 
 #if GNULIB_POPEN_SAFER
-FILE *popen_safer (char const *, char const *);
+FILE *popen_safer (char const *, char const *)
+  _GL_ARG_NONNULL ((1, 2)) _GL_ATTRIBUTE_DEALLOC (pclose, 1);
 #endif
 
 #if GNULIB_TMPFILE_SAFER
-FILE *tmpfile_safer (void);
+FILE *tmpfile_safer (void)
+  _GL_ATTRIBUTE_DEALLOC (fclose, 1);
 #endif



^ permalink raw reply related	[flat|nested] 2+ messages in thread

* Re: stdio: Improve GCC 11 allocation-deallocation checking
  2021-08-07 16:19 stdio: Improve GCC 11 allocation-deallocation checking Bruno Haible
@ 2021-08-08 16:28 ` Bruno Haible
  0 siblings, 0 replies; 2+ messages in thread
From: Bruno Haible @ 2021-08-08 16:28 UTC (permalink / raw
  To: bug-gnulib

Yesterday I pushed this:
> 2021-08-07  Bruno Haible  <bruno@clisp.org>
> 
> 	stdio: Improve GCC 11 allocation-deallocation checking.
> 	* lib/stdio.in.h (fdopen, fopen, tmpfile): Declare that deallocation
> 	must happen through 'fclose'.
> 	(popen): Declare that deallocation must happen through 'pclose'.

But it needs, for the cases that
  - module 'fclose' is in use but 'fdopen', 'fopen', 'tmpfile' are not, or
  - module 'pclose' is in use but module 'popen' is not.


2021-08-08  Bruno Haible  <bruno@clisp.org>

	stdio: Improve GCC 11 allocation-deallocation checking.
	* lib/stdio.in.h (fdopen, fopen, tmpfile): For GCC >= 11: Declare nearly
	always.
	(popen): For GCC >= 11: Declare also when the platform already declares
	the function or when the module 'popen' is not in use.

diff --git a/lib/stdio.in.h b/lib/stdio.in.h
index 7986f72..f1bf817 100644
--- a/lib/stdio.in.h
+++ b/lib/stdio.in.h
@@ -271,28 +271,42 @@ _GL_CXXALIAS_RPL (fdopen, FILE *, (int fd, const char *mode));
 #  endif
 _GL_CXXALIAS_MDA (fdopen, FILE *, (int fd, const char *mode));
 # else
+#  if __GNUC__ >= 11
+/* For -Wmismatched-dealloc: Associate fdopen with fclose or rpl_fclose.  */
+_GL_FUNCDECL_SYS (fdopen, FILE *,
+                  (int fd, const char *mode)
+                  _GL_ARG_NONNULL ((2)) _GL_ATTRIBUTE_DEALLOC (fclose, 1));
+#  endif
 _GL_CXXALIAS_SYS (fdopen, FILE *, (int fd, const char *mode));
 # endif
 _GL_CXXALIASWARN (fdopen);
-#elif defined GNULIB_POSIXCHECK
-# undef fdopen
+#else
+# if @GNULIB_FCLOSE@ && __GNUC__ >= 11 && !defined fdopen
+/* For -Wmismatched-dealloc: Associate fdopen with fclose or rpl_fclose.  */
+_GL_FUNCDECL_SYS (fdopen, FILE *,
+                  (int fd, const char *mode)
+                  _GL_ARG_NONNULL ((2)) _GL_ATTRIBUTE_DEALLOC (fclose, 1));
+# endif
+# if defined GNULIB_POSIXCHECK
+#  undef fdopen
 /* Assume fdopen is always declared.  */
 _GL_WARN_ON_USE (fdopen, "fdopen on native Windows platforms is not POSIX compliant - "
                  "use gnulib module fdopen for portability");
-#elif @GNULIB_MDA_FDOPEN@
+# elif @GNULIB_MDA_FDOPEN@
 /* On native Windows, map 'fdopen' to '_fdopen', so that -loldnames is not
    required.  In C++ with GNULIB_NAMESPACE, avoid differences between
    platforms by defining GNULIB_NAMESPACE::fdopen always.  */
-# if defined _WIN32 && !defined __CYGWIN__
-#  if !(defined __cplusplus && defined GNULIB_NAMESPACE)
-#   undef fdopen
-#   define fdopen _fdopen
-#  endif
+#  if defined _WIN32 && !defined __CYGWIN__
+#   if !(defined __cplusplus && defined GNULIB_NAMESPACE)
+#    undef fdopen
+#    define fdopen _fdopen
+#   endif
 _GL_CXXALIAS_MDA (fdopen, FILE *, (int fd, const char *mode));
-# else
+#  else
 _GL_CXXALIAS_SYS (fdopen, FILE *, (int fd, const char *mode));
-# endif
+#  endif
 _GL_CXXALIASWARN (fdopen);
+# endif
 #endif
 
 #if @GNULIB_FFLUSH@
@@ -385,17 +399,31 @@ _GL_FUNCDECL_RPL (fopen, FILE *,
 _GL_CXXALIAS_RPL (fopen, FILE *,
                   (const char *restrict filename, const char *restrict mode));
 # else
+#  if __GNUC__ >= 11
+/* For -Wmismatched-dealloc: Associate fopen with fclose or rpl_fclose.  */
+_GL_FUNCDECL_SYS (fopen, FILE *,
+                  (const char *restrict filename, const char *restrict mode)
+                  _GL_ARG_NONNULL ((1, 2)) _GL_ATTRIBUTE_DEALLOC (fclose, 1));
+#  endif
 _GL_CXXALIAS_SYS (fopen, FILE *,
                   (const char *restrict filename, const char *restrict mode));
 # endif
 # if __GLIBC__ >= 2
 _GL_CXXALIASWARN (fopen);
 # endif
-#elif defined GNULIB_POSIXCHECK
-# undef fopen
+#else
+# if @GNULIB_FCLOSE@ && __GNUC__ >= 11 && !defined fopen
+/* For -Wmismatched-dealloc: Associate fopen with fclose or rpl_fclose.  */
+_GL_FUNCDECL_SYS (fopen, FILE *,
+                  (const char *restrict filename, const char *restrict mode)
+                  _GL_ARG_NONNULL ((1, 2)) _GL_ATTRIBUTE_DEALLOC (fclose, 1));
+# endif
+# if defined GNULIB_POSIXCHECK
+#  undef fopen
 /* Assume fopen is always declared.  */
 _GL_WARN_ON_USE (fopen, "fopen on native Windows platforms is not POSIX compliant - "
                  "use gnulib module fopen for portability");
+# endif
 #endif
 
 #if @GNULIB_FPRINTF_POSIX@ || @GNULIB_FPRINTF@
@@ -1015,7 +1043,7 @@ _GL_FUNCDECL_RPL (popen, FILE *,
                   _GL_ARG_NONNULL ((1, 2)) _GL_ATTRIBUTE_DEALLOC (pclose, 1));
 _GL_CXXALIAS_RPL (popen, FILE *, (const char *cmd, const char *mode));
 # else
-#  if !@HAVE_POPEN@
+#  if !@HAVE_POPEN@ || __GNUC__ >= 11
 _GL_FUNCDECL_SYS (popen, FILE *,
                   (const char *cmd, const char *mode)
                   _GL_ARG_NONNULL ((1, 2)) _GL_ATTRIBUTE_DEALLOC (pclose, 1));
@@ -1023,11 +1051,19 @@ _GL_FUNCDECL_SYS (popen, FILE *,
 _GL_CXXALIAS_SYS (popen, FILE *, (const char *cmd, const char *mode));
 # endif
 _GL_CXXALIASWARN (popen);
-#elif defined GNULIB_POSIXCHECK
-# undef popen
-# if HAVE_RAW_DECL_POPEN
+#else
+# if @GNULIB_PCLOSE@ && __GNUC__ >= 11 && !defined popen
+/* For -Wmismatched-dealloc: Associate popen with pclose or rpl_pclose.  */
+_GL_FUNCDECL_SYS (popen, FILE *,
+                  (const char *cmd, const char *mode)
+                  _GL_ARG_NONNULL ((1, 2)) _GL_ATTRIBUTE_DEALLOC (pclose, 1));
+# endif
+# if defined GNULIB_POSIXCHECK
+#  undef popen
+#  if HAVE_RAW_DECL_POPEN
 _GL_WARN_ON_USE (popen, "popen is buggy on some platforms - "
                  "use gnulib module popen or pipe for more portability");
+#  endif
 # endif
 #endif
 
@@ -1353,16 +1389,28 @@ _GL_FUNCDECL_RPL (tmpfile, FILE *, (void)
                                    _GL_ATTRIBUTE_DEALLOC (fclose, 1));
 _GL_CXXALIAS_RPL (tmpfile, FILE *, (void));
 # else
+#  if __GNUC__ >= 11
+/* For -Wmismatched-dealloc: Associate tmpfile with fclose or rpl_fclose.  */
+_GL_FUNCDECL_SYS (tmpfile, FILE *, (void)
+                                   _GL_ATTRIBUTE_DEALLOC (fclose, 1));
+#  endif
 _GL_CXXALIAS_SYS (tmpfile, FILE *, (void));
 # endif
 # if __GLIBC__ >= 2
 _GL_CXXALIASWARN (tmpfile);
 # endif
-#elif defined GNULIB_POSIXCHECK
-# undef tmpfile
-# if HAVE_RAW_DECL_TMPFILE
+#else
+# if @GNULIB_FCLOSE@ && __GNUC__ >= 11 && !defined tmpfile
+/* For -Wmismatched-dealloc: Associate tmpfile with fclose or rpl_fclose.  */
+_GL_FUNCDECL_SYS (tmpfile, FILE *, (void)
+                                   _GL_ATTRIBUTE_DEALLOC (fclose, 1));
+# endif
+# if defined GNULIB_POSIXCHECK
+#  undef tmpfile
+#  if HAVE_RAW_DECL_TMPFILE
 _GL_WARN_ON_USE (tmpfile, "tmpfile is not usable on mingw - "
                  "use gnulib module tmpfile for portability");
+#  endif
 # endif
 #endif
 



^ permalink raw reply related	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2021-08-08 16:28 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2021-08-07 16:19 stdio: Improve GCC 11 allocation-deallocation checking Bruno Haible
2021-08-08 16:28 ` Bruno Haible

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).