Details
-
Improvement
-
Resolution: Fixed
-
Major - P3
-
None
-
None
-
None
-
Fully Compatible
-
Dev Platform 2021-10-04
Description
There are several things we can do to mongoMalloc and mongoRealloc to give the compiler more insight into the behavior of these functions:
- Mark them as noexcept, since we know they never throw.
- Mark them with the warn_unused_result or equivalent attribute, since failing to capture the result of a call indicates an unavoidable memory leak.
- Mark them with the returns_nonnull or equivalent attribute, since they terminate on failure rather than returning nullptr.
- Mark them with the alloc_size or equivalent attribute, so that for allocations of constexpr size the compiler can track the size of the allocated region and expose it via __builtin_object_size, improving bounds checking.
- In the case of mongoMalloc, mark it with the malloc or equivalent attribute so that the compiler knows that the returned pointer cannot alias any existing object. Note that it is not appropriate to apply that attribute to mongoRealloc.
It may also make sense to mark reportOutOfMemoryErrorAndExit with the noreturn or equivalent attribute.