Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1wgavG-006HRk-3B for pgsql-hackers@arkaria.postgresql.org; Mon, 06 Jul 2026 04:27:10 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.96) (envelope-from ) id 1wgavD-00EqXp-0S for pgsql-hackers@arkaria.postgresql.org; Mon, 06 Jul 2026 04:27:07 +0000 Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1wgavC-00EqXg-2m for pgsql-hackers@lists.postgresql.org; Mon, 06 Jul 2026 04:27:06 +0000 Received: from sss.pgh.pa.us ([68.162.161.243]) by magus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.98.2) (envelope-from ) id 1wgav4-00000001zJ2-0PMn for pgsql-hackers@postgresql.org; Mon, 06 Jul 2026 04:27:01 +0000 Received: from sss1.sss.pgh.pa.us (localhost [127.0.0.1]) by sss.pgh.pa.us (8.18.1/8.18.1) with ESMTP id 6664QsF9924284; Mon, 6 Jul 2026 00:26:54 -0400 From: Tom Lane To: "Tristan Partin" cc: "pgsql-hackers" Subject: Re: Add malloc attribute to memory allocation functions In-reply-to: References: Comments: In-reply-to "Tristan Partin" message dated "Wed, 01 Jul 2026 17:51:25 -0000" MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <924282.1783312014.1@sss.pgh.pa.us> Date: Mon, 06 Jul 2026 00:26:54 -0400 Message-ID: <924283.1783312014@sss.pgh.pa.us> List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk "Tristan Partin" writes: > Given that we now have a tree that compiles fine against > -Werror=mismatched-dealloc, we need to make sure that we don't regress. > By adding the malloc attribute[0], we can protect against regressions, > enable more accurate code coverage with -fanalyzer, and allow the > compiler to do some optimizations. I'm skeptical that this is going to lead to anything but grief. In particular, since gcc has never heard of memory contexts, I don't see how we are not going to get buried in bogus -Wanalyzer-malloc-leak warnings. It doesn't really help to add compiler annotations that only sort-of match our semantics. (This opinion is based on years of dismissing useless Coverity warnings of this kind.) regards, tom lane