Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> wrote: > So the _real_ prototype for 'free()'-like operations should be something like > > void free(const volatile killed void *ptr); > > where that "killed" also tells the compiler that the pointer lifetime > is dead, so that using it afterwards is invalid. So that the compiler > could warn us about some of the most trivial use-after-free cases. It might be worth asking the compiler folks to give us an __attribute__ for that - even if they don't do anything with it immediately. So we might have something like: void free(const volatile void *ptr) __attribute__((free(1))); There are some for allocation functions, some of which we use, though I'm not sure we do so as consistently as we should (should inline functions like kcalloc() have them, for example?). David
