unbreaking alloca

[David Schultz]

On Sat, Jun 14, 2003, Dag-Erling Smorgrav wrote:
> David's latest commit to cdefs.h breaks the build by causing lint to
> fail for every source file that directly or indirectly includes
> <sys/cdefs.h>; it will similarly cause non-GNU compilers to fail on
> the same files.  This is entirely unnecessary as the patch was only
> meant to add alloca(3) support on compilers that support it.
> 
> I'd like to commit the attached patch (after suitable testing of
> course).  It removes all mention of alloca(3) from cdefs.h, and
> instead modifies the declaration in stdlib.h so that GNU compilers see
> alloca(sz) defined to __builtin_alloca(sz) while other compilers (and
> linters) see a regular prototype.

alloca() is, by necessity, a compiler feature.  AFAIK, you
shouldn't need to #define alloca __builtin_alloca, since any
compiler should be providing it if it is supported at all.  I
think simply declaring it should be sufficient; at least this is
the case for gcc.

> I would also like to add (at some future date) a link-time warning for
> alloca(3) similar to what we already have for gets(), mktemp() etc.

I worry a little bit about overdoing those.  The gets() and
mktemp() warnings are there for security reasons; it's virtually
impossible to use those functions without introducing a possibly
security-relevant bug.  An alloca() warning would be more of a
portability warning, which is of no interest to the end users of
the software as long as alloca() works, and redundant if it
doesn't work.  Security, on the other hand, *is* a concern to end
users.

Then again, there's virtually no software out there that uses
alloca(), so if you have your heart set on it, I can hardly object
to a warning that I never see.