Date: Thu, 29 Jun 2006 16:57:05 -0400 From: Lowell Gilbert <lgusenet@be-well.ilk.org> To: freebsd-hackers@freeBSD.org Subject: Re: Return value of malloc(0) Message-ID: <44odwbu1cu.fsf@be-well.ilk.org> In-Reply-To: <F08E3BAE0BDAC4061A2A283F@Zelazny> (Pat Lashley's message of "Thu, 29 Jun 2006 15:33:08 -0400") References: <20060628181045.GA54915@curry.mchp.siemens.de> <20060628212956.GI822@wombat.fafoe.narf.at> <805AA34B676EDF411B3CF548@Zelazny> <20060629165629.GA6875@britannica.bec.de> <F08E3BAE0BDAC4061A2A283F@Zelazny>
next in thread | previous in thread | raw e-mail | index | archive | help
Pat Lashley <patl+freebsd@volant.org> writes:
>> On Thu, Jun 29, 2006 at 11:44:23AM -0400, Pat Lashley wrote:
>> > No, our implementation is NOT legal. We always return the SAME value. To
>> > be legal, we should not return that value again unless it has been
>> > free()-ed.
>>
>> It is legal due to brain damaged definition of implementation defined
>> behaviour, but it violates the spirit of the standard :-)
>
> Perhaps I'm misunderstanding the 'implementation defined behavior'
> choices in the standard. I thought that it could either 1) Return
> NULL; or 2) Behave as though it returned a 'minimum allocation' (which
> cannot be legally de-referenced).
I went wandering through the C Working Group archives for the heck of
it, and apparently a lot of people were confused over this, thinking
either as you did or that "unique" meant it would a value unique to
the usage of malloc(0). It's been clarified recently (and will be in
the next revision of the standard) to the meaning you understood.
Specifically:
If the size of the space requested is zero, the behavior is
implementation-defined: either a null pointer is returned, or the
behavior is as if the size were some nonzero value, except that
the returned pointer shall not be used to access an object.
> But if it did actually perform a
> minimum allocation'; wouldn't it have to return a different value
> every time to maintain the free() semantics?
I think that's another way of looking at the same confusion. If
"minimum" is zero, then using a sentinel value (as in FreeBSD) works.
Our malloc() could be easily fixed to be standards-compliant by
removing the special handling for ZEROSIZEPTR in malloc.c; then
allocations of 0 bytes will be rounded up to 16, just like all other
alloations of less than 16 bytes. However, that would lose much of
the bug-finding advantage of the current behaviour.
This is wandering into -standards territory, though. In any case, the
answer to thread's original question is "mozilla should fix its code
to not assume malloc(0)==NULL".
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44odwbu1cu.fsf>