Re: Return value of malloc(0)

On Thu, Jun 29, 2006 at 11:44:23AM -0400, Pat Lashley wrote:
The C Standard says the following about malloc(0):

If the size of the space requested is zero, the behavior is
implementation-defined: either a null pointer is returned, or the
behavior is as if the size were some nonzero value, except that the
returned pointer shall not be used to access an object.

So our default behaviour to crash if a pointer returned by malloc(0) is
dereferenced is legal and a good one because it catches errors like the
above one.

No, our implementation is NOT legal. We always return the SAME value. To
be legal, we should not return that value again unless it has been
free()-ed.

first = malloc(0) ;
second = malloc(0) ;

if ( first == second ) ERROR( "C standards violation" ) ;


Almost. The test should be

if ( first != NULL && first == second) ERROR( "C standards violation" ) ;

It is after all legal for malloc(0) to return NULL.


Otherwise you are correct. Having malloc(0) always returning the same
(non-NULL) value is not legal according to the C standard.

C99 says:

7.20.3 Memory management functions
[...] Each such allocation shall yield a pointer to an object disjoint from
any other object. [...] If the size of the space requested is zero, the
behavior is implementation-defined: either a null pointer is returned, or
the behavior is as if the size were some nonzero value, except that the
returned pointer shall not be used to access an object.





Firefox, or the extension, has a bug in the code. It should not be
attempting to de-reference the result of a 'malloc(0)' call. They probably
depend on having it return NULL, which is checked elsewhere. (The fix is
for them to test for the size == zero case and just set the pointer to NULL
instead of calling malloc(0). But that's their problem, not ours.)



-Pat
_______________________________________________
freebsd-hackers@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@xxxxxxxxxxx"

--
<Insert your favourite quote here.>
Erik Trulsson
ertr1013@xxxxxxxxxxxxx
_______________________________________________
freebsd-hackers@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@xxxxxxxxxxx"

Relevant Pages

  • Re: fs/block_dev.c:953: warning: found might be used uninitialized in this function
    ... >>>returns zero. ... If it returns nonzero, ptr stays uninitialized. ... >>>Later the value of the pointer is checked. ...
    (Linux-Kernel)
  • Re: (MS-)DOS PC on a microcontroller??
    ... memory block of zero bytes. ... The pointer returned if the ... Each such allocation shall yield a pointer to ... support malloc/calloc requests for 0 bytes and whether or not the ...
    (comp.arch.embedded)
  • Re: (MS-)DOS PC on a microcontroller??
    ... memory block of zero bytes. ... all of malloc, realloc, and calloc and thus is isolated in the ... The pointer returned if the ... Each such allocation shall yield a pointer to ...
    (comp.arch.embedded)
  • Re: gcc knows about malloc()
    ... I multiplied by zero to compensate". ... No. Multiplying by zero is correct in math (so my analogy is not ... a function through a pointer of the wrong type. ... your program contains a single pointer conversion: ...
    (comp.lang.c)
  • Re: gcc knows about malloc()
    ... I multiplied by zero to compensate". ... No. Multiplying by zero is correct in math (so my analogy is not ... But, the idea is that you can't compensate UB, in any way... ... a function through a pointer of the wrong type. ...
    (comp.lang.c)