Hi Thorsten,
On Sat, Jun 21, 2025 at 12:06:41AM +0200, Thorsten Glaser wrote:
> On Fri, 20 Jun 2025, Alejandro Colomar wrote:
>
> > There are two kinds of code that call realloc(p,0). One
> > hard-codes the 0, and is used as a replacement of free(p). This
> > code ignores the return value, since it's unimportant. This
> > code currently produces a leak of 0 bytes plus associated
> > metadata on platforms such as musl libc, where it returns a
> > non-null pointer.
>
> 16 bytes or so on OpenBSD and derivatives, which return individual
> suitably-aligned pointers into pages mapped as inaccessible (so that
> accesses of the returned pointer of a 0-byte {m,re}alloc fail) plus,
> again, metadata.
>
> +1 on warning on that.
Thanks!
>
> > For consistency, all the other allocation functions are updated
> > to both return an .
>
> an…?
:-)
Here's the diff for the next revision, where I've fixed that accident:
diff --git i/alx-0029.txt w/alx-0029.txt
index a1a96c4..572c51c 100644
--- i/alx-0029.txt
+++ w/alx-0029.txt
@@ -31,7 +31,6 @@ Author
Cc: Adhemerval Zanella Netto <[email protected]>
Cc: Joseph Myers <[email protected]>
Cc: Florian Weimer <[email protected]>
- Cc: Laurent Bercot <[email protected]>
Cc: Andreas Schwab <[email protected]>
Cc: Thorsten Glaser <[email protected]>
Cc: Eric Blake <[email protected]>
@@ -58,6 +57,10 @@ History
r1 (2025-06-20):
- Full rewrite after the recent glibc discussion.
+ r2 ():
+ - Remove bouncing CC.
+ - wfix.
+
See also
<https://nabijaczleweli.xyz/content/blogn_t/017-malloc0.html>
<https://sourceware.org/pipermail/libc-alpha/1999-April/000956.html>
@@ -192,7 +195,7 @@ Description
it doesn't need to define so many special cases.
For consistency, all the other allocation functions are updated
- to both return an .
+ to both return a null pointer and set errno to ENOMEM.
Prior art
gnulib
> FWIW, I’m in favour of the proposed change, but I don’t have any
> stakes in this, I don’t think I wrote anything that mallocs or
> reallocs 0 ever. Plus I’d likely not have to change… much.
>
> (I now see that, in the case realloc() is passed a pointer the
> implementation cannot find in its pool, an error is written (and
> if an option is set, the execution terminated), and NULL is
> returned without setting errno, but that’s UB already anyway.)
Indeed, UB covers everything. As long as you return a different errno
code and document what it does, your users will likely remain happy.
> Also no need to Cc me, I get this via the musl mailing list, in
> which I have some interest (dalias generally knows his stuff).
Okay.
>
> bye,
> //mirabilos
> --
> 22:20⎜<asarch> The crazy that persists in his craziness becomes a master
> 22:21⎜<asarch> And the distance between the craziness and geniality is
> only measured by the success 18:35⎜<asarch> "Psychotics are consistently
> inconsistent. The essence of sanity is to be inconsistently inconsistent
:-)
Have a lovely day!
Alex
--
<https://www.alejandro-colomar.es/>
signature.asc
Description: PGP signature
