Re: [Qemu-devel] [PATCH] fix qemu_malloc() error check for size==0

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Eduardo Habkost <ehabkost@redhat.com>
To: malc <av1474@comtv.ru>
Cc: Markus Armbruster <armbru@redhat.com>, qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] [PATCH] fix qemu_malloc() error check for size==0
Date: Tue, 19 May 2009 11:56:53 -0300	[thread overview]
Message-ID: <20090519145653.GE4254@blackpad> (raw)
In-Reply-To: <Pine.LNX.4.64.0905191840240.4038@linmac.oyster.ru>

On Tue, May 19, 2009 at 06:48:25PM +0400, malc wrote:
<snip>
> > > > >> 
> > > > >> Can't see what this hunk accomplishes.  If we remove it, the loop
> > > > >> rejects, and we thus execute:
> > > > >> 
> > > 
> > > Once again, on Linux/GLIBC it will, on AIX it wont.
> > 
> > Why not? It will. If nb_snapshots is 0, it won't enter the loop. The
> > problem with that code was the "if (!s->snapshots)" check, not the
> > qemu_mallocz(0) call.
> 
> Because qemu_mallocz on AIX will be terminated by oom_check.

That's exactly what the patch prevents from happening.


> 
> > > 
> > > And FWIW despite behaviour of malloc(0) being marked as implementation
> > > defined i have sa far was unable to find any documentaiton (Linux man
> > > pages, GLIBC info files) witht the actual definition, unlike on AIX
> > > where man pages make it crystal clear what happens.
> > 
> > You don't need to have the exact behavior defined, as long as:
> 
> I certainly don't, the standard certainly says the implementation is
> obliged to document it, that's what seprates implementation-defined
> from unspecified behaviour.
>  
> > 1) You call free(p) later
> > 2) You don't dereference the returned pointer (just like you can't
> >    dereference p[n] on a malloc(n) block)
> > 3) You don't assume anything about the returned value when size==0
> > 
> > My point is that this is valid malloc() usage, and there may be existing
> > qemu code relying on that, and I don't see any reason to put a trap for
> > code that would be valid malloc()/free() usage.
> 
> Okay, at this point we both expressed our points of view and have to
> agree to disagree.

Agreed.


<snip>
> > >  
> > > There is nothing implementation defined about realloc(whatever, 0), it
> > > has a defined meaning in POSIX:
> > > http://opengroup.org/onlinepubs/007908775/xsh/realloc.html
> > > 
> > > So it doesn't use 1.
> > > 
> > 
> > realloc() return value is specified exactly the same way malloc() is:
> > 
> > "If size is 0, either a null pointer or a unique pointer that can be
> > successfully passed to free() is returned."
> 
> Nope, quoting from above page:
> 
> If size is 0 and ptr is not a null pointer, the object pointed to is 
> freed.

I quoted the above from exactly the same page.

I really hope you are not proposing to make qemu_realloc(p, 0) work but
qemu_malloc(0) fail, because you would be breaking lots of
realloc()/malloc() equivalency assumptions.

-- 
Eduardo

next prev parent reply	other threads:[~2009-05-19 14:57 UTC|newest]

Thread overview: 33+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2009-05-18 20:31 [Qemu-devel] [PATCH] fix qemu_malloc() error check for size==0 Eduardo Habkost
2009-05-18 21:56 ` malc
2009-05-18 22:17   ` Eduardo Habkost
2009-05-19  0:17     ` malc
2009-05-19  6:44       ` Markus Armbruster
2009-05-19 13:00         ` malc
2009-05-19 13:37           ` Markus Armbruster
2009-05-19 14:06             ` malc
2009-05-19 14:28               ` Eduardo Habkost
2009-05-19 14:48                 ` malc
2009-05-19 14:56                   ` Eduardo Habkost [this message]
2009-05-19 15:23                     ` malc
2009-05-19 15:43                       ` Eduardo Habkost
2009-05-19 20:32                         ` Jamie Lokier
2009-05-19 22:12                           ` Eduardo Habkost
2009-05-19 22:49                             ` Jamie Lokier
2009-05-20  3:28                               ` Eduardo Habkost
2009-05-19 20:31                     ` Jamie Lokier
2009-05-19 16:09               ` Markus Armbruster
2009-05-19 14:02           ` Eduardo Habkost
2009-05-19 14:37             ` malc
2009-05-19 14:44               ` Eduardo Habkost
2009-05-19 14:55                 ` malc
2009-05-19 16:44                   ` [PATCH] Make qemu_alloc()/qemu_realloc() return NULL for size==0 (was Re: [Qemu-devel] [PATCH] fix qemu_malloc() error check for size==0) Eduardo Habkost
2009-05-19 18:40                     ` malc
2009-05-19 19:38                       ` Eduardo Habkost
2009-05-19 20:34                       ` Jamie Lokier
2009-05-20  8:00                       ` Kevin Wolf
2009-05-20  9:30                       ` [Qemu-devel] Re: [PATCH] Make qemu_alloc()/qemu_realloc() return NULL for size==0 Markus Armbruster
2009-05-20 18:20                         ` malc
2009-05-19 20:37                   ` [Qemu-devel] [PATCH] fix qemu_malloc() error check " Jamie Lokier
2009-05-19 13:52       ` Eduardo Habkost
2009-05-19 14:39         ` malc

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20090519145653.GE4254@blackpad \
    --to=ehabkost@redhat.com \
    --cc=armbru@redhat.com \
    --cc=av1474@comtv.ru \
    --cc=qemu-devel@nongnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.