From: Alejandro Colomar <une+c@alejandro-colomar.es>
To: David Svoboda <svoboda@cert.org>
Cc: Robert Seacord <rcseacord@gmail.com>,
"sc22wg14@open-std. org" <sc22wg14@open-std.org>,
Florian Weimer <fweimer@redhat.com>,
Carlos O'Donell <carlos@redhat.com>,
Aaron Ballman <aaron@aaronballman.com>,
"libc-alpha@sourceware.org" <libc-alpha@sourceware.org>,
"musl@lists.openwall.com" <musl@lists.openwall.com>,
"linux-man@vger.kernel.org" <linux-man@vger.kernel.org>
Subject: Re: [SC22WG14.34664] n3752, alx-0029r8 - Restore the traditional realloc(3) specification
Date: Wed, 7 Jan 2026 21:16:52 +0100 [thread overview]
Message-ID: <aV69o8h0I3Px7ryV@devuan> (raw)
In-Reply-To: <PH1P110MB1636D74EDD4F3074AC98F12FCC84A@PH1P110MB1636.NAMP110.PROD.OUTLOOK.COM>
[-- Attachment #1: Type: text/plain, Size: 1620 bytes --]
On Wed, Jan 07, 2026 at 01:38:19PM +0000, David Svoboda wrote:
> Hi, Alex!
Hi David!
> I'm just going to respond to your first point (about what precisely the UB is):
>
> The n3605 Annex J text says:
>
> (157) A non-null pointer returned by a call to the calloc, malloc, realloc, or aligned_alloc
> function with a zero requested size is used to access an object (7.25.4).
>
> This suggests that working with a non-null pointer that has been returned from realloc() is the UB, not invoking realloc(0).
>
> But 7.25.4.8 (realloc) text says:
>
> Otherwise, if ptr does not match a pointer earlier returned by a memory management function, or
> if the space has been deallocated by a call to the free or realloc function, or if the size is zero, the
> behavior is undefined.
>
> So you're right...UB comes from actually invoking realloc(), not working with whatever it returned. The Annex J wording needs some cleanup. Unless your paper gets accepted, in which case this Annex J UB goes away (and it wouldn't hurt to mention this in your paper, as we have found lots of obsolete UBs in Annex J).
Agree; UB 182 is already covered by the usual rules for NULL.
I thought you were talking about the UB introduced in C23, but that one
seems not documented in Annex J. In fact, it's still documented
incorrectly as ID (J.3.13 entry 41, in N3220).
The UB we should be talking about is specified in 7.24.3.7p3:
[...] Otherwise, [...], or if the size is zero, the
behavior is undefined.
Have a lovely night!
Alex
--
<https://www.alejandro-colomar.es>
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
next prev parent reply other threads:[~2026-01-07 20:17 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20251223161139.196AB356CF9@www.open-std.org>
[not found] ` <20251223164349.F0BC5356D1A@www.open-std.org>
[not found] ` <CACqWKsOkbArXm0XBUHkLcFFwDUP8iDQv_xPeNbomR0bKf-GCFw@mail.gmail.com>
[not found] ` <20251223211529.6365A356CF9@www.open-std.org>
[not found] ` <CACqWKsNQCchFZnFKKAyi-3HDtJYQ6sc=UZeb+hX48WQ1e7yj_w@mail.gmail.com>
[not found] ` <20260106210527.AA3FA356D3A@www.open-std.org>
[not found] ` <20260106214930.A5C8E356D2B@www.open-std.org>
2026-01-06 23:08 ` n3752, alx-0029r8 - Restore the traditional realloc(3) specification Alejandro Colomar
[not found] ` <PH1P110MB1636A1DEC402A702C28EBA9ECC84A@PH1P110MB1636.NAMP110.PROD.OUTLOOK.COM>
2026-01-07 7:51 ` [SC22WG14.34664] " Alejandro Colomar
[not found] ` <PH1P110MB1636D74EDD4F3074AC98F12FCC84A@PH1P110MB1636.NAMP110.PROD.OUTLOOK.COM>
2026-01-07 20:16 ` Alejandro Colomar [this message]
2026-01-07 22:01 ` Joseph Myers
[not found] ` <20260107220138.AE8DF356CFB@www.open-std.org>
2026-01-08 14:59 ` [SC22WG14.34679] " Martin Uecker
[not found] ` <PH1P110MB16361EF635C579E30308D647CC85A@PH1P110MB1636.NAMP110.PROD.OUTLOOK.COM>
2026-01-08 16:26 ` Joseph Myers
[not found] ` <PH1P110MB163601133BF0167C46C8CC9DCC84A@PH1P110MB1636.NAMP110.PROD.OUTLOOK.COM>
2026-01-07 17:30 ` [SC22WG14.34664] " Florian Weimer
2026-01-07 20:28 ` Alejandro Colomar
2026-01-08 11:18 ` Florian Weimer
2026-01-08 11:53 ` [musl] " Adhemerval Zanella Netto
2026-01-07 20:36 ` [SC22WG14.34672] " Alejandro Colomar
[not found] ` <20260108023757.3C908356D01@www.open-std.org>
2026-01-08 11:08 ` [SC22WG14.34681] " Alejandro Colomar
[not found] ` <20260106221652.F02B3356D1A@www.open-std.org>
2026-01-06 23:15 ` [SC22WG14.34665] " Alejandro Colomar
[not found] ` <20260106201250.2A0A5356CEC@www.open-std.org>
[not found] ` <4dda2463-3adf-4fdf-a2c9-d58a2cdce415@informatik.uni-frankfurt.de>
2026-01-07 20:00 ` [SC22WG14.34662] " Alejandro Colomar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aV69o8h0I3Px7ryV@devuan \
--to=une+c@alejandro-colomar.es \
--cc=aaron@aaronballman.com \
--cc=carlos@redhat.com \
--cc=fweimer@redhat.com \
--cc=libc-alpha@sourceware.org \
--cc=linux-man@vger.kernel.org \
--cc=musl@lists.openwall.com \
--cc=rcseacord@gmail.com \
--cc=sc22wg14@open-std.org \
--cc=svoboda@cert.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox