From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1MA1M1-0003iE-2w
	for qemu-devel@nongnu.org; Fri, 29 May 2009 08:38:33 -0400
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1MA1Lw-0003VF-Av
	for qemu-devel@nongnu.org; Fri, 29 May 2009 08:38:32 -0400
Received: from [199.232.76.173] (port=48937 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1MA1Lv-0003US-RL
	for qemu-devel@nongnu.org; Fri, 29 May 2009 08:38:27 -0400
Received: from srv-05.w4a.fr ([94.23.5.116]:50395 helo=mx1.w4a.fr)
	by monty-python.gnu.org with esmtp (Exim 4.60)
	(envelope-from <jcd@tribudubois.net>) id 1MA1Lv-0007EK-AP
	for qemu-devel@nongnu.org; Fri, 29 May 2009 08:38:27 -0400
Date: Fri, 29 May 2009 13:38:21 +0100 (GMT+01:00)
From: jcd@tribudubois.net
Message-ID: <4437345.69141243600701556.JavaMail.root@srv-05.w4a.fr>
In-Reply-To: <87hbz4t7i3.fsf@pike.pond.sub.org>
Subject: Re: [Qemu-devel] [PATCH] use qemu_malloc and friends consistently
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Markus Armbruster <armbru@redhat.com>
Cc: Kevin Wolf <kwolf@redhat.com>, qemu-devel@nongnu.org


----- "Markus Armbruster" <armbru@redhat.com> a =C3=A9crit :
>=20
> No.  malloc() implements the same, well-known spec everywhere.  Some
> people don't understand or don't like the spec, but that doesn't make
> implementations of the spec incompatible.  Here's what you can expect
> from malloc():
>=20
> * After p =3D malloc(SIZE), you can access p[i] for 0 <=3D i < SIZE.  It
>   follows that you must not dereference p at all if SIZE =3D=3D 0.
>=20
> * If malloc(SIZE) returns a null pointer, and SIZE !=3D 0, then
> malloc()
>   failed.
>=20
> * Any result of malloc() can safely be passed to free().
>=20
> A wrapper like qemu_malloc() can implement a different spec, of
> course.
> But only if the spec is compatible, the wrapper can be used as a
> drop-in
> replacement.  Making it gratuitously incompatible is foolish, because
> it
> *breaks* code that works just fine with malloc().
>=20
> We already agreed on one compatible difference: qemu_malloc() shall
> not
> fail, but just terminate the program.
>=20
> We're debating another difference, namely what qemu_malloc(0) shall
> do.
> Two fine compatible options have been proposed here:
>=20
> 1. qemu_malloc(0) shall return a null pointer.
>=20
> 2. qemu_malloc(0) shall return a non-null pointer that can be passed
> to
>    qemu_free()
>=20
> The one that got committed is incompatible.

Thanks for the clarification Markus.

JC