From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1M9zie-0001I8-HM
	for qemu-devel@nongnu.org; Fri, 29 May 2009 06:53:48 -0400
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1M9ziZ-0001AN-Gz
	for qemu-devel@nongnu.org; Fri, 29 May 2009 06:53:47 -0400
Received: from [199.232.76.173] (port=34580 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1M9ziZ-0001AC-6T
	for qemu-devel@nongnu.org; Fri, 29 May 2009 06:53:43 -0400
Received: from qw-out-1920.google.com ([74.125.92.147]:10742)
	by monty-python.gnu.org with esmtp (Exim 4.60)
	(envelope-from <anthony@codemonkey.ws>) id 1M9ziY-0000qh-OO
	for qemu-devel@nongnu.org; Fri, 29 May 2009 06:53:42 -0400
Received: by qw-out-1920.google.com with SMTP id 4so3063535qwk.4
	for <qemu-devel@nongnu.org>; Fri, 29 May 2009 03:53:42 -0700 (PDT)
Message-ID: <4A1FBEB2.2030009@codemonkey.ws>
Date: Fri, 29 May 2009 05:53:38 -0500
From: Anthony Liguori <anthony@codemonkey.ws>
MIME-Version: 1.0
Subject: Re: [Qemu-devel] [PATCH] use qemu_malloc and friends consistently
References: <200905290758.11551.jcd@tribudubois.net>
	<4A1F9FFE.3030100@redhat.com> <4A1FA573.4010602@codemonkey.ws>
	<Pine.LNX.4.64.0905291335130.3397@linmac.oyster.ru>
In-Reply-To: <Pine.LNX.4.64.0905291335130.3397@linmac.oyster.ru>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: malc <av1474@comtv.ru>
Cc: Kevin Wolf <kwolf@redhat.com>, Paul Brook <paul@codesourcery.com>, qemu-devel@nongnu.org, Jean-Christophe Dubois <jcd@tribudubois.net>

malc wrote:
> On Fri, 29 May 2009, Anthony Liguori wrote:
>
>   
> Dereference of NULL is UB[1] and dereferencing result of malloc(1) will
> just plain work.
>   

So let's ignoring returning NULL as a possibility..

>> Putting the abort() in there is going to introduce a ton of subtle bugs,
>> I vote for changing qemu_malloc() to have a sane behavior.
>>     
>
> And those will be caught, given one a chance to analyze things, unlike
> head in the sand approach of hoping things would just work.
>
> After doing some research, after the aforementioned lengthy discussion,
> the only free OS that straight-forwardly described what it does was
> OpenBSD:
>
> http://www.openbsd.org/cgi-bin/man.cgi?query=malloc&apropos=0&sektion=0&manpath=OpenBSD+Current&arch=i386&format=html
>
> P.S. So far the abort that went into qemu_malloc caught one usage of zero
>      allocation (once again coming from qcow2).'
>   

But the zero allocation isn't a bug if we return malloc(1).  This is a
common convention and while it may not be portable to every platform's
underlying malloc, we can make this convention portable with qemu_malloc().

At the end of the day, the result is a harder to misuse qemu_malloc()
and that's a very good thing.  I don't want a user to "discover" a
non-portable use of malloc() while trying to do something important.

Regards,

Anthony Liguori