Return value of malloc(0)

Lowell Gilbert lgusenet at be-well.ilk.org
Thu Jun 29 20:57:07 UTC 2006 

Pat Lashley <patl+freebsd at volant.org> writes:

>> On Thu, Jun 29, 2006 at 11:44:23AM -0400, Pat Lashley wrote:
>> > No, our implementation is NOT legal.  We always return the SAME value.  To
>> > be legal, we should not return that value again unless it has been
>> > free()-ed.
>>
>> It is legal due to brain damaged definition of implementation defined
>> behaviour, but it violates the spirit of the standard :-)
>
> Perhaps I'm misunderstanding the 'implementation defined behavior'
> choices in the standard.  I thought that it could either 1) Return
> NULL; or 2) Behave as though it returned a 'minimum allocation' (which
> cannot be legally de-referenced).

I went wandering through the C Working Group archives for the heck of
it, and apparently a lot of people were confused over this, thinking
either as you did or that "unique" meant it would a value unique to
the usage of malloc(0).  It's been clarified recently (and will be in
the next revision of the standard) to the meaning you understood.  

Specifically:

    If the size of the space requested is zero, the behavior is
    implementation-defined:  either a null pointer is returned, or the
    behavior is as if the size were some nonzero value, except that
    the returned pointer shall not be used to access an object.

>                                    But if it did actually perform a
> minimum allocation'; wouldn't it have to return a different value
> every time to maintain the free() semantics?

I think that's another way of looking at the same confusion.  If
"minimum" is zero, then using a sentinel value (as in FreeBSD) works.

Our malloc() could be easily fixed to be standards-compliant by
removing the special handling for ZEROSIZEPTR in malloc.c; then
allocations of 0 bytes will be rounded up to 16, just like all other
alloations of less than 16 bytes.  However, that would lose much of
the bug-finding advantage of the current behaviour.

This is wandering into -standards territory, though.  In any case, the
answer to thread's original question is "mozilla should fix its code
to not assume malloc(0)==NULL".

More information about the freebsd-hackers mailing list