On Fri, 30-Jun-2006 at 12:15:21 -0400, Pat Lashley wrote: > >I went wandering through the C Working Group archives for the heck of > >it, and apparently a lot of people were confused over this, thinking > >either as you did or that "unique" meant it would a value unique to > >the usage of malloc(0). It's been clarified recently (and will be in > >the next revision of the standard) to the meaning you understood. > > ... > > >This is wandering into -standards territory, though. In any case, the > >answer to thread's original question is "mozilla should fix its code > >to not assume malloc(0)==NULL". > > Agreed. (With the usual observation that they, too, are a mainly > volunteer-based project; and would probably appreciate the inclusion of a > patch
Well, I was unsure of the correct behaviour. That's why I came here:-). >From all what I've read so far, I can summarize: - Returning a non-NULL value from malloc(0) is completely legal. - We return a non-NULL value which, when dereferenced, always make the application crash (as a warning). See the commit message of rev. 1.60 of malloc.c: -------------------------------- snip -------------------------- phkmalloc->evilchecks++; If zero bytes are allocated, return pointer to the middle of page-zero (which is protected) so that the programme will crash if it dereferences this illgotten pointer. Inspired & Urged by: Theo de Raadt <[EMAIL PROTECTED]> -------------------------------- snap -------------------------- - What we do isn't 100% perfect since we always return the same value for each malloc(0). - It was firefox' fault to crash. - The manpage is heavily misleading. Firefox must be fixed but some stuff can be done in FreeBSD as well: - If we keep our current behaviour we have to change the manpage. (As I said before, I could do that if someone will commit it later.) - We could reverse the meaning of the V-flag (or, introduce a new flag to avoid confusion). This would mean that by default a malloc(0) will return NULL in future. The new flag can be used to change this behaviour to the way it was done before: We hand out the value which, when dereferenced, make the programme crash as a warning to the author. We note in the manpage that it is not 100% legal since we always use the same value. > with the bug report. And, of course, that the original poster of this thread > should file a bug report with the Mozilla project.) Please see: https://bugzilla.mozilla.org/show_bug.cgi?id=343283 It wasn't me who created this PR but the author of the extension which actually revealed the bug. -Andre -- UNIX is an operating system, OS/2 is half an operating system, Windows is a shell, and DOS is a bootsector virus. _______________________________________________ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"