-
Notifications
You must be signed in to change notification settings - Fork 30.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
src: remove UncheckedMalloc(0) workaround #44543
src: remove UncheckedMalloc(0) workaround #44543
Conversation
9d3691f
to
7d5bd1d
Compare
This comment was marked as outdated.
This comment was marked as outdated.
7d5bd1d
to
29bc634
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not a fan. Around 2016 a lot of effort was spent tracking down bugs caused by different malloc() implementations. I don't relish the thought of revisiting that.
The current state, which might be the result of those efforts to "fix" the behavior of Even if we decide on some node-specific convention for In fact, there are very few call sites of Semantically, it would probably be cleaner to return a I am aware that OpenSSL sometimes behaves strangely when given a I could change |
I'm sure you realize this but the reason I suppose you could change all instances of: // ret = UncheckedMalloc(n);
CHECK_NOT_NULL(ret); To: CHECK_IMPLIES(n > 0, ret != nullptr); But goshdarn, what a tedious pull request to write or review. |
Assuming that UncheckedMalloc(0) returns a non-nullptr is non-standard and we use other allocators as well (e.g., OPENSSL_malloc) that do not guarantee this behavior. It is the caller's responsibility to check that size != 0 implies UncheckedMalloc(size) != nullptr, and that's exactly what the checked variants (Malloc etc.) already do. The current behavior is also inconsistent with UncheckedRealloc(), which always returns a nullptr when the size is 0, and with the documentation in src/README.md as well as with multiple comments in the source code. This changes UncheckedMalloc(), UncheckedCalloc(), and UncheckedRealloc() to always return a nullptr when the size is 0 instead of doing fake allocations in UncheckedMalloc() and UncheckedCalloc() while returning a nullptr from UncheckedRealloc(). This is consistent with existing documentation and comments. Refs: nodejs#8571 Refs: nodejs#8572
29bc634
to
8dae03b
Compare
I do realize that, but I don't think that making fake allocations is the right approach to resolve the problem. I'd consider the condition you are describing a bug; it's non-standard and that assumption might fail if some other allocator is used (e.g, OpenSSL). In fact, it will already fail when node's own The current behavior is inconsistent (see Lines 954 to 955 in 0917626
Lines 69 to 78 in e62f6ce
Lines 334 to 340 in e62f6ce
The only cases worth looking at are those that use As suggested in my previous comment, I have changed Unlike before, the behavior of Also, unlike before, this matches internal documentation and comments in the code. |
cc @nodejs/cpp-reviewers |
ping @nodejs/cpp-reviewers @bnoordhuis |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I have looked at the patch and the PR description/discussion and both make sense to me. However, I haven't been around for so long to say if that will fall on some edge case. I'll leave my LGTM assuming the CI will be green.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
Landed in 1af6619 |
Assuming that UncheckedMalloc(0) returns a non-nullptr is non-standard and we use other allocators as well (e.g., OPENSSL_malloc) that do not guarantee this behavior. It is the caller's responsibility to check that size != 0 implies UncheckedMalloc(size) != nullptr, and that's exactly what the checked variants (Malloc etc.) already do. The current behavior is also inconsistent with UncheckedRealloc(), which always returns a nullptr when the size is 0, and with the documentation in src/README.md as well as with multiple comments in the source code. This changes UncheckedMalloc(), UncheckedCalloc(), and UncheckedRealloc() to always return a nullptr when the size is 0 instead of doing fake allocations in UncheckedMalloc() and UncheckedCalloc() while returning a nullptr from UncheckedRealloc(). This is consistent with existing documentation and comments. Refs: #8571 Refs: #8572 PR-URL: #44543 Reviewed-By: Rafael Gonzaga <[email protected]> Reviewed-By: James M Snell <[email protected]>
Unlike
UncheckedRealloc(p, 0)
, which returns anullptr
, bothUncheckedMalloc(0)
andUncheckedCalloc(0)
currently perform fake allocations to return a non-nullptr
.Assuming that
UncheckedMalloc(0)
returns a non-nullptr
is non-standard and we use other allocators as well (e.g., OPENSSL_malloc) that do not guarantee this behavior. It is the caller's responsibility to check thatsize != 0
impliesUncheckedMalloc(size) != nullptr
, and that's exactly what the checked variants (Malloc
etc.) already do.The current behavior is also inconsistent with
UncheckedRealloc()
, which always returns anullptr
when the size is0
, and with the documentation insrc/README.md
as well as with multiple comments in the source code.node/src/README.md
Lines 954 to 955 in 0917626
node/src/util.h
Lines 69 to 78 in e62f6ce
node/src/util-inl.h
Lines 334 to 340 in e62f6ce
This changes
UncheckedMalloc()
,UncheckedCalloc()
, andUncheckedRealloc()
to always return anullptr
when the size is0
instead of doing fake allocations inUncheckedMalloc()
andUncheckedCalloc()
while returning anullptr
fromUncheckedRealloc()
. This is consistent with existing documentation and comments.Refs: #8571
Refs: #8572