Subject: Re: CVS commit: basesrc/lib/libc/stdlib
To: Jaromir Dolecek <firstname.lastname@example.org>
From: Allen Briggs <email@example.com>
Date: 07/30/2002 11:50:35
On Tue, Jul 30, 2002 at 03:09:36PM +0200, Jaromir Dolecek wrote:
> > then what should happen if
> > x = calloc(0x10000000, 17);
> > on 32bit arch? it sure will cause integer overflow.
> > the commit will make it return NULL (allocation failure).
> It's not libc's business to care about this IMHO.
Just to make sure we're on the same page...
man calloc(3) says:
void *calloc(size_t number, size_t size);
The calloc() function allocates space for number objects,
each size bytes in length.
The malloc() and calloc() functions return a pointer to the
allocated memory if successful; otherwise a NULL pointer is
It is libc's responsibility to match the documentation. It is perfectly
reasonable for it to fail if it can not allocate 'number' objects of
It is a bug if it returns anything other than NULL or "number * size"
bytes. Just as it would be a bug if malloc(0x10000) returned only
0x100 bytes of space.
> Checks like these should be within #ifdef _DIAGNOSTIC.
Some checks kind of like this one, certainly.
I think this one should not be in _DIAGNOSTIC.
Allen Briggs firstname.lastname@example.org
http://www.wasabisystems.com/ Quality NetBSD CDs, Sales, Support, Service
NetBSD development for Alpha, ARM, M68K, MIPS, PowerPC, SuperH, XScale, etc...