←back to thread

Some bits on malloc(0) in C being allowed to return NULL

(utcc.utoronto.ca)
48 points ingve | 9 comments | 25 Jun 25 06:15 UTC | HN request time: 0s | source | bottom
Show context
AaronDinesh ◴[26 Jun 25 17:21 UTC] No.44389347[source]
Why should it be allowed to return a valid pointers anyways? Surely it should always return NULL?
replies(5): >>44389371 #>>44389461 #>>44389531 #>>44390081 #>>44392719 #
1. cjensen ◴[26 Jun 25 17:39 UTC] No.44389531[source]
There are three reasonable choices: (a) return the null pointer (b) return a valid unique pointer and (c) abort().

The point of the original C Standard was to make rules about these things AND not break existing implementations. They recognized that (a) and (b) were in existing implementations and were reasonable, and they chose not to break the existing implementations when writing the standard.

This is similar to the extremely unfortunate definition of the NULL macro. There were two existing styles of implementation (bare literal 0 and (void *) 0) and the Standard allows either style. Which means the NULL macro is not entirely safe to use in portable code.

replies(1): >>44389592 #
2. commandlinefan ◴[26 Jun 25 17:44 UTC] No.44389592[source]
> return a valid unique pointer

A pointer to what, though? If the requester asked for 0 bytes of memory, you'd either be pointing to memory allocated for another purpose (!) or allocating a few bytes that weren't asked for.

> This makes people unhappy for various reasons

I read through all the links trying to figure out what those reasons might be and came up empty, I'm still curious why anybody would expect or rely on anything except a null pointer in this instance.

replies(4): >>44389671 #>>44389719 #>>44389745 #>>44389786 #
3. tedunangst ◴[26 Jun 25 17:53 UTC] No.44389671[source]
You can copy from a zero sized pointer with memcpy, but not NULL.
replies(1): >>44394792 #
4. DSMan195276 ◴[26 Jun 25 17:59 UTC] No.44389719[source]
> allocating a few bytes that weren't asked for.

FWIW the alignment guarantees of `malloc()` mean it often will have to allocate more than you ask for (before C23 anyway). You can't 'legally' use this space, but `malloc()` also can't repurpose it for other allocations because it's not suitably aligned.

That said I still agree it's a hack compared to just using `malloc(1)` for this purpose, it's well-defined and functionally equivalent if you're looking for a unique address. The fact that you don't know what `malloc(0)` is going to do makes it pretty useless anyway.

replies(1): >>44390146 #
5. AaronAPU ◴[26 Jun 25 18:02 UTC] No.44389745[source]
The only requirement which seems reasonable to me, is that the address be unique. Since the allocation size is zero, it should never be accessed for read or write, but the address itself may need to be used for comparisons.

If you’re pointing to a zero sized data it shouldn’t matter what it’s pointing to. Even outside valid address space. Because you shouldn’t be reading or writing more than 0 bytes anyway.

6. spacechild1 ◴[26 Jun 25 18:07 UTC] No.44389786[source]
> or allocating a few bytes that weren't asked for.

You are always allocating bytes you weren't asked for: the allocation metadata and some extra bytes to satisfy the alignment requirement. If you absolutely don't want to allocate memory, you probably shouldn't have called malloc() in the first place :)

7. Joker_vD ◴[26 Jun 25 18:45 UTC] No.44390146{3}[source]
> before C23 anyway

Did they change "suitably aligned for any object type" to "suitably aligned for any object type with size less than or equal to what was requested" or something like in C23?

replies(1): >>44390622 #
8. JdeBP ◴[26 Jun 25 19:46 UTC] No.44390622{4}[source]
See https://news.ycombinator.com/item?id=44390258 .
9. ncruces ◴[27 Jun 25 08:06 UTC] No.44394792{3}[source]
That's about to change: https://www.open-std.org/jtc1/sc22/wg14/www/docs/n3322.pdf