[Webkit-unassigned] [Bug 29026] CRASH: fastRealloc crashes on realloc(ptr, 0)
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Sep 11 13:44:39 PDT 2009
https://bugs.webkit.org/show_bug.cgi?id=29026
--- Comment #9 from Mark Rowe (bdash) <mrowe at apple.com> 2009-09-11 13:44:38 PDT ---
(In reply to comment #8)
> (In reply to comment #7)
> > I agree that fastRealloc should have the same semantics as realloc, or be
> > renamed. However, I'm not sure which specification you're citing, as the
> > behavior is different per Mac OS X man page:
> >
> > "If ptr is NULL, realloc() is identical to a call to malloc() for size bytes.
> > If size is zero and ptr is not NULL, a new, minimum sized object is allocated
> > and the original object is freed."
> >
> > As a result, the behavior of realloc(0, 0) is implementation defined, but
> > realloc(nonNull, 0) doesn't return 0 unless minimum sized object allocation
> > fails.
>
> Good digging, Alexey! I was using this reference:
> http://www.opengroup.org/onlinepubs/009695399/functions/realloc.html
>
> So it appears that BSD (and Mac OSX) already diverges from the C spec.
Quoting from
<http://www.opengroup.org/onlinepubs/009695399/functions/realloc.html>:
If size is 0, either a null pointer or a unique pointer that can be
successfully passed to free() shall be returned.
Mac OS X's malloc returns a unique pointer that can be successfully passed to
free. That's completely in line with the specification.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list