Return values from malloc

[chambece]

Hi,

I've just been looking at the man page for malloc as I was investigating a memory related problem and noticed the following that was relevent

If size, nelem, or elsize is 0, a unique pointer to the arena is returned.

What exactly does this mean? is it a valid pointer? I'm using a run-time memory checker and it is saying that the program is assigning a wild pointer.

I know this is obviously bad, and I've sorted it, but I've not heard of this before and wondered if any knew anything more?

Thanks in advance

Craig

[Salem]

Given
p = malloc ( 0 );

It doesn't matter whether p is NULL or not, because you can't do anything with it in either case.
If it's NULL, then p[0] is a segmentation fault.
If it isn't NULL, then p[0] is a buffer overflow.
Either way, you lose.

> If size, nelem, or elsize is 0, a unique pointer to the arena is returned.
p = malloc( 0 );
q = malloc( 0 );
It's just saying that p and q are unique pointers to 0 bytes - that is p != q

> I'm using a run-time memory checker and it is saying that the program is assigning a wild pointer.
From just the malloc call, or are you doing something with the pointer afterwards?

Sounds like it could be a compatibility problem between the malloc implementation and the memory checker. Which OS/Compiler/Checker are you using?

[chambece]

Thanks,

I'm using gcc 2.95.3 on solaris 9, with Insure++

The line it is reporing the error on is

Code:

if ( ( tsites=malloc(number_of_sites*sizeof(IndexEntry)) )!=0 )

It states that the program is assigning a wild pointer, and using a wild pointer in an expression.

I understand what you say with regard p!=q, but where are these pointers? What is 'The Arena'?

Regards

Craig

[qqqqxxxx]

heap?

[chambece]

Yeah, that is what I was thinking, so therefore as it's a pointer to the heap, returned from malloc I wouldn't have thought it would have been 'wild'; not much use, certainly, but not 'wild'

As Salem said, could be a compatability problem......

[fgw_three]

Furthering what Salem said, my copy of H&S "A C Reference Manual" states on page 407:

"If the requested size is 0, then the Standard C functions will return either a null pointer or a non-null pointer that nonetheless must not be used to access an object."

I'm not sure what the "arena" is, other than a typo

I would say that you might want to add a check to ensure that the number of sites variable is not 0 before you attempt to allocate the memory.....

[Salem]

> but where are these pointers? What is 'The Arena'?
Basically, the arena is a name for the huge pool of memory where malloc gets it's memory from.

As a test, what does this do

Code:

#include <stdlib.h>
#include <stdio.h>
int main ( ) {
  char *p = malloc ( 0 );
  if ( p != NULL ) {
    printf( "malloc(0) returned a pointer = %p\n", (void*)p );
  } else {
    printf( "malloc(0) returned NULL\n" );
  }
  free( p );
  return 0;
}

Does this complain when it's traced with your debug tool?

[fgw_three]

> but where are these pointers? What is 'The Arena'?
Basically, the arena is a name for the huge pool of memory where malloc gets it's memory from.

Gee, learn something new every day.....

Would that be synonymous with the heap?

[Salem]

Yeah, I'd call it a heap.