This is the mail archive of the
mailing list for the glibc project.
Re: RFC: __attribute_alloc_size__ on allocation functions (BZ#23741)
- From: Paul Eggert <eggert at cs dot ucla dot edu>
- To: Adhemerval Zanella <adhemerval dot zanella at linaro dot org>, GNU C Library <libc-alpha at sourceware dot org>
- Date: Fri, 9 Nov 2018 15:23:55 -0800
- Subject: Re: RFC: __attribute_alloc_size__ on allocation functions (BZ#23741)
- References: <email@example.com>
On 11/9/18 7:11 AM, Adhemerval Zanella wrote:
It seems that some*very* specific programs do allocate objects larger PTRDIFF_MAX,
On the other hand, GNU coreutils, GNU Emacs and several other programs
do just the opposite: they uses wrappers around malloc that fail without
calling malloc if the requested size exceeds PTRDIFF_MAX. This is to
avoid the compiler gotchas mentioned in this thread.
For almost all applications malloc and friends should never allocate
such objects as they cause more problems than they cure. The very few
applications that need and can safely use objects larger than
PTRDIFF_MAX can use mmap. And for mmap, I wouldn't mind if glibc mmap
added a flag MMAP_EXCEED_PTRDIFF, so that mmap could reject requests for
sizes greater than PTRDIFF_MAX unless this new flag is used.