Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20250619214030.GH1827@brightrain.aerifal.cx>
Date: Thu, 19 Jun 2025 17:40:30 -0400
From: Rich Felker <dalias@...c.org>
To: Thorsten Glaser <tg@...bsd.de>
Cc: musl@...ts.openwall.com, Alejandro Colomar <alx@...nel.org>,
	linux-man@...r.kernel.org, libc-alpha@...rceware.org,
	Paul Eggert <eggert@...ucla.edu>, Bruno Haible <bruno@...sp.org>,
	bug-gnulib@....org
Subject: Re: [v2] malloc.3: Clarify realloc(3) standards conformance

On Thu, Jun 19, 2025 at 05:38:15PM +0200, Thorsten Glaser wrote:
> On Thu, 19 Jun 2025, Rich Felker wrote:
> 
> >> +       The glibc implementation of realloc() is not consistent with
> >> +       that, and as a consequence, it is dangerous to call
> >> +       realloc(p, 0) in glibc.
> >
> >It's not dangerous if you know what it's doing. Rather it's
> >non-portable.
> 
> Nope.
> 
> It’s actually dangerous in all libcs.
> 
> GCC is a repeat offender of taking things that are Undefined
> Behaviour in C (and GCC 15 even defaults to C23) and optimising
> in a way that breaks programs and libraries that depend on the
> behaviour of the respektive system and libc, which they even
> guarantee.
> 
> This is an unperiodic reminder that GCC lacks a -std=posix2024
> and similar.
> 
> This is also why I was a bit angry that C23 made it UB. Had
> they made it unspecified (POSIX verbiage) / IB (C verbiage),
> implementations could actually do things and compilers would
> not be allowed to break things that rely on it, i.e. it would
> merely have been unportable. But when ISO C says UB it’s not
> unportable, it’s dangerous.

OK, this is a legitimate point in support of "dangerous", but it only
applies with -std=c23 or similar. When targeting an older version of
the language standard, the UB does not apply. It would be interesting
to know if GCC and/or LLVM have any particular intent on this yet. My
hope would be that they wait to react until a better consensus is
achieved.

Rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.