On Wed, Apr 29, 2015 at 8:23 PM, Scott Robison <scott at casaderobison.com> wrote:
> > 1. From http://linux.die.net/man/3/malloc > > By default, Linux follows an optimistic memory allocation strategy. This >> means that when *malloc*() returns non-NULL there is no guarantee that >> the memory really is available. In case it turns out that the system is out >> of memory, one or more processes will be killed by the OOM killer. For more >> information, see the description of*/proc/sys/vm/overcommit_memory* and >> */proc/sys/vm/oom_adj* in *proc <http://linux.die.net/man/5/proc>*(5), >> and the Linux kernel source file *Documentation/vm/overcommit-accounting* >> . > > > 2. From ISO/IEC 9899 1990 7.10.3.3 > > Synopsis > > Description >> The malloc function allocates space for an object whose size is specified >> by size and >> whose value is indeterminate. >> Returns >> The malloc function returns either a null pointer or a pointer to the >> allocated space. > > > 3. The following code should never cause an error per the relevant > standards: > > char* p = malloc(1); > > if (p) *p = 'x'; > > > That code can fail on a system configured to overcommit memory. By that > standard, the pointer is invalid. > Accidentally sent before I was finished. In any case, by "invalid pointer" I did not mean to imply "it returns a bit pattern that could never represent a valid pointer". I mean "if you dereference a pointer returned by malloc that is not null or some implementation defined value, it should not result in an invalid memory access". -- Scott Robison