From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <libc-alpha-bounces+e=80x24.org@sourceware.org>
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on dcvr.yhbt.net
X-Spam-Level: 
X-Spam-ASN: AS17314 8.43.84.0/22
X-Spam-Status: No, score=-3.7 required=3.0 tests=AWL,BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI,
	PDS_RDNS_DYNAMIC_FP,RCVD_IN_DNSWL_MED,RDNS_DYNAMIC,SPF_HELO_PASS,
	SPF_PASS shortcircuit=no autolearn=ham autolearn_force=no version=3.4.2
Received: from sourceware.org (ip-8-43-85-97.sourceware.org [8.43.85.97])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by dcvr.yhbt.net (Postfix) with ESMTPS id D6D4A1F601
	for <e@80x24.org>; Fri,  2 Dec 2022 13:54:50 +0000 (UTC)
Authentication-Results: dcvr.yhbt.net;
	dkim=pass (1024-bit key; secure) header.d=sourceware.org header.i=@sourceware.org header.b="EFUls3sC";
	dkim-atps=neutral
Received: from server2.sourceware.org (localhost [IPv6:::1])
	by sourceware.org (Postfix) with ESMTP id D90083858C2D
	for <e@80x24.org>; Fri,  2 Dec 2022 13:54:48 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org D90083858C2D
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org;
	s=default; t=1669989288;
	bh=nsPQsDGLvOyOxa0r6kGVBI3Sis3jKSlIh6nqYFSlUzs=;
	h=To:CC:Subject:Date:List-Id:List-Unsubscribe:List-Archive:
	 List-Post:List-Help:List-Subscribe:From:Reply-To:From;
	b=EFUls3sClBrZApUz5oR2+xcrWNHsHi9JiylQ0UvDifLCYTGdf5WMWcMA58+petsVv
	 nq4qfe7AYb+/7mMBGN6dMxQ9ZtLzpVoL26a9XLZQqFVTr+mSKMfqZpXJMrgSnitT89
	 YYdB1dxS0XhgPIb+2aFH/LwNFJ83+wMEsRMNE7cs=
Received: from EUR02-DB5-obe.outbound.protection.outlook.com
 (mail-db5eur02on2082.outbound.protection.outlook.com [40.107.249.82])
 by sourceware.org (Postfix) with ESMTPS id 45E0A3858D28;
 Fri,  2 Dec 2022 13:54:28 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 45E0A3858D28
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=fDASyUN1dsWoVawW9baYReP0CYQV5w1HoFNa7k5HeedhwM2PfeQcPLKrhhz8arYosLHtyHQNCC2HyyqnjO7qgdiRfAHl8otSNJF6Q3PT8ZiEi+fvGK/0Ka51f1+qRQzqzT1HJMG6b9RsZQglI/HoP2BbX3epq1I41gk4wUkPwf07PbMQJtfybqAHZErHzAYUBn2PF3/OdN/Z0bF9anW8V7zEbDOjL1mE8cwFnNuA+E8r/+2lxPdB3+4eyKOfeUGyzIt9Qhl8AGzxcF6xiesPUCV/9qTg2RaZo0E6S9IMPZoU8YhVk9IKggErP/3tTzf7RIs7uyvYQMYV0KZLg416sw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; 
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=nsPQsDGLvOyOxa0r6kGVBI3Sis3jKSlIh6nqYFSlUzs=;
 b=GPSlIyEgofkVT7xtkZjYpR9Z/avUbrpnABlOIOJNF6fM/p1wTLJQ+3xFJV1KWIMe1x2+dO/4fw7AKgLuKT+0jKivl8qZDz0ZNOnv/BtixHhZvj8j5+Uomwc0CeLp1Q06Rlg3MgM16HpjBtGUEaGYn8+yZ2ZrJvzqL7Prka7rCVunl1FS+/yKkkN8JsHgHwGCbsxdz7i9NTaD9Cy6sV/5FFOrn01h0aj9QR7+PqzUN5tc2kAXQIufYcl89r9chmXB+ejRMLX/PH19Re1GC/vbHrchBv6RbIH5cuY/tSjKjDZqvUpp+BgKmKnAFpxEVWDhWOzz02sH/83kC0jkxNLlHQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass
 header.d=arm.com; arc=none
Received: from PAWPR08MB8982.eurprd08.prod.outlook.com (2603:10a6:102:33f::20)
 by PAXPR08MB7367.eurprd08.prod.outlook.com (2603:10a6:102:229::22)
 with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5880.10; Fri, 2 Dec
 2022 13:54:19 +0000
Received: from PAWPR08MB8982.eurprd08.prod.outlook.com
 ([fe80::66e4:4940:d096:4f7]) by PAWPR08MB8982.eurprd08.prod.outlook.com
 ([fe80::66e4:4940:d096:4f7%8]) with mapi id 15.20.5880.008; Fri, 2 Dec 2022
 13:54:18 +0000
To: Siddhesh Poyarekar <siddhesh@sourceware.org>
CC: 'GNU C Library' <libc-alpha@sourceware.org>
Subject: [RFC] Supporting malloc_usable_size
Thread-Topic: [RFC] Supporting malloc_usable_size
Thread-Index: AQHZBlKuI87RuAKVvkK05ah4iXYLAQ==
Date: Fri, 2 Dec 2022 13:54:18 +0000
Message-ID: <PAWPR08MB8982296E3D815183195E564683179@PAWPR08MB8982.eurprd08.prod.outlook.com>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
msip_labels: 
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: PAWPR08MB8982:EE_|PAXPR08MB7367:EE_
x-ms-office365-filtering-correlation-id: 51adc438-9281-4b3c-a4c1-08dad46cb538
nodisclaimer: true
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 6Of5Lmr3uL5BbmTTpOt3cTAsREvGi1B0IEPkyp93otu6OkwFVjxqolTsvdD3EOgbIJuU/mV5drtDJgNT7LuZxPLtWFzGjZ+fvIEH4B8ZCokjkGI95HrCK2jUVWIF8LL0BrPPaU+B674pSP+WHc3aG0jxQiOs2sfTgfm1i7wKowfbdf0NAGQX5UQBSNn4r2DbCXSVTk59rnHTA27A5JWAzaM/wyWattEfmss63WcYnJVt37DLB/nj4JqA46UuZU0O5VqpbpFPUZCDSMkwRFkD4BZm4NfSh39E1fUg1UFTfvqLv9g+k3d+WlbGiRN6SKTYeOyVC7gWV4rcXoocXxcMr/p5L6C7pbTpm465ePKcBHU1nHhKEEzh14QFQLYMaQcxr2xYj27ynFvm7d4B7AY8ONn/vvy2x/1N1ybzG4psOCIXdoKR0u2SQr9ENcQNY2dKR8f2x9OY6erdsekD+03tBHV9doHujLH6t+c1BdCksBQbovFLyQlx9nJSni6FXf8RFPwc99N4P8R8edE4Kk6eTBjdx4YJqRI0a9tZh6YXpm8cXbKoiTZ3scEeCPUoe+Drxn7M3Z0I1kbvA6lyd7yrm80lPnzzabHdll1IQNpjoeqOBPo5/JTAvvatC8TWTDM/9VzvoIrmTlXKHsbIYBColjs92f9VOIImnYbbd2LD2Y2M9e8o8Idih2WcJg67hGqRc8VocQjqg8X/oeY2lDmjUA==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:;
 IPV:NLI; SFV:NSPM; H:PAWPR08MB8982.eurprd08.prod.outlook.com; PTR:; CAT:NONE;
 SFS:(13230022)(4636009)(376002)(136003)(346002)(39850400004)(396003)(366004)(451199015)(52536014)(6916009)(8936002)(316002)(33656002)(2906002)(186003)(38100700002)(122000001)(83380400001)(478600001)(86362001)(55016003)(7696005)(6506007)(9686003)(38070700005)(71200400001)(66556008)(66946007)(5660300002)(64756008)(66476007)(41300700001)(66446008)(4326008)(91956017)(450100002)(76116006)(26005)(8676002);
 DIR:OUT; SFP:1101; 
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: =?iso-8859-1?Q?PGR0zJEcnAgwjedcKxXdCMXxFJ0p9Iueoh/qOYmGaYn1Za5oxAFgVxaeGS?=
 =?iso-8859-1?Q?qkaneFyzWX+VtqGgVPlMfnt1sUidzfbeSA1qvqt9a4BqyTDm2bx55pqpww?=
 =?iso-8859-1?Q?DmxreahoDSHm3QTgtmezSXbWCE/YQqA0NM2tstbNCKuxxCepqLURyt3qYR?=
 =?iso-8859-1?Q?ML2SJguNTrV0wn8SyE3oyx8ULNb6bSTbjaWq8lhpU9Zc7fQO/69ICvuOqm?=
 =?iso-8859-1?Q?aviFV5F0XHlXIC0CbT920XPISn7LvG0XY2JQKbAcV5UNT0woW2QlcwjHYX?=
 =?iso-8859-1?Q?MWXLNwCrMLdV8NDMwqZk4hYKZsKOVpKwEu1NzDsOXp+B08+Xeqtr8QwGkK?=
 =?iso-8859-1?Q?i0wJgEv6oG7kDhff1AaZsYfxeMssbqoZraHgiW0hvfaqPrW82ztp8rq9wX?=
 =?iso-8859-1?Q?fluCtj/Z6xc0MI5idgPcFZoIlD2vSwBStHUJY+zXkeFKqQIdMCSLzOmzdG?=
 =?iso-8859-1?Q?znUQXDdQi/D9JQX2VeQ0f+PcE28OL+mUvOjwGRe5KHUEOF+Z5vmuag/WUi?=
 =?iso-8859-1?Q?RkmKjHicGggGVA6KI89rkrXfnIvRQhmGDiYh1K4kkpPxQ9gJ0H/RTGY3uN?=
 =?iso-8859-1?Q?4RnZTuxVcZTo8m7nagT1hBzaTIS8hOAlFBwP9gysaW6z7Bq1wGrcGAWw+D?=
 =?iso-8859-1?Q?/K9M8pAKC/qjNNKA/uIempDn2xMMZ5mGYVpyq7gt5AYSR9Fu+N9NW+s8uH?=
 =?iso-8859-1?Q?rwMjKdujZ8YUQRhSbgd1ZhJXyjyUhnJMI7zW4tXVQTMoZ7FtPoGftIEThw?=
 =?iso-8859-1?Q?J/bfTUL/UnSOxarg7kqtf+qWYenJHyZD5WMRXfISVTurS3xHbf15lr/Jm3?=
 =?iso-8859-1?Q?+3ZM9+0vxq025AiAED1c/ihKYLz8v3AnkJ8FuCBeyAMrCYSdR3CM4MT9iK?=
 =?iso-8859-1?Q?GzvgKWXADnbWw0r2SO8sVfG+oC+DKUkhRCKykNyRxHXKMhw9TJpGAKQjYY?=
 =?iso-8859-1?Q?Ue0p7KuySRMexCEvZZ2TmbAe1mgzOCqsF/f81jTCfW0SA6vA2eX6wWXcAo?=
 =?iso-8859-1?Q?N0ybvdl5JZmVODr50v/awJu6G0Q0RVnsvvxpDi+Dpae5/9Vz7COY1nrhQb?=
 =?iso-8859-1?Q?PtkkANS5ArNKkqcE2h7Ins92ME9bJZYpCF/R5k3GDmTpJV+sKxrYUWgeia?=
 =?iso-8859-1?Q?yi7t0jkCN7ft6JWwStY1gax/D56CLh1/OeV2nAXddQ6blJU4LzSdthHrHb?=
 =?iso-8859-1?Q?HJsfiGcd7PnBUyQrNJJkCFCHd1/R2BdHzWA9+CaZbvSdymnc7sqITQ+c+F?=
 =?iso-8859-1?Q?B0GVmt5mFjxeZHtfHoWBlFySGpJjIVNgNt4/Sx1sI+pYvh8SPSG5NzW4En?=
 =?iso-8859-1?Q?BYdfHvVBNqC/yNL1pmq+0NnOaqI3QFWcpkHqi9Rm7xfm1drpidRtOrwpIF?=
 =?iso-8859-1?Q?LqOXjfm5a+UbTC91vLCsKr2vY8p47EO3safey8/8KoxGApxX8ar+tM5yV8?=
 =?iso-8859-1?Q?vXPX/P4iKZ3BptlfD9ZaBJs7Qdi4SDM0dJhSZFRHfr0UM93bagx6KUUACU?=
 =?iso-8859-1?Q?ujoMlBlL8Xga7veSW8tlwXyONRwMPfH9Ws2QQ/qBQm3KuRWmsZxg9E6oOi?=
 =?iso-8859-1?Q?MQTbv3cUZ+2HeK1p94KQyRBRGSpyUfSoON1YKsT+b7UhT/0zU6TKXv7w1J?=
 =?iso-8859-1?Q?UOaqYVl0mlL5Zl53jR2uvIWvuG7T8ZQJ7S?=
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: PAWPR08MB8982.eurprd08.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 51adc438-9281-4b3c-a4c1-08dad46cb538
X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Dec 2022 13:54:18.7822 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: WuaXNBPs2urlBjVUF/IFB/46MZ6+niUvukqd09k/FYzqW+lALZpQn8NK04apbHmvb+iYXyJdjslHolaKb8bG5w==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PAXPR08MB7367
X-BeenThere: libc-alpha@sourceware.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Libc-alpha mailing list <libc-alpha.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=subscribe>
From: Wilco Dijkstra via Libc-alpha <libc-alpha@sourceware.org>
Reply-To: Wilco Dijkstra <Wilco.Dijkstra@arm.com>
Errors-To: libc-alpha-bounces+e=80x24.org@sourceware.org
Sender: "Libc-alpha" <libc-alpha-bounces+e=80x24.org@sourceware.org>

Hi Siddhesh,=0A=
=0A=
> Not with the current malloc implementation I suppose but I get what you =
=0A=
> mean. =A0Florian had mentioned a similar caveat where a malloc =0A=
> implementation could coalesce adjacent free blocks with the end of an =0A=
> allocated block and change the value of malloc_usable_size at any =0A=
> arbitrary point in time too.=0A=
=0A=
A different allocator might keep track of separate values for requested and=
=0A=
allocated block sizes. Then it could reduce the allocated block size and th=
us=0A=
malloc_usable_size. So unless we clearly specify the guarantees, one has to=
=0A=
assume the malloc_usable_size is unsafe to be used.=0A=
=0A=
> However the man page starts with "Although the excess bytes can be =0A=
> overwritten by the application without ill effects" and maybe that =0A=
> reassurance needs to be dropped.=0A=
=0A=
If we ever allow use of the extra memory returned by malloc_usable_size, th=
e=0A=
implementation *must* be identical to performing a realloc that returns the=
=0A=
original pointer (as in, if we keep track of the actual size passed to mall=
oc, or=0A=
do security stuff like pointer tagging, we must update all that in every=0A=
malloc_usable_size call).=0A=
=0A=
So we could redefine malloc_usable_size in terms of being equivalent to rea=
lloc=0A=
(which will make it more complex and expensive), or say that you must never=
 use=0A=
the extra space and make it a debug-only feature. My preference is the latt=
er=0A=
since we already have realloc, and if we ensure it's efficient, there is no=
 real need=0A=
for user code to ever use a non-standard interface.=0A=
=0A=
Cheers,=0A=
Wilco=