Runtimes don't support valid NULL-returning calloc implementaitons #60
Description
Alex Cappiello and I worked this out thinking about the VM. It is implementation-defined whether the following code in the bare and c0rt runtime will cause a c0_abort_mem if we are allocating a struct with no fields, because calloc is allowed to return NULL in this case.
c0_pointer c0_alloc(size_t elt_size) {
int* p = calloc(1, elt_size);
if (p == NULL) c0_abort_mem("allocation failed");
return (void *)p;
}
In the safe C0 runtimes (bare and c0rt), a valid implementation of calloc might cause a c0_abort_mem on a struct with zero fields. Even if this was fixed in the obvious way, in order to maintain the desirable property that different allocations result in unequal pointers, size-zero struct allocations must allocate non-zero memory. I think the simplest solution would be to disallow structs with no fields - pedantic C99 appears to do this as well, I was surprised that they were allowed in C0.
Because c0_arrays are allocated as one contiguous block, this is not a problem for arrays of length zero in the safe C0 runtimes, though under the unsafe runtime it is allowed that alloc_array(int, 0) == alloc_array(int, 0) if the calloc implementation returns NULL.
P.S. I'd argue this is also a problem with the xalloc C libraries used for 122 - it shouldn't be a show-stopping error for a malloc or calloc of size 0 to return NULL.