<div class="gmail_quote">On Fri, Jun 10, 2011 at 20:35, Mark Miller <span dir="ltr"><<a href="mailto:miller86@llnl.gov">miller86@llnl.gov</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div id=":ny">I could be totally off-topic here 'cause I haven't followed this thread<br>
in detail. However, my understanding is that no return argument from<br>
ITAPS interface should be trusted (e.g. read) if the returned err code<br>
(in all relevant API calls) is anything other than IBASE_SUCCESS. Is<br>
that the case you're discussing here?<br></div></blockquote><div><br></div><div>We are discussing an iBase_SUCCESS case.</div><div><br></div><div>In the use case I care about, theĀ caller allocates their own memory and *calculates* an expected return length of zero. They call the function, the implementation also computes that zero items are to be returned. All good, but what should the implementation do with the pointer? Regardless of what it does, it's not valid to dereference. But the caller's code knows that (e.g. their loop will run for zero iterations) without any special if statements.</div>
<div><br></div><div>With the current semantics, the pointer is zerod (or set to whatever malloc(0) returns). This is BAD because you just overwrote the caller's pointer that used to point to a zero-length segment of their own array.</div>
<div><br></div><div>I want the implementation to leave the pointer alone.</div><div><br></div><div>The only case where this change is not backward-compatible is if the user wanted the implementation to allocate, did not initialize the pointer, passed in alloc=0, and then called free(ptr) without checking. There is a trivial fix for this: set ptr=0 before calling the function. I believe this also makes the expected semantics more clear to the reader, thus making their code easier to read.</div>
<div><br></div><div>There is no such easy fix for writing into the user's own allocated memory with computed expected Ā length 0. The caller would have to handle the zero-length case explicitly with an if statement. Yuck.</div>
</div>