core: normalize malloc, realloc

[mhdawson]

• make -j4 test (UNIX), or vcbuild test nosign (Windows) passes
• commit message follows commit guidelines

Affected core subsystem(s)

core

malloc(0) and realloc(ptr, 0) have implementation-defined behavior in
that the standard allows them to either return a unique pointer or a
nullptr for zero-sized allocation requests. Normalize by always using
a nullptr.

- Introduce node::malloc, node::realloc and node::calloc that should
  be used throught our source.
- Update all existing node source files to use the new functions
  instead of the native allocation functions.

[mhdawson]

FYI those involved in the original discussion @bnoordhuis, @jasnell, @ChALkeR

[bnoordhuis]

Bleh, I hate this let's-add-more-macros approach. If you want to eradicate malloc(0), move everything over to new / new (std::nothrow). That avoids platform-specific macro magic and it cleans up our inconsistent memory management.

[jasnell]

LGTM with green CI but would prefer @bnoordhuis to be happy with it also.

[bnoordhuis]

I'll work on moving everything over to new[] / delete[].

[mhdawson]

@bnoordhuis is that something you are working now ? Just want to get a feel for whether its the short term fix or not.

[bnoordhuis]

Yes.

[mhdawson]

Just wondering how this is going, want to be sure we have a fix in before LTS is cut for 6.x (still a ways off I know).

[bnoordhuis]

I did some work on it already (and most of that has landed) but fully moving over to new/delete isn't possible short term.

In some places, notably the node::Buffer API, we leak the implementation detail that memory is managed with malloc/free. Since mixing C-style and C++-style dynamic memory is undefined behavior, we're stuck with that for the foreseeable future.

[mhdawson]

Ok so does that mean we sill need to land this PR to resolve the current issues on AIX ?

[mhdawson]

@bnoordhuis you ok with this change given that the move away from malloc/free is a longer term effort or do you have some alternative suggestion ?

[bnoordhuis]

I want to take a slightly different approach. I have some in-progress work that I can PR next week.

[mhdawson]

Ok, thanks.

[mhdawson]

Any update ?

[mhdawson]

@bnoordhuis how close are you to a fix. At this point I think we either need it this week or we land the original PR and then revert once you have a better fix.

[mhdawson]

@Trott do you prefer to land your PR or that I land your commit as part of this one ? The later is probably easier for me but its up to you.

[Trott]

@mhdawson No preference, so GO FOR IT! (And ping me if you change your mind and want me to do it for whatever reason.)

[addaleax]

LGTM, maybe use “src:” as the subsystem prefix for the first commit?

[addaleax]

Also, I don’t want to step on @bnoordhuis’ toes or anything, but I like the general idea here… doing all memory management through node:: methods seems nice to me, it seems like it would make it easier to do things like call isolate->LowMemoryNotification() and retry in case malloc() fails?

[mhdawson]

I don't want to land this today since its probably one that should get is 72hrs and am out on Monday for the Canadian long weekend. I'll plan to land on Tuesday when I'm back.

[mhdawson]

landed as a00ccb0

[Fishrock123]

@mhdawson if you want this on v6.x you'll need to backport unfortunately. I segfaulted when I tried.

[addaleax]

@Fishrock123 This needs to land together with ed640ae, master was broken for one commit there. :/ If you experienced problems even with that included, we’re probably in trouble and, while I know that you’re busy, it might be really good to have some debugging info if you can provide any.

[Fishrock123]

Hmmm, ok will retry.

[Fishrock123]

Looks good with both commits. Thanks!

[mhdawson]

Great to hear :)

[MylesBorins]

@mhdawson should this be backported to v4?

[addaleax]

I don’t think this has to be backported, but if it is, it needs to be backported together with #8572 (and maybe, but not necessarily, #8482).

[mhdawson]

I'm going to say no. We did not see issues in V4.x on AIX as they were introduced with node-inspector (as a side effect) and while this addresses the problem more generally I'd leave 4.X as is until we run into a similar issue in which case we can re-evaluate.