Experimental Physics and
| |||||||||||||||||
|
Of course this means that callocMustSucceed and mallocMustSucceed can return a NULL pointer, which they currently never do..... I understand that position, however I really don't like it. The ?allocMustSucceed() routines were always a bit of a hack to avoid having to check the return value from ?alloc. They are only called in dbStaticLib and the IOC startup code in places where if you run out of memory there's no way you're going to be able to recover and still bring up the IOC, so the only thing you can do is bail out. They do that by printing an error message and suspending the task, thus ensuring that the caller never gets a chance to continue processing. The task suspend is to allow a developer to do a back-trace on the task that failed and thus find the rogue code, in the event that the problem is being caused by a bug rather than a lack of RAM. As an aside, many of the blocks allocated through these routines don't have an associated call to free() at all, thus wondering whether they'll result in a memory leak is a rather futile thing anyway. I view any attempt to use these routines to allocate a zero-sized object as a bug, and as such it should result in the same task suspension that happens if you run out of memory. This is probably the fastest way to ensure that any such bug gets fixed... Here's the implementation I'm planning to commit, which should now be completely portable (calloc is similar, checking both count and size): void * mallocMustSucceed(size_t size, const char *errorMessage) { void * mem = NULL; if (size != 0) mem = malloc(size); if (mem == NULL) { errlogPrintf("%s: mallocMustSucceed(size=%lu) failed\n", errorMessage, (unsigned long)size); cantProceed(0); } return mem; } - Andrew -- * * Matt Santos / / For a Brighter America * *
| ||||||||||||||||
ANJ, 02 Sep 2010 |
·
Home
·
News
·
About
·
Base
·
Modules
·
Extensions
·
Distributions
·
Download
·
· Search · EPICS V4 · IRMIS · Talk · Bugs · Documents · Links · Licensing · |